urlscan.io logo urlscan.io
SecurityTrails logo

www.deseret.com Open in urlscan Pro
3.160.196.90  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Submission: On January 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 105 IPs in 10 countries across 80 domains to perform 598 HTTP transactions. The main IP is 3.160.196.90, located in United States and belongs to AMAZON-02, US. The main domain is www.deseret.com. The Cisco Umbrella rank of the primary domain is 213107.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 28th 2023. Valid for: a year.
This is the only time www.deseret.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3.160.196.90 16509 (AMAZON-02)
11 2606:4700:440... 13335 (CLOUDFLAR...)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
26 143.204.98.51 16509 (AMAZON-02)
2 13.32.27.39 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
34 18.66.147.69 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 23.35.237.86 16625 (AKAMAI-AS)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
32 2a00:1450:400... 15169 (GOOGLE)
6 18.66.110.17 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2600:1901:0:7... 396982 (GOOGLE-CL...)
2 35.244.156.29 396982 (GOOGLE-CL...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
6 199.232.196.124 54113 (FASTLY)
1 2600:9000:223... 16509 (AMAZON-02)
4 2620:116:800d... 16509 (AMAZON-02)
1 5 18.66.112.76 16509 (AMAZON-02)
1 65.9.61.60 16509 (AMAZON-02)
4 2001:4860:480... 15169 (GOOGLE)
2 2600:9000:249... 16509 (AMAZON-02)
1 108.138.15.119 16509 (AMAZON-02)
1 146.75.118.132 54113 (FASTLY)
9 2a00:1450:400... 15169 (GOOGLE)
2 99.86.4.128 16509 (AMAZON-02)
2 18.66.138.185 16509 (AMAZON-02)
1 3.5.10.16 14618 (AMAZON-AES)
1 63.34.81.234 16509 (AMAZON-02)
2 2600:9000:223... 16509 (AMAZON-02)
1 18.245.86.113 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 6 108.138.26.63 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
6 64.202.112.223 22075 (AS-OUTBRAIN)
3 23.53.233.193 16625 (AKAMAI-AS)
3 172.64.149.180 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.18.35.167 13335 (CLOUDFLAR...)
12 18.66.97.62 16509 (AMAZON-02)
10 44.197.68.173 14618 (AMAZON-AES)
2 3.20.119.232 16509 (AMAZON-02)
1 52.12.68.237 16509 (AMAZON-02)
1 13.58.98.49 16509 (AMAZON-02)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 34.206.99.162 14618 (AMAZON-AES)
4 35.71.131.137 16509 (AMAZON-02)
2 35.244.193.51 15169 (GOOGLE)
1 18.245.60.100 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
88 2a00:1450:400... 15169 (GOOGLE)
1 23.57.19.78 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 162.19.138.117 16276 (OVH)
34 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
4 161.47.17.28 19994 (RACKSPACE)
14 46.228.174.115 56396 (AMOBEE)
1 13.32.121.35 16509 (AMAZON-02)
3 11 185.89.211.116 29990 (ASN-APPNEX)
1 18.158.30.2 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 69.173.144.137 26667 (RUBICONPR...)
8 21 172.64.151.101 13335 (CLOUDFLAR...)
1 141.95.98.65 16276 (OVH)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 142.250.186.166 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
6 2606:2800:233... 15133 (EDGECAST)
1 23.35.236.201 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 216.52.2.30 32475 (SINGLEHOP...)
2 2404:6800:400... 15169 (GOOGLE)
1 216.52.2.16 30282 (AS-INAPCD...)
12 2602:803:c003... 26667 (RUBICONPR...)
6 2607:f350:3:2... 27630 (AS-XFERNET)
7 52.19.49.194 16509 (AMAZON-02)
7 145.40.97.67 54825 (PACKET)
1 52.48.240.80 16509 (AMAZON-02)
4 184.30.22.30 16625 (AKAMAI-AS)
6 7 69.173.144.165 26667 (RUBICONPR...)
8 39 142.250.186.130 15169 (GOOGLE)
12 142.250.185.194 15169 (GOOGLE)
6 12 35.157.89.79 16509 (AMAZON-02)
2 2 54.145.242.45 14618 (AMAZON-AES)
3 2607:f350:3:2... 27630 (AS-XFERNET)
2 3 18.193.91.20 16509 (AMAZON-02)
2 2 193.0.160.130 54312 (ROCKETFUEL)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 35.244.159.8 396982 (GOOGLE-CL...)
2 23.35.237.56 16625 (AKAMAI-AS)
1 3.75.62.37 16509 (AMAZON-02)
2 217.182.178.233 16276 (OVH)
3 3 18.214.196.3 14618 (AMAZON-AES)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 2 13.32.27.113 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 2 52.46.130.91 16509 (AMAZON-02)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 2607:ae80:192... 26558 (FREEWHEEL)
1 2 52.208.197.4 16509 (AMAZON-02)
1 7 2606:4700::68... 13335 (CLOUDFLAR...)
7 7 213.155.156.183 1299 (TWELVE99 ...)
7 7 37.157.2.230 198622 (ADFORM)
6 35.227.252.103 15169 (GOOGLE)
13 18.66.122.16 16509 (AMAZON-02)
598 105
3    3.160.196.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-196-90.mrs52.r.cloudfront.net
www.deseret.com
11    2606:4700:4400::6812:2894 (United States)

ASN13335 (CLOUDFLARENET, US)
cookie-cdn.cookiepro.com
4    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
p.typekit.net
26    143.204.98.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-51.fra50.r.cloudfront.net
deseret.brightspotcdn.com
2    13.32.27.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-39.fra56.r.cloudfront.net
htlbid.com
9    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
34    18.66.147.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-69.fra60.r.cloudfront.net
tagan.adlightning.com
3    2606:4700:10::6816:1971 (United States)

ASN13335 (CLOUDFLARENET, US)
uploads.deseret.com
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
5    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
32    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
6    18.66.110.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-110-17.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2600:1901:0:7a38::1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
restrainstorm.com
2    35.244.156.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.156.244.35.bc.googleusercontent.com
deseretnews.coral.coralproject.net
4    2606:4700:10::6816:1871 (United States)

ASN13335 (CLOUDFLARENET, US)
api.deseret.com
uploads.deseret.com
6    199.232.196.124 (United States)

ASN54113 (FASTLY, US)
cdn.vox-cdn.com
1    2600:9000:223f:5c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
5    18.66.112.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-76.fra56.r.cloudfront.net
sb.scorecardresearch.com
1    65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net
cdn.parsely.com
4    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2600:9000:2491:5a00:0:6f3c:65c0:21 (United States)

ASN16509 (AMAZON-02, US)
d1vg5xiq7qffdj.cloudfront.net
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
1    146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
mv.outbrain.com
9    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com
e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
2    99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
2    18.66.138.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-138-185.fra60.r.cloudfront.net
aax.amazon-adsystem.com
1    3.5.10.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com
ams-pageview-public.s3.amazonaws.com
1    63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
p1.parsely.com
2    2600:9000:223c:7200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    18.245.86.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-113.fra60.r.cloudfront.net
js.gumgum.com
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
3    2606:4700::6811:2b8 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
6    108.138.26.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-63.fra56.r.cloudfront.net
embed.sendtonews.com
embedcdn.sendtonews.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
6    64.202.112.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
3    23.53.233.193 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-53-233-193.deploy.static.akamaitechnologies.com
images.outbrainimg.com
3    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
3    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
12    18.66.97.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-62.fra56.r.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
10    44.197.68.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-68-173.compute-1.amazonaws.com
s2l.sendtonews.com
2    3.20.119.232 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-119-232.us-east-2.compute.amazonaws.com
www.mirabelanalytics.com
1    52.12.68.237 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-68-237.us-west-2.compute.amazonaws.com
app.mirabelsmarketingmanager.com
1    13.58.98.49 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-98-49.us-east-2.compute.amazonaws.com
api.emailsnow.info
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    34.206.99.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-99-162.compute-1.amazonaws.com
id.sv.rkdms.com
4    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
2    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
1    18.245.60.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-100.fra60.r.cloudfront.net
player.sendtonews.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
88    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
pubads.g.doubleclick.net
1    23.57.19.78 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-19-78.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
34    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    161.47.17.28 (United States)

ASN19994 (RACKSPACE, US)
saambaa.com
api.saambaa.com
14    46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)
targeting.unrulymedia.com
1    13.32.121.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-35.fra60.r.cloudfront.net
hb.undertone.com
11    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    18.158.30.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-30-2.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
21    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
2    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
2    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
ad.doubleclick.net
1    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
6    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdn.saambaa.com
saambaa-static.azureedge.net
1    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
7    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    2404:6800:4005:81b::2003 (Hong Kong)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    216.52.2.16 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
12    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    2607:f350:3:2569:0:10:0:200a (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
7    52.19.49.194 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-49-194.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
7    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    52.48.240.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-240-80.eu-west-1.compute.amazonaws.com
g2.gumgum.com
4    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
39    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
12    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads4.g.doubleclick.net
12    35.157.89.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-89-79.eu-central-1.compute.amazonaws.com
d.adtriba.com
2    54.145.242.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-242-45.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    2607:f350:3:2569:0:10:0:c (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    18.193.91.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-91-20.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
1    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    217.182.178.233 (France)

ASN16276 (OVH, FR)
PTR: ip233.ip-217-182-178.eu
rtb-csync.smartadserver.com
3    18.214.196.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-196-3.compute-1.amazonaws.com
i.liadm.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
2    13.32.27.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-113.fra56.r.cloudfront.net
live.rezync.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    2607:ae80:192:1::173 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
2    52.208.197.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-197-4.eu-west-1.compute.amazonaws.com
dpm.demdex.net
7    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
7    213.155.156.183 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
7    37.157.2.230 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
13    18.66.122.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-16.fra60.r.cloudfront.net
saambaa-deseret-tagan.adlightning.com
Apex Domain
Subdomains		 Transfer
129 googlesyndication.com
46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
1021 KB
87 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
pubads.g.doubleclick.net — Cisco Umbrella Rank: 357
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
ad.doubleclick.net — Cisco Umbrella Rank: 199
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677
705 KB
47 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 3891
saambaa-deseret-tagan.adlightning.com — Cisco Umbrella Rank: 374053
1 MB
26 brightspotcdn.com
deseret.brightspotcdn.com — Cisco Umbrella Rank: 134489
1 MB
24 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1222
fastlane.rubiconproject.com — Cisco Umbrella Rank: 791
eus.rubiconproject.com — Cisco Umbrella Rank: 951
token.rubiconproject.com — Cisco Umbrella Rank: 744
pixel.rubiconproject.com — Cisco Umbrella Rank: 620
35 KB
21 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 757
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796
15 KB
17 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 19273
embedcdn.sendtonews.com — Cisco Umbrella Rank: 22328
s2l.sendtonews.com — Cisco Umbrella Rank: 19393
player.sendtonews.com — Cisco Umbrella Rank: 24073
406 KB
14 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 1418
1 KB
14 cloudfront.net
d1vg5xiq7qffdj.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
2 MB
12 adtriba.com
d.adtriba.com — Cisco Umbrella Rank: 55618
4 KB
12 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 359
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925
aax.amazon-adsystem.com — Cisco Umbrella Rank: 464
s.amazon-adsystem.com — Cisco Umbrella Rank: 398
154 KB
12 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2247
widget-pixels.outbrain.com — Cisco Umbrella Rank: 4787
mv.outbrain.com — Cisco Umbrella Rank: 2838
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 7781
115 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
8 KB
11 cookiepro.com
cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 10758
168 KB
10 deseret.com
www.deseret.com — Cisco Umbrella Rank: 213107
uploads.deseret.com — Cisco Umbrella Rank: 273388
api.deseret.com — Cisco Umbrella Rank: 277927
213 KB
9 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 4534
sync.go.sonobi.com — Cisco Umbrella Rank: 1696
7 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 6
2 KB
9 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
547 KB
8 openx.net
us-u.openx.net — Cisco Umbrella Rank: 930
rtb.openx.net — Cisco Umbrella Rank: 1007
962 B
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 998
ce.lijit.com — Cisco Umbrella Rank: 1432
6 KB
8 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 407
447 KB
7 adform.net
c1.adform.net — Cisco Umbrella Rank: 1001
5 KB
7 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 7787
2 KB
7 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1559
s.tribalfusion.com — Cisco Umbrella Rank: 3590
4 KB
7 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1119
1 KB
7 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 1057
1 KB
6 saambaa.com
saambaa.com — Cisco Umbrella Rank: 32445
cdn.saambaa.com — Cisco Umbrella Rank: 37899
api.saambaa.com — Cisco Umbrella Rank: 37641
373 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1695
21 KB
6 vox-cdn.com
cdn.vox-cdn.com — Cisco Umbrella Rank: 25455
422 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
imasdk.googleapis.com — Cisco Umbrella Rank: 639
370 KB
5 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4701
cdnjs.cloudflare.com — Cisco Umbrella Rank: 395
37 KB
5 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 2259
match.adsrvr.org — Cisco Umbrella Rank: 594
insight.adsrvr.org — Cisco Umbrella Rank: 1095
3 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 274
1 KB
4 azureedge.net
saambaa-static.azureedge.net — Cisco Umbrella Rank: 65883
123 KB
4 gstatic.com
fonts.gstatic.com
csi.gstatic.com
144 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 2137
pixel.quantserve.com — Cisco Umbrella Rank: 1736
20 KB
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1107
p.typekit.net — Cisco Umbrella Rank: 1464
77 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 979
2 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
1 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2163
a.ad.gt — Cisco Umbrella Rank: 2414
5 KB
3 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1919
lexicon.33across.com — Cisco Umbrella Rank: 2501
5 KB
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1067
cdn.indexww.com — Cisco Umbrella Rank: 2632
13 KB
3 outbrainimg.com
images.outbrainimg.com — Cisco Umbrella Rank: 3128
654 KB
3 restrainstorm.com
restrainstorm.com — Cisco Umbrella Rank: 362942
24 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 313
1 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2302
1 KB
2 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004
326 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 2019
326 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 809
883 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1485
2 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1274
2 KB
2 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 766
ads.pubmatic.com — Cisco Umbrella Rank: 811
78 KB
2 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1474
idsync.rlcdn.com — Cisco Umbrella Rank: 764
449 B
2 mirabelanalytics.com
www.mirabelanalytics.com — Cisco Umbrella Rank: 308361
23 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1218
id5-sync.com — Cisco Umbrella Rank: 658
29 KB
2 gumgum.com
js.gumgum.com — Cisco Umbrella Rank: 7595
g2.gumgum.com — Cisco Umbrella Rank: 2297
41 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1945
1 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 4472
p1.parsely.com — Cisco Umbrella Rank: 3579
25 KB
2 coralproject.net
deseretnews.coral.coralproject.net — Cisco Umbrella Rank: 367506
31 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
187 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
89 KB
2 htlbid.com
htlbid.com — Cisco Umbrella Rank: 13794
102 KB
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 958
653 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2957
423 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 2160
416 B
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
125 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 438
4 KB
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 991
605 B
1 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 5043
519 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1338
275 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2313
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1623
17 KB
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 8684
231 B
1 emailsnow.info
api.emailsnow.info — Cisco Umbrella Rank: 207422
263 B
1 mirabelsmarketingmanager.com
app.mirabelsmarketingmanager.com — Cisco Umbrella Rank: 198523
53 KB
1 amazonaws.com
ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 15861
460 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 988
482 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 950
295 B
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 79
2 KB
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
598 80
Domain Requested by
86 pagead2.googlesyndication.com imasdk.googleapis.com
46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com
tagan.adlightning.com
tpc.googlesyndication.com
www.deseret.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
39 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
34 tpc.googlesyndication.com 46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com
tagan.adlightning.com
e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
34 tagan.adlightning.com www.deseret.com
tagan.adlightning.com
46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com
e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
26 deseret.brightspotcdn.com www.deseret.com
deseret.brightspotcdn.com
17 securepubads.g.doubleclick.net htlbid.com
tagan.adlightning.com
securepubads.g.doubleclick.net
15 googleads.g.doubleclick.net 46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com
tagan.adlightning.com
e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
14 targeting.unrulymedia.com embed.sendtonews.com
tagan.adlightning.com
13 saambaa-deseret-tagan.adlightning.com tagan.adlightning.com
12 d.adtriba.com 6 redirects e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
12 googleads4.g.doubleclick.net tagan.adlightning.com
12 fastlane.rubiconproject.com tagan.adlightning.com
12 d29xw9s9x32j3w.cloudfront.net www.deseret.com
embed.sendtonews.com
11 ib.adnxs.com 3 redirects embed.sendtonews.com
tagan.adlightning.com
googleads.g.doubleclick.net
11 cookie-cdn.cookiepro.com www.deseret.com
cookie-cdn.cookiepro.com
10 s2l.sendtonews.com embed.sendtonews.com
9 www.google.com 46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com
tagan.adlightning.com
e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
9 www.googletagservices.com www.deseret.com
tagan.adlightning.com
46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com
e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
8 ssum-sec.casalemedia.com 6 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
8 s0.2mdn.net imasdk.googleapis.com
46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com
e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
tagan.adlightning.com
7 c1.adform.net 7 redirects
7 d5p.de17a.com 7 redirects
7 e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
7 prebid.a-mo.net tagan.adlightning.com
7 ads.yieldmo.com tagan.adlightning.com
7 ap.lijit.com tagan.adlightning.com
7 htlb.casalemedia.com embed.sendtonews.com
tagan.adlightning.com
6 pixel.rubiconproject.com 6 redirects
6 rtb.openx.net e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
6 a.tribalfusion.com 1 redirects e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
6 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
6 apex.go.sonobi.com tagan.adlightning.com
6 mcdp-nydc1.outbrain.com widgets.outbrain.com
6 cdn.vox-cdn.com www.deseret.com
6 c.amazon-adsystem.com htlbid.com
c.amazon-adsystem.com
embed.sendtonews.com
5 embed.sendtonews.com 1 redirects www.deseret.com
embed.sendtonews.com
5 sb.scorecardresearch.com 1 redirects www.deseret.com
5 uploads.deseret.com www.deseret.com
www.googletagmanager.com
uploads.deseret.com
4 eus.rubiconproject.com embed.sendtonews.com
eus.rubiconproject.com
tagan.adlightning.com
4 saambaa-static.azureedge.net
4 www.google-analytics.com www.googletagmanager.com
www.deseret.com
cdn.jsdelivr.net
4 widgets.outbrain.com www.deseret.com
tagan.adlightning.com
3 i.liadm.com 3 redirects
3 x.bidswitch.net 2 redirects
3 sync.go.sonobi.com
3 match.adsrvr.org js-sec.indexww.com
ssum-sec.casalemedia.com
3 fonts.googleapis.com embed.sendtonews.com
tagan.adlightning.com
3 images.outbrainimg.com www.deseret.com
3 challenges.cloudflare.com 1 redirects www.deseret.com
tagan.adlightning.com
3 restrainstorm.com www.deseret.com
restrainstorm.com
3 use.typekit.net www.deseret.com
use.typekit.net
3 www.deseret.com deseret.brightspotcdn.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 live.rezync.com 2 redirects
2 rtb-csync.smartadserver.com googleads.g.doubleclick.net
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 creativecdn.com 2 redirects
2 p.rfihub.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 csi.gstatic.com imasdk.googleapis.com
2 api.saambaa.com tagan.adlightning.com
saambaa.com
2 cdn.saambaa.com tagan.adlightning.com
2 ad.doubleclick.net tagan.adlightning.com
2 id.hadron.ad.gt cdn.hadronid.net
2 saambaa.com tagan.adlightning.com
www.deseret.com
2 pubads.g.doubleclick.net embed.sendtonews.com
imasdk.googleapis.com
2 fonts.gstatic.com fonts.googleapis.com
2 lexicon.33across.com cdn-ima.33across.com
embed.sendtonews.com
2 www.mirabelanalytics.com d1vg5xiq7qffdj.cloudfront.net
www.deseret.com
2 imasdk.googleapis.com tagan.adlightning.com
2 cdnjs.cloudflare.com tagan.adlightning.com
embed.sendtonews.com
2 js-sec.indexww.com tagan.adlightning.com
2 region1.google-analytics.com www.googletagmanager.com
2 pixel.quantserve.com www.deseret.com
2 rules.quantcount.com secure.quantserve.com
tagan.adlightning.com
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 config.aps.amazon-adsystem.com tagan.adlightning.com
c.amazon-adsystem.com
2 46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
2 d1vg5xiq7qffdj.cloudfront.net tagan.adlightning.com
2 secure.quantserve.com www.googletagmanager.com
tagan.adlightning.com
2 api.deseret.com deseret.brightspotcdn.com
uploads.deseret.com
2 deseretnews.coral.coralproject.net www.deseret.com
deseretnews.coral.coralproject.net
2 www.googletagmanager.com www.deseret.com
www.googletagmanager.com
2 connect.facebook.net www.deseret.com
connect.facebook.net
2 htlbid.com www.deseret.com
1 s.tribalfusion.com e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 idsync.rlcdn.com ssum-sec.casalemedia.com
1 d.turn.com 1 redirects
1 ups.analytics.yahoo.com googleads.g.doubleclick.net
1 token.rubiconproject.com eus.rubiconproject.com
1 g2.gumgum.com js.gumgum.com
1 ce.lijit.com tagan.adlightning.com
1 insight.adsrvr.org tagan.adlightning.com
1 cdn.jsdelivr.net tagan.adlightning.com
1 ads.pubmatic.com tagan.adlightning.com
1 a.ad.gt cdn.hadronid.net
1 id5-sync.com cdn.id5-sync.com
1 prebid-server.rubiconproject.com embed.sendtonews.com
1 hbopenbid.pubmatic.com embed.sendtonews.com
1 tlx.3lift.com embed.sendtonews.com
1 hb.undertone.com embed.sendtonews.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cdn.hadronid.net www.deseret.com
1 secure.cdn.fastclick.net www.deseret.com
1 player.sendtonews.com embed.sendtonews.com
1 id.sv.rkdms.com js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
1 api.emailsnow.info www.deseret.com
1 app.mirabelsmarketingmanager.com d1vg5xiq7qffdj.cloudfront.net
1 cdn-ima.33across.com tagan.adlightning.com
1 embedcdn.sendtonews.com www.deseret.com
1 cdn.id5-sync.com tagan.adlightning.com
1 js.gumgum.com tagan.adlightning.com
1 p1.parsely.com www.deseret.com
1 ams-pageview-public.s3.amazonaws.com www.deseret.com
1 mv.outbrain.com tagan.adlightning.com
1 js.adsrvr.org www.googletagmanager.com
1 cdn.parsely.com www.googletagmanager.com
1 widget-pixels.outbrain.com www.deseret.com
1 static.adsafeprotected.com www.deseret.com
1 geolocation.onetrust.com cookie-cdn.cookiepro.com
1 p.typekit.net use.typekit.net
1 www.youtube.com www.deseret.com
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
598 129
Subject Issuer Validity Valid
origin.deseret.production.chorus.brightspot.cloud
Amazon RSA 2048 M03		 2023-12-28 -
2025-01-26		 a year crt.sh
cookiepro.com
Cloudflare Inc ECC CA-3		 2023-03-20 -
2024-03-19		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-21 -
2024-10-21		 a year crt.sh
htlbid.com
Amazon RSA 2048 M01		 2023-09-21 -
2024-10-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-20 -
2024-01-18		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
restrainstorm.com
R3		 2024-01-09 -
2024-04-08		 3 months crt.sh
deseretnews.coral.coralproject.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.vox-cdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-10-19 -
2024-11-19		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
*.gumgum.com
Amazon RSA 2048 M02		 2023-08-13 -
2024-09-09		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh
sendtonews.com
Amazon RSA 2048 M02		 2023-10-22 -
2024-11-19		 a year crt.sh
*.outbrainimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-03 -
2025-01-03		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.sendtonews.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-16		 a year crt.sh
app1.mirabelanalytics.com
Go Daddy Secure Certificate Authority - G2		 2023-01-17 -
2024-02-14		 a year crt.sh
*.mirabelsmarketingmanager.com
Go Daddy Secure Certificate Authority - G2		 2023-10-04 -
2024-10-13		 a year crt.sh
api.emailsnow.info
R3		 2023-11-21 -
2024-02-19		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
rkdms.com
Amazon RSA 2048 M03		 2023-10-04 -
2024-11-01		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-12-03 -
2024-03-02		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.saambaa.com
Go Daddy Secure Certificate Authority - G2		 2023-04-03 -
2024-05-04		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.undertone.com
Amazon RSA 2048 M02		 2023-08-03 -
2024-08-30		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
a.ad.gt
E1		 2023-12-12 -
2024-03-11		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-07-16 -
2024-07-16		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2023-12-07 -
2025-01-07		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.a-mo.net
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh

This page contains 50 frames:

Primary Page: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Frame ID: 34DB79825C0104A224A4D7EBDDC51680
Requests: 173 HTTP requests in this frame

Frame: https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DE8E314D98C1FFF03C8288BDC085C3A2
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Frame ID: 69FD595414A7253353ED78106132A5FE
Requests: 5 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/crp28/0x4AAAAAAAA2pgcWAmjzIY_M/auto/normal
Frame ID: CB11598B76E67A1D5ED9DD1C51BD6ED5
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: 9A527C7FB2B44BB2F80CB50EFC6E4F76
Requests: 22 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: 5CBDCEB48BC97DFF5EC478E7DD470F49
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5D8318868EB6D281D1550FC809C7CB2C
Requests: 1 HTTP requests in this frame

Frame: https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 48CC66AE649A38B81FD5FD39BA9699AD
Requests: 16 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Frame ID: 7F4F4BB122E4071655551B9A2F90F55F
Requests: 102 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhiTi5n0ATAB&v=APEucNXYO5GDZdCoVmqGHIm9PlCSl4gxp9wEJ9rAaT3FNWTkVse11HY0xOyPtPgHKskSqQ21hsj9on43DOmR4rkOt_dZtbii_A
Frame ID: C76E54ED5253BBF09FA45DEC18CEDA40
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 528E9412E873D78765148F63A443F2B1
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: 472C274DA06D638F8B320620A3F7B08D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6200089548495652&output=html&adk=1812271804&adf=3279755405&lmt=1704979961&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704979961042&bpp=5&bdt=1866&idt=207&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&cookie=ID%3D4b0742be3c1d7fc0%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_Mbs4rw_CKJhjAJvo6h35at8qhUi2Q&gpic=UID%3D00000d3f76510e2f%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_MavKhLTXflWEFLNeuE1r7_8Dk1UXA&nras=1&correlator=7200322596148&frm=23&ife=4&pv=2&ga_vid=1939213249.1704979961&ga_sid=1704979961&ga_hid=1520196801&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=14802008&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C44809004%2C95320868%2C95320890&oid=2&pvsid=2122274307583474&tmod=157605140&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.z69nj3xlobhs&fsb=1&dtd=245
Frame ID: FF39DD46BAC0DCD89A9F6C0E495B7484
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=63l7ij2&ref=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&upid=5v8nc1s&upv=1.1.0
Frame ID: A2E380F0C3CA1D482EE2CF3E849AF160
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: A5936E431B28B0AF32A26FE385A8F8AD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E5257F83535F733A4E9997241BBB5220
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1B8DC7A57468898AA2E588C1BE43ABBD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3CC794A2222F4DD28AE64C856BE98EDD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8B4F923B1385C31AA94047E717D80E3D
Requests: 2 HTTP requests in this frame

Frame: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: DFE1488180B2DAA22C9304E576795D1B
Requests: 1 HTTP requests in this frame

Frame: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D655EC4544E7EB2B7AC34743B18B65A8
Requests: 37 HTTP requests in this frame

Frame: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0BD1683024844E093F73AED719F06794
Requests: 24 HTTP requests in this frame

Frame: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7AEDAB968A694B6F0CB1C9BA562E09CB
Requests: 24 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1DF4EFD34E503A1B2F62C898B94BEF50
Requests: 3 HTTP requests in this frame

Frame: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E35D3F91557B9C96856A11738A68FC0B
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNWVN8FwoHSJheThQxF0OUmDZhP_VbGxU_QfxD2homIq37F1JSldOLxd-RV8dyBl1QG3Q2xC-ee3wxwP0xyPLf5PjJp8DqhxhMIYG3Jq-CBLpE8DxhrKnDWbju2ErouqYzZa28CRDKBPH_HS3jI09AHqWlStwkV9GFvLikADIm2qDQ5MAtg
Frame ID: B9764B3C7CBA958F0AAAE11C333EBE2B
Requests: 5 HTTP requests in this frame

Frame: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E362BB37049238B335724C30BDD846CA
Requests: 24 HTTP requests in this frame

Frame: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 9009483F25851CE3D088858C1D7534C1
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNWfvzzb3GkDD8EnlW33QiQH_N_oRiCRWWQEbgpp7nENoHNCH-obzTxlqrLnFCB0lWUINUj-SgEZ4KBoKGUZaQFniRUkla5NmcekgUoKWQrqQQGJ4Et2IaMdGYXMqrwgtJko66a7ciTP8MQLozLk091pltgGBSupd4hmdM4xbkGK6h-0wPw
Frame ID: 40040CA2D20B046721DABFA12167545D
Requests: 5 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 7F08F1931E851992097CB53B8B1F4C9D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A63EC3681945BB58E7E4E53123C2FABA
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: E28C796A08FD1DF6B1DC93C6EEBA1947
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8FAF71A58F4037A6507C5E7FD1E443B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNVof6UV42E9Bwr_H8fAuC4xfMwVrFV38fvjtGecylLsukktpGB6xUQm60eQjjMWATStSu3d6JCTuMeRd0RkYJ5ANC8FR-k7o_S-uYAAaM9KfuT82MMCUpA8rs5mgoCQuhGXHd1sK52bkWhiQhuWbMzVbkLItbkotQQgYF959nETJ5Yx9bI
Frame ID: 89D0EF784A3CD260CFEA7361C120A828
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNUIoOinYmo4Vyi0OH1UOucqWFVSGqaQ6uAlVw2eHYUnSL9OBC5KYPcUazAnDlSQOj56FiN6I9K8xkRDjX15tSiMeaLvkbdJzMiVeeW5FPvt0qwlzDdRir0cmw7zO_icsQhfF_jFZebQE-c2-uS7x0zjD_i3pL2LrJECA9zumYzP_hKH-S0
Frame ID: BFBB9304E2526F81A4EE1108044EC967
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B1D59AD008B757D8DA504869099DA09F
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 01B8A4C922CBD92503EDF18826A0C17D
Requests: 8 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5A5714F967841732C142E69412AEF9E2
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F6C151A08DC222915302B5A0F147F513
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1D40947D84C8312D504CB9E6B44DB657
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7530FFDD4A634B55300A6C2898BF56F1
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNVJEd2IJlsm3Mu8PQyyAr19W4o2vVaYfKQkA-cBb6exfLrQKlgrYHTvZeQ0qyD5o-JrCkU1vJtqFSVWXxG41XUqKukbhoWp8250qdHvi_yftTWkwVCSm_vfjySZhPMxbkMOeEDB0kUgd1WWnQ_AfoZxyTmWTw5_X-2lAl-b4gzcDwJxapE
Frame ID: 25DBE71AEA4A8EBCD03375FDC094FA2D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNXYs1h8iNiiJnEj_GOdVuXkjbiIr7s5BVl2do3KUraOfrUi-5A9OLrzL9bZTKbNhls9lrXjJEVAwZkbYwn8x0cMGreTkcTvJLi9GtbOCpEB2rfsTn9T0jpe9VfJv-5LHMJMbnZNjLTUeequvXgBkQiXeGhYau73hoJ0er4brprZQpuVfzE
Frame ID: 46FB447A5DAA9F5BC5644F0968E8FB3C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 93569EBFD62DE31E1A1B4950DA5A59F9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8180754C74494D44F0BB0F6861FB590B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F5BF84D1E7F34646D6F863E03FE5FF3F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 018F3AB96197B5728E79DE967A161DE2
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 77AF19C6162DBF9A928AE8AA8E4D746A
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0F484404EB4DB485AD63BD406F101A0B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 75E60570C9316B5B2BF2212DBF0165E7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Trump barred from give closing argument in NYC civil fraud trial - Deseret NewsclockCST_Back ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

598
Requests

91 %
HTTPS

35 %
IPv6

80
Domains

129
Subdomains

105
IPs

10
Countries

11636 kB
Transfer

23128 kB
Size

66
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=cf__reactTurnstileOnLoad&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/c8377512/api.js?onload=cf__reactTurnstileOnLoad&render=explicit
Request Chain 106
  • https://embed.sendtonews.com/player3/embedcode.js?fk=DXzBc7p4&cid=9773&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right HTTP 302
  • https://embedcdn.sendtonews.com/easy-stn-player/7.29.5-Z/embed.js
Request Chain 249
  • https://sb.scorecardresearch.com/c2/16033947/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 393
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKs2fJsrClfdOtF2AYI-qAY&google_cver=1
Request Chain 394
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ-t-V3Fy.E6onXiEaSO-QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKs2fJsrClfdOtF2AYI-qAY&google_cver=1&google_hm=2
Request Chain 395
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFOyLXNnkLJsGB-GWgeAus4&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFOyLXNnkLJsGB-GWgeAus4%26google_cver%3D1
Request Chain 396
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA3ODE1MTMwMzM2MTAyMjQ3MQ%3D%3D
Request Chain 406
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698503&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
  • https://d.adtriba.com/px.gif
Request Chain 412
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=82NyhbR3XSNH7Pjg59tfMFD_B2w
Request Chain 413
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=7e84d570-b5f1-4b55-a3fb-620e7bbe6f6a&google_hm=N2U4NGQ1NzAtYjVmMS00YjU1LWEzZmItNjIwZTdiYmU2ZjZh HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIwHGGAlD-k2uwNytzq3rxg&google_cver=1&ssp=sonobi&bsw_param=7e84d570-b5f1-4b55-a3fb-620e7bbe6f6a
Request Chain 414
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5134455423267875852
Request Chain 415
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=Eg8lbhfCY5AZYmrVGk6wVGFHDlZQgXsE39GUDQMQk3E&pi=sonobi&tc=1
Request Chain 417
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELSq_BD6EkWhIr-aoDc0tBA&google_cver=1
Request Chain 419
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEL6wPrKVTieRmACC4uXWkwI&google_cver=1
Request Chain 456
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698503&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
  • https://d.adtriba.com/px.gif
Request Chain 459
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOPeyX-iF9Xlzc0O6ZPhxUg&google_cver=1
Request Chain 463
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKhaQzwMihnHbMniE13OIcQ&google_cver=1
Request Chain 473
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698503&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
  • https://d.adtriba.com/px.gif
Request Chain 479
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698503&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
  • https://d.adtriba.com/px.gif
Request Chain 483
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZ-t-V3Fy.E6onXiEaSO-QAA%263361&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZ-t-V3Fy.E6onXiEaSO-QAA%263361&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=a1ad907eaccb4d1da8e615e3fd005338 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8010591416803421536 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a1ad907e-accb-4d1d-a8e6-15e3fd005338 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=dc199543-d2cc-4d7a-ae99-bc04965e7d44%3A1704979968.8926263&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Ddc199543-d2cc-4d7a-ae99-bc04965e7d44%253A1704979968.8926263%26_%3D1704979968.895723&cb=1704979968.8957555 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455423267875852&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Ddc199543-d2cc-4d7a-ae99-bc04965e7d44%253A1704979968.8926263%26_%3D1704979968.895723 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=dc199543-d2cc-4d7a-ae99-bc04965e7d44%3A1704979968.8926263&_=1704979968.895723
Request Chain 484
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_cver=1
Request Chain 485
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 486
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720704768&external_user_id=3147a909-c7ce-4f38-a409-c19d0dce6191
Request Chain 488
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZZ-t-V3Fy.E6onXiEaSO-QAA%263361?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZZ-t-V3Fy.E6onXiEaSO-QAA%263361
Request Chain 489
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=82NyhbR3XSNH7Pjg59tfMFD_B2w
Request Chain 495
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENEXVcTLHRmfv7OAmXhjipQ&google_cver=1&google_push=AXcoOmQ59kguYWQU94-xIEDffwedHgsbuNo8ZP48W-qX-EzU5QZoBbEzs_v1t-QE-PoPKDxrUAAQr_61byTApSiMOXmLjWmV5y-H&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ59kguYWQU94-xIEDffwedHgsbuNo8ZP48W-qX-EzU5QZoBbEzs_v1t-QE-PoPKDxrUAAQr_61byTApSiMOXmLjWmV5y-H%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENEXVcTLHRmfv7OAmXhjipQ&google_cver=1&google_push=AXcoOmQ59kguYWQU94-xIEDffwedHgsbuNo8ZP48W-qX-EzU5QZoBbEzs_v1t-QE-PoPKDxrUAAQr_61byTApSiMOXmLjWmV5y-H&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ59kguYWQU94-xIEDffwedHgsbuNo8ZP48W-qX-EzU5QZoBbEzs_v1t-QE-PoPKDxrUAAQr_61byTApSiMOXmLjWmV5y-H%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 496
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMqsDO9Ix66E1foAqwAT3cc&google_cver=1&google_push=AXcoOmSlwFOPkxSTGw7iNOoD_afZwHvzjIGnaQ_BTzgsRSHw071o73o05QxHJN_KJyz0abB4L55fn-mHTlCNaPdH-qqO8fEceMG9 HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMqsDO9Ix66E1foAqwAT3cc&google_cver=1&google_push=AXcoOmSlwFOPkxSTGw7iNOoD_afZwHvzjIGnaQ_BTzgsRSHw071o73o05QxHJN_KJyz0abB4L55fn-mHTlCNaPdH-qqO8fEceMG9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSlwFOPkxSTGw7iNOoD_afZwHvzjIGnaQ_BTzgsRSHw071o73o05QxHJN_KJyz0abB4L55fn-mHTlCNaPdH-qqO8fEceMG9
Request Chain 497
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIQtaOBciiNf0zHVztw9jtA&google_cver=1&google_push=AXcoOmQ9DduDUwcpVLwwt6q1LXeCtQbH2-VG3uTX1vez-kvfhkyonTdFoDRvxk4Uy_VZiNrBdl2eL6WL1OTC1Cv9rD_EbqAltv4 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIQtaOBciiNf0zHVztw9jtA&google_cver=1&google_push=AXcoOmQ9DduDUwcpVLwwt6q1LXeCtQbH2-VG3uTX1vez-kvfhkyonTdFoDRvxk4Uy_VZiNrBdl2eL6WL1OTC1Cv9rD_EbqAltv4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmQ9DduDUwcpVLwwt6q1LXeCtQbH2-VG3uTX1vez-kvfhkyonTdFoDRvxk4Uy_VZiNrBdl2eL6WL1OTC1Cv9rD_EbqAltv4
Request Chain 499
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ4UWcTFm6mn0-RBWMZCHno&google_cver=1&google_push=AXcoOmSIzLlgi5eal4yIfzIjIhY_JK1lPinCFbt9QXX3W-iwqxxho4gyBZ-22IXeJC8HvKT8Y3RcdKM7iG45vK11ej24wMSyA6Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmSIzLlgi5eal4yIfzIjIhY_JK1lPinCFbt9QXX3W-iwqxxho4gyBZ-22IXeJC8HvKT8Y3RcdKM7iG45vK11ej24wMSyA6Q
Request Chain 500
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_cver=1&google_push=AXcoOmRGUL0KbLE9moeDGMkaPwc8uQe8HNBT4qrr62buE48AGiNrk42Rm0Dbw-2XStMBTMg4kwoweYbKqo8EFKVOoCSRAiNxF8s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmRGUL0KbLE9moeDGMkaPwc8uQe8HNBT4qrr62buE48AGiNrk42Rm0Dbw-2XStMBTMg4kwoweYbKqo8EFKVOoCSRAiNxF8s
Request Chain 517
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMqsDO9Ix66E1foAqwAT3cc&google_cver=1&google_push=AXcoOmSIvv8pIkhAnXZ73bXXOFyR-_kK6q3SVBicmLwJHJqJTSCYIqBk-2SHwAQuP70QPz9YULRY1wDWAH1Ts5i8fbKlC3PJKzWe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSIvv8pIkhAnXZ73bXXOFyR-_kK6q3SVBicmLwJHJqJTSCYIqBk-2SHwAQuP70QPz9YULRY1wDWAH1Ts5i8fbKlC3PJKzWe
Request Chain 518
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIQtaOBciiNf0zHVztw9jtA&google_cver=1&google_push=AXcoOmQdpopkfQ1J64aaTNC1fWcMpd2qhh5-LzWdC4Q_vLIL87_p0Pv9KoFxr1-dUQcSsYdMKzdGKYeIOc583T5E1kJSyUHkGPFZJw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmQdpopkfQ1J64aaTNC1fWcMpd2qhh5-LzWdC4Q_vLIL87_p0Pv9KoFxr1-dUQcSsYdMKzdGKYeIOc583T5E1kJSyUHkGPFZJw
Request Chain 520
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ4UWcTFm6mn0-RBWMZCHno&google_cver=1&google_push=AXcoOmSI3RUyPQbiUUj5aXgfYvFR-whH3zc8mW4c24uTSnmHgLFkdadWxtSsMMh3RbnkGBI92tzQLn5HNew-72Ep17Ci_hWTMwhJFg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmSI3RUyPQbiUUj5aXgfYvFR-whH3zc8mW4c24uTSnmHgLFkdadWxtSsMMh3RbnkGBI92tzQLn5HNew-72Ep17Ci_hWTMwhJFg
Request Chain 521
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_cver=1&google_push=AXcoOmT0GgHJh2r7i5ukwuWi2N8MRZ2_3PI1IIhy6y5QR4OcdZY9P_hNmaSaPJnl5wtfhQrkVl-DBpQwQDM6c4xQYrthsUFBIT-f HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmT0GgHJh2r7i5ukwuWi2N8MRZ2_3PI1IIhy6y5QR4OcdZY9P_hNmaSaPJnl5wtfhQrkVl-DBpQwQDM6c4xQYrthsUFBIT-f
Request Chain 525
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMqsDO9Ix66E1foAqwAT3cc&google_cver=1&google_push=AXcoOmS6dPBLlTquxTjmd0qt_K7oRq3tj65g0PsJ5LBDDCtDaDDVw22_HjlOrcOfguPEB6QyPnqr32p01VLOu0GiasBiM3-kj2vLTw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS6dPBLlTquxTjmd0qt_K7oRq3tj65g0PsJ5LBDDCtDaDDVw22_HjlOrcOfguPEB6QyPnqr32p01VLOu0GiasBiM3-kj2vLTw
Request Chain 526
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIQtaOBciiNf0zHVztw9jtA&google_cver=1&google_push=AXcoOmTBWHW1e2Qar41nt9TuwO6p11j8hkUYnan3cngzSLM7K596BQfBLIq9p2K76MUw0-BWlmkvvac05wtNzSFqu9hKg2V6u24n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmTBWHW1e2Qar41nt9TuwO6p11j8hkUYnan3cngzSLM7K596BQfBLIq9p2K76MUw0-BWlmkvvac05wtNzSFqu9hKg2V6u24n
Request Chain 528
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ4UWcTFm6mn0-RBWMZCHno&google_cver=1&google_push=AXcoOmR_6zATd2R8XdYZtiJtZ97NVjpKlAFQ-gRSqQEv8o8GwBuMChTR7EwFy8c-GbMxCC3xsiE5hNl2F2VxXKO8368Pv4bZ0Dl09g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmR_6zATd2R8XdYZtiJtZ97NVjpKlAFQ-gRSqQEv8o8GwBuMChTR7EwFy8c-GbMxCC3xsiE5hNl2F2VxXKO8368Pv4bZ0Dl09g
Request Chain 529
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_cver=1&google_push=AXcoOmT2eXO7Ky8hrGeNpUhxkRaWiZXdRQMf6u5iXOaAa-oApVQSD0gy5ip97SBNyxvydXR5ZemfL447t4X-fI78p1Ampt0cSFyZ-w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmT2eXO7Ky8hrGeNpUhxkRaWiZXdRQMf6u5iXOaAa-oApVQSD0gy5ip97SBNyxvydXR5ZemfL447t4X-fI78p1Ampt0cSFyZ-w
Request Chain 548
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698503&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
  • https://d.adtriba.com/px.gif
Request Chain 552
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMqsDO9Ix66E1foAqwAT3cc&google_cver=1&google_push=AXcoOmRvxtnw4-Jirdn5ZvHhX7p7plN_TjoWehLd6ATiLVrvDC0tfHzcdVoTWQ7utopyCCCC58rnbyYnwn3nGw6iMavfYv4g639Ohw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRvxtnw4-Jirdn5ZvHhX7p7plN_TjoWehLd6ATiLVrvDC0tfHzcdVoTWQ7utopyCCCC58rnbyYnwn3nGw6iMavfYv4g639Ohw
Request Chain 553
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIQtaOBciiNf0zHVztw9jtA&google_cver=1&google_push=AXcoOmS0LWSTZbytqp02_Yxt4t9xcx1rsRJN2D-i6uYu18vRyLsIwC6O6zBrmaDNgEag7G3p5nRZbcHSYjLPE1sY0AaomKrT5Qw0ig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmS0LWSTZbytqp02_Yxt4t9xcx1rsRJN2D-i6uYu18vRyLsIwC6O6zBrmaDNgEag7G3p5nRZbcHSYjLPE1sY0AaomKrT5Qw0ig
Request Chain 555
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ4UWcTFm6mn0-RBWMZCHno&google_cver=1&google_push=AXcoOmRCtfQVpjl597mjTGci0-PuBr8Jqtr1vMydoORh0ROQcyNo-h3og_sU5DDdqi4y0skU1IX8vVZ2cnStJ-w97zSH_6FH_9__nQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmRCtfQVpjl597mjTGci0-PuBr8Jqtr1vMydoORh0ROQcyNo-h3og_sU5DDdqi4y0skU1IX8vVZ2cnStJ-w97zSH_6FH_9__nQ
Request Chain 556
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_cver=1&google_push=AXcoOmQhB3WeULn7JYwV9D-OKdQ7QSr-hvCVfRKYg_W5I7D1CEJINGVu-UnL7sJdYpEUGGsqDfNb9hHFdxXVUT7md0C5mX01-gKmHw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmQhB3WeULn7JYwV9D-OKdQ7QSr-hvCVfRKYg_W5I7D1CEJINGVu-UnL7sJdYpEUGGsqDfNb9hHFdxXVUT7md0C5mX01-gKmHw
Request Chain 567
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698503&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
  • https://d.adtriba.com/px.gif
Request Chain 577
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMqsDO9Ix66E1foAqwAT3cc&google_cver=1&google_push=AXcoOmRG2R_NoyKeaSLPWz3E1U_SKykJbNoxJkbpckS4PeuZVS2M1wW-42pENM9Bni32KX_FJpAmiPp54Hb4eshy40U2gweFLK8h HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRG2R_NoyKeaSLPWz3E1U_SKykJbNoxJkbpckS4PeuZVS2M1wW-42pENM9Bni32KX_FJpAmiPp54Hb4eshy40U2gweFLK8h
Request Chain 578
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIQtaOBciiNf0zHVztw9jtA&google_cver=1&google_push=AXcoOmRFk4_o7ZlYGeFobfSYPKozzJYy5wD99UKqoqOe_npTot4u8w63gxyfwyH4IItiK8GMUL12oT8dDQbQ2SfVW2Bd6UT2sdHM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmRFk4_o7ZlYGeFobfSYPKozzJYy5wD99UKqoqOe_npTot4u8w63gxyfwyH4IItiK8GMUL12oT8dDQbQ2SfVW2Bd6UT2sdHM
Request Chain 580
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ4UWcTFm6mn0-RBWMZCHno&google_cver=1&google_push=AXcoOmQ9MYvmpV6eM3yjklyN4ixmrFFrcTdPw9Unn5-LrJFERiUGz4s4ziK-phWBRZePaWzMsrJyKZxN3Krn3VveT6_IKkhJNP-j HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmQ9MYvmpV6eM3yjklyN4ixmrFFrcTdPw9Unn5-LrJFERiUGz4s4ziK-phWBRZePaWzMsrJyKZxN3Krn3VveT6_IKkhJNP-j
Request Chain 581
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_cver=1&google_push=AXcoOmRy7gUUjR1sQkm_4bTO8DrdaqdPc57FOlbecgSnIOt2TV0yUyTy0I3MoCFz-8VN-bRtGPf9SS1hB3Y8Rl7rt-buZ562Du60 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmRy7gUUjR1sQkm_4bTO8DrdaqdPc57FOlbecgSnIOt2TV0yUyTy0I3MoCFz-8VN-bRtGPf9SS1hB3Y8Rl7rt-buZ562Du60
Request Chain 585
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMqsDO9Ix66E1foAqwAT3cc&google_cver=1&google_push=AXcoOmRIl61rhQ4S6TU-6vwOczoKLVMnh2jABMCi1enqpM3NUmopZphPKGlW-NBeWFFG0wH9Wlhu-ctIVuRYIkA5kRskroiG22rW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRIl61rhQ4S6TU-6vwOczoKLVMnh2jABMCi1enqpM3NUmopZphPKGlW-NBeWFFG0wH9Wlhu-ctIVuRYIkA5kRskroiG22rW
Request Chain 586
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIQtaOBciiNf0zHVztw9jtA&google_cver=1&google_push=AXcoOmQF3zHfDpMCgL-tdJnEAnaHaAC9SuoVgh9K6znTho4vTT57qF43IVwfskSs055LkL9TMuTrPoMbCIGAN-xaO0KNMRghXHdU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmQF3zHfDpMCgL-tdJnEAnaHaAC9SuoVgh9K6znTho4vTT57qF43IVwfskSs055LkL9TMuTrPoMbCIGAN-xaO0KNMRghXHdU
Request Chain 588
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ4UWcTFm6mn0-RBWMZCHno&google_cver=1&google_push=AXcoOmQDJCMkYyy4bjqzsoRKnABOi8xve5LHgV8Cdql-_vRqEy1A3XZ_1OLnMj8lkFx-LlsPsS3YSvSXrlNGlaJpKsGLzAKLOIYT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmQDJCMkYyy4bjqzsoRKnABOi8xve5LHgV8Cdql-_vRqEy1A3XZ_1OLnMj8lkFx-LlsPsS3YSvSXrlNGlaJpKsGLzAKLOIYT
Request Chain 589
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_cver=1&google_push=AXcoOmS0EKJ33o_TntTCXE1WrU7wpr1GqUuNKDGRGaHfztfTVqHBJ-nfoHoohemjRr-josIVpp_80tb-_kD-Liictt-WJaIQkY1J HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmS0EKJ33o_TntTCXE1WrU7wpr1GqUuNKDGRGaHfztfTVqHBJ-nfoHoohemjRr-josIVpp_80tb-_kD-Liictt-WJaIQkY1J

598 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
www.deseret.com/2024/1/10/24033494/ 		118 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.196.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-196-90.mrs52.r.cloudfront.net
Software
istio-envoy / Brightspot
Resource Hash
63e938a1badfc997dfc37af37b607c19cd80e8a6c43d7d5beec530a253ceb1b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
29300
content-type
text/html;charset=UTF-8
date
Thu, 11 Jan 2024 13:32:35 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 0a2c7c875f8793c5e59592c87bbf97ea.cloudfront.net (CloudFront)
x-amz-cf-id
yT5PSqBk1bsbWOhVIKMW2-yOCxoadFTO63ad6W8SUyN5offaVx3IEw==
x-amz-cf-pop
MRS52-P6
x-cache
Miss from cloudfront
x-envoy-decorator-operation
brightspot-cms-verify.deseret.svc.cluster.local:80/*
x-envoy-upstream-service-time
144
x-powered-by
Brightspot
OtAutoBlock.js
cookie-cdn.cookiepro.com/consent/f7029bfa-4907-411f-b3ea-2327c44ae364/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/f7029bfa-4907-411f-b3ea-2327c44ae364/OtAutoBlock.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1691528e16358e4a55f27a5960fdb5c5cfc05671e6682aa5d28ce102f483e758
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Jan 2024 13:32:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
Tir0qK8nCZjoJmsFueP6dw==
age
67627
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 18:05:28 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d2980a90-401e-00ba-1438-3fdd33000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
843d86d4ed6bbb80-FRA
otSDKStub.js
cookie-cdn.cookiepro.com/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Jan 2024 13:32:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
FWT01iLvZ++xUAz3aesSug==
age
23865
x-ms-lease-status
unlocked
last-modified
Mon, 08 Jan 2024 02:29:25 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2b7a1bc1-701e-0045-1099-42edae000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
843d86d4ed6fbb80-FRA
expires
Fri, 12 Jan 2024 13:32:36 GMT
qzq4qkv.css
use.typekit.net/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/qzq4qkv.css
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
18e417acc2170bc5559488138d56f4d308d36104a26eff8c23dd2cb371ab514a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 11 Jan 2024 13:32:36 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
890
All.min.28d7bfdcf2abbfaba5998e431b7efb10.gz.css
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/ 		330 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.28d7bfdcf2abbfaba5998e431b7efb10.gz.css?v=1212
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c427e138011ce114d3377e8fd3b318f2623d9ce87f54a29e8f9b0db724de245

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:06:40 GMT
content-encoding
gzip
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 01:25:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
267957
etag
"8039c23374bd5708f7eddb118b015c80"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
44663
x-amz-cf-id
PowsawZesglCXxM-FRB8gih2YDL-js8M0N8It8ZthiL1g4kmI8vcdQ==
webcomponents-loader.2938a610ca02c611209b1a5ba2884385.gz.js
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/webcomponents-loader/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/webcomponents-loader/webcomponents-loader.2938a610ca02c611209b1a5ba2884385.gz.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 16:32:54 GMT
content-encoding
gzip
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Thu, 17 Feb 2022 23:47:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
853183
etag
"15a442be7d06ec40170c3c91ac824065"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
999
x-amz-cf-id
56XgGNkgo-rJ8U8X-bKp1NAIvnXR8BgO0l2T-2xnPMKfUHq8K6hUNQ==
All.min.63baa46b878b908e122a755d549ee143.gz.js
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/ 		184 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.63baa46b878b908e122a755d549ee143.gz.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86cbd186d5f518d881af44ace9a2d7afc7e354f5ce6c2d0a675da7161881f42e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:12:13 GMT
content-encoding
gzip
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Tue, 18 Jul 2023 23:19:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
3824424
etag
"3cc9eaf9e696f596cbbffebb7eb93d1e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
57611
x-amz-cf-id
bmSxnzzGkWpmVhNmDmwGY_eV_hRHPC9bf9aj5Rlrt6t0IZn7lwyaLg==
htlbid.css
htlbid.com/v3/deseret.com/ 		4 KB
965 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://htlbid.com/v3/deseret.com/htlbid.css
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-39.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ade64b94b199f7eed364aed791007ad5ea08cb6b4d23d29a4e525eed6d546cc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
content-encoding
gzip
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
last-modified
Tue, 06 Jun 2023 18:26:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
W/"a18677c6faa95e37000068d366bbdeb4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
cache-control
max-age=600
x-amz-cf-id
cjCFdsu582o-nZbrgyDyUAsn_kZnbJbzvaQOvYhUJP-0Tsm8l3e_3w==
htlbid.js
htlbid.com/v3/deseret.com/ 		356 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://htlbid.com/v3/deseret.com/htlbid.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-39.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6e5ddd963178ca2ccfabb7a46845cf2d008e1d060df46da0a5daa9e874f762d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
content-encoding
gzip
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
last-modified
Tue, 06 Jun 2023 18:26:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
W/"90b905370f8bd50a600e0eab0962b367"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=600
x-amz-cf-id
1FdRODjwjdclLcMUEJPfTxR-1w6HMAUc0SIpmktCTF7RPe-1uvC8yA==
gpt.js
www.googletagservices.com/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94b1b4f4da4b9b1a39c2c3f839eadc4bf18cc907a02db1dc7413e191a380645c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29330
x-xss-protection
0
server
cafe
etag
844 / 19733 / m202401030101 / config-hash: 1407827963928654873
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:32:37 GMT
op.js
tagan.adlightning.com/deseretdigital/ 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/op.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11870ce2c78f2ac1cd089be24fbc9fb4e65f214dc9cd9dca41d3a9465924e5fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
x9FQ1AsLrggs9QByHwhAPZ_AytzSRsum
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
date
Thu, 11 Jan 2024 13:11:53 GMT
x-amz-cf-pop
FRA60-P4
age
1250
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26156
x-amz-meta-git_commit
e09f10f
last-modified
Wed, 10 Jan 2024 15:18:39 GMT
server
AmazonS3
etag
"6a988d88ac61bfe7044dc4fc67fc75b5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
vXpPMnvFFQ_s3YTzNZ-Sigjms0m7b0qhGxow5lebRApOD8nzZb4Yew==
deseret-scripts.bsp.min.js
uploads.deseret.com/scripts/ 		231 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uploads.deseret.com/scripts/deseret-scripts.bsp.min.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1971 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5776a75d93fa4dfd2b2e858464735e8706480d16e0ca08c072b185ffd638900d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 00:39:19 GMT
server
cloudflare
x-amz-request-id
58J302QBN5JT36K5
age
6091
etag
W/"7d3d56ebf5af149dacf31a2a69a3fa1a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=14400
cf-ray
843d86db7e213625-FRA
x-amz-id-2
IxZ/DxffWS9CEnDMqH4/QUe6U3rQpQzkhrM+UotnLcylrFniC8KQAsfGJcn3D6ZCsmw67UujadY=
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f77b13b209813da09a0d1af63b7bb71129c58e0b3b29174844ab7e210e2284fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 11 Jan 2024 13:32:37 GMT
Benton_Sans_Regular.a86565d35df3a9fb1e50b963cbf97a13.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Regular.a86565d35df3a9fb1e50b963cbf97a13.woff2
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66f0dc601980210348b662950393979dddd60cd7d71deec55d52d33dba6480bd

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 20:25:12 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
3517645
x-cache
Hit from cloudfront
content-length
76568
last-modified
Thu, 17 Feb 2022 23:47:56 GMT
server
AmazonS3
etag
"f6743a187328e0bf82aeda554e81482c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
8L66EtE3XLoIOmxkw_WNuR3xC1T8y2Akip64MKIPloNpxTO_6cI1ew==
Benton_Sans_Bold.8cb714e2e55e898768c36431818db72f.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Bold.8cb714e2e55e898768c36431818db72f.woff2
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2a94eb1d42e17433281e0b974340f4d2efc5ef5033d0d4af074a96012c6ba1d

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 23:12:58 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1865978
x-cache
Hit from cloudfront
content-length
74663
last-modified
Thu, 17 Feb 2022 23:47:56 GMT
server
AmazonS3
etag
"d6b2f91fd8fea5cf04d2cffb91358fa7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
qGdsdn_wPyVmJ7-ED2mhcSI9n9F9-0nUEPxJk7ZC0LunoKjgQ6dnQw==
Benton_Sans_Condensed_Medium.bb363d55467296410f913b84056528f9.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		80 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Condensed_Medium.bb363d55467296410f913b84056528f9.woff2
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7be8d23faf8e20f95b11c1a6b936f8e7fab5edfe166294fa5cbddd5f4aee8dbc

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 20:25:12 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
3517645
x-cache
Hit from cloudfront
content-length
82104
last-modified
Thu, 17 Feb 2022 23:47:57 GMT
server
AmazonS3
etag
"d0db157337143c199a26534b83cf3209"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
oj1RCrZ7MSIsTF1q9VFIzVZ2P0NOLVcXeZsHjWlmrEm6RmfnHStvgg==
Poynter_Oldstyle_Display_Bold.26cefedcab11054b85987ff2f992a2c5.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Display_Bold.26cefedcab11054b85987ff2f992a2c5.woff2
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a95d7230e92fa3f5e49d0a98b70db47eca288aa80c32e7aa463fbf0887ed6648

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:35:27 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
3535030
x-cache
Hit from cloudfront
content-length
47611
last-modified
Thu, 17 Feb 2022 23:47:57 GMT
server
AmazonS3
etag
"4d9e86bc030f11c019ff00eb6acd78f4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
WBLd3kJgciMDbFmhTb9PYV8cMjtn2pT7rkte7_xi-OhshTK1OQZNjQ==
Poynter_Oldstyle_Text_Italic.9f7066049b8a07ca0e905ba46c8645f4.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		59 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Italic.9f7066049b8a07ca0e905ba46c8645f4.woff2
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2dcf4e292cf679e2c8530bc37a6f23979b184ba573845ddbb1e9d595a554227

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 00:23:16 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
220161
x-cache
Hit from cloudfront
content-length
60787
last-modified
Thu, 17 Feb 2022 23:47:57 GMT
server
AmazonS3
etag
"752938771efdce1e27b5387be02c2bcc"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
6RDXiH-lvUX7d7Ig5CdZzlidFCn9U9Hpd0MD7ugWkF8QuRPtm-VUmw==
Poynter_Oldstyle_Text_Roman.7d4d83ea55695b66b9beb992fadfb14b.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Roman.7d4d83ea55695b66b9beb992fadfb14b.woff2
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a09d02e6d88797dbde0e92bbca6e534dbe41f4add18f56f2e10ab3ae98dca0a6

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 05:25:13 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
2448444
x-cache
Hit from cloudfront
content-length
61012
last-modified
Thu, 17 Feb 2022 23:47:58 GMT
server
AmazonS3
etag
"1dc88c1f4c13b4a7444f0c52628d8cf2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
8_h55AdoeQtl71O2XzVKHD-4cdPI2JkYjN9-0ZAQ0tqKWT_WJd7wgA==
Poynter_Oldstyle_Text_Bold.401d3b047965b9833f0ef9a4299972b2.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Bold.401d3b047965b9833f0ef9a4299972b2.woff2
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f7845baf48f3b8c34aad7cdfabdbde46cdefcd61f5843bb8e485ecd17b35381

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 20:25:12 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
3517645
x-cache
Hit from cloudfront
content-length
61221
last-modified
Thu, 17 Feb 2022 23:47:58 GMT
server
AmazonS3
etag
"878d3707418d2a777352b5a61447448e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
5zmXKu-IL7k0TAB8RuGom4hwz87v_DfEtjcO4D_Nw7vhwuegbkV-Tw==
Benton_Sans_Regular.409a2ac6bc1aa08eb312bd751e5b8f40.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		101 KB
101 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Regular.409a2ac6bc1aa08eb312bd751e5b8f40.woff
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bcc5776e9fae4fdacc876c8fec1a448df437dbcb9c79920384bd88d8cebb3869

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 20:25:12 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
3517645
x-cache
Hit from cloudfront
content-length
103205
last-modified
Wed, 25 May 2022 18:26:51 GMT
server
AmazonS3
etag
"dc0e0fc6f3d76709193bbed5251160f8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-font-woff
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
zg_j3QER5NSvSV8GenB6DvHz53ylkuEtGJbcpEMH8NYL6t952fvHCw==
Benton_Sans_Bold.d49a5ce3e771acb6ef7780dfb8628852.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		98 KB
99 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Bold.d49a5ce3e771acb6ef7780dfb8628852.woff
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
69ad3aa28d82aca629d5970eb80b68d85111d458e08fe3eae014ed8cc509637a

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:44:14 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
3242902
x-cache
Hit from cloudfront
content-length
100842
last-modified
Wed, 25 May 2022 18:26:52 GMT
server
AmazonS3
etag
"f877dc687a87566a2fb8dae0a4990b93"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-font-woff
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
osKWG4udpLP9o4W6Jmw658GjJrF5H1tOOk9Yyt-zOPNG_pkTDeQpow==
Benton_Sans_Condensed_Medium.93a6c93a1977e45c6c8110ece8b4b5d0.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		109 KB
109 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Condensed_Medium.93a6c93a1977e45c6c8110ece8b4b5d0.woff
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eabb880277c8644d8b8d3134cc8649109692ee1d1d4ca460374dd7cd97c9271b

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 20:25:12 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
3517645
x-cache
Hit from cloudfront
content-length
111108
last-modified
Wed, 25 May 2022 18:26:52 GMT
server
AmazonS3
etag
"20ed51646fe20feb81c38d16459545c7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-font-woff
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
x8977BqQj_Qrw5dGLcckeVZ0qzigYqjBSxZy-FuBqjo1s8oKvaLF7g==
Poynter_Oldstyle_Display_Bold.3ae2bb4526d6e998f6f95c1227253d91.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Display_Bold.3ae2bb4526d6e998f6f95c1227253d91.woff
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3e1d573601ec8fc04b7410e8593284ffce7fbcc2148ce3070349b6218a40d1f

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 20:25:12 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
3517645
x-cache
Hit from cloudfront
content-length
63207
last-modified
Wed, 25 May 2022 18:26:53 GMT
server
AmazonS3
etag
"1a399b504bfc628afade8572bcac1b9f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-font-woff
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
oz5OW9IP6ppY21f6Nc99NXtCoioXpA0d8Yp7tzGilLyW3m7xhJ5aLQ==
Poynter_Oldstyle_Text_Italic.1852359a620808c5c15d4adc10b281d9.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Italic.1852359a620808c5c15d4adc10b281d9.woff
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6d8efcec4beb19fdcb6e14e5ae504451a3d846afe70c26c79825c9b9121a9be

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 01:06:07 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
217590
x-cache
Hit from cloudfront
content-length
76745
last-modified
Wed, 25 May 2022 18:26:53 GMT
server
AmazonS3
etag
"002ec9b19e3a826a9001a395312bacc2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-font-woff
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
3n1ShJXCq_KTvGx8QGldroxYWNZTn09-nm5iZXVL7Ib70lqtA2he_Q==
Poynter_Oldstyle_Text_Roman.a3e2828fcd9d3b031c3d3e07aea3d55e.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Roman.a3e2828fcd9d3b031c3d3e07aea3d55e.woff
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96f1bf7e1c0ac4c3310832746a1a8887970155a1de90935c488b05a0c2c73c1e

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 20:25:12 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
3517645
x-cache
Hit from cloudfront
content-length
76278
last-modified
Wed, 25 May 2022 18:26:53 GMT
server
AmazonS3
etag
"544e553d046beae465d90cbede131aa7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-font-woff
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
9aYpZENNRLojA9Vm6-ZK2RUl70QbB0FWfaE2PHRfQS1cK220_-Bisw==
Poynter_Oldstyle_Text_Bold.5151938f16d42d400f1b1b6cf8ce28b0.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Bold.5151938f16d42d400f1b1b6cf8ce28b0.woff
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb6d8677f4fe82deb229a4a4123c46c3378a92cf5e17f4844dcf430dd1ff6b45

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 00:19:38 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
220379
x-cache
Hit from cloudfront
content-length
77143
last-modified
Wed, 25 May 2022 18:26:54 GMT
server
AmazonS3
etag
"eb6b6b4a47bbbb92360446b2b945de30"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-font-woff
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
0E1vOeKxvv5Yt4gamZjaemQGCAQGxHR99Ok5t0ln-_ZpEnus19bKxA==
deseret.svg
deseret.brightspotcdn.com/a8/e0/1f3859ae45049aa4e408a6134060/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://deseret.brightspotcdn.com/a8/e0/1f3859ae45049aa4e408a6134060/deseret.svg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e56d46b73d36a4cd2959b5163de05df3f69ed1a27f99ffed7bd73089ba7ab88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 01:21:33 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Fri, 18 Feb 2022 13:41:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
216664
etag
"96da6f127c1dfe20cd4dd8043d3b2711"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
5129
x-amz-cf-id
YyXdcH-V7C79uV1KiCAa628pKZTDiG-1rxDUnYHXbaYQZPX6MWwDcw==
outbrain.js
widgets.outbrain.com/ 		240 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c7a8bfe0d4f7f345b49ee46bc1a8ecfeea20b46a617ad4a1908c15e7ea2d72a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
content-encoding
gzip
last-modified
Thu, 11 Jan 2024 11:49:03 GMT
etag
"24-I0msZmsB9re+H3QpZndmFcdmTGc"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14500
access-control-allow-credentials
false
x-traceid
6f62bbbff60bf05afb53e67aa828bfdd
timing-allow-origin
*, *
content-length
88523
access-control-request-headers
X-OB-STG,X-OB-PRD
deseret-all-white.svg
deseret.brightspotcdn.com/f5/3a/e18fad7149db9774e45b66febd3e/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://deseret.brightspotcdn.com/f5/3a/e18fad7149db9774e45b66febd3e/deseret-all-white.svg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb0937c8795554e0837a02e3c17fc431c8665d70b631fd4bc285e8c10e5e22a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:12:13 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Fri, 18 Feb 2022 17:21:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
3824424
etag
"1e425a1d2e93778d611f9b7683f6837e"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
6126
x-amz-cf-id
DKD388AW5RUbi_TzAZfgnA4OxfqkmDDQqJz6XiKMdfwE7qSNNVjo9A==
bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/_resource/analytics/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:45:38 GMT
content-encoding
gzip
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Thu, 17 Feb 2022 23:47:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
6349618
etag
"c066757a8992615b576ac565d39d182d"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3003
x-amz-cf-id
qW37jgo32ev6Nbe9ujJgB35dV9IA5IirS13azaYSAD-rxDIbCgr0Yw==
f7029bfa-4907-411f-b3ea-2327c44ae364.json
cookie-cdn.cookiepro.com/consent/f7029bfa-4907-411f-b3ea-2327c44ae364/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/f7029bfa-4907-411f-b3ea-2327c44ae364/f7029bfa-4907-411f-b3ea-2327c44ae364.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8faee1e9a9f2a9c9aa0ebbaa33046d50467b46162ffca9136b1efca66026db63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Jan 2024 13:32:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
kza1swRmF98UJHKk4XP9PQ==
age
66982
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 18:05:30 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e40152c5-c01e-007f-1d38-3ff7d6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
843d86d5ebb203d0-FRA
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=qzq4qkv&ht=tk&f=30813.30814.30816.30818.30834.31040.31047&a=12600432&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:36 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
843d86d6d87c2c72-FRA
access-control-allow-headers
Content-Type
otBannerSdk.js
cookie-cdn.cookiepro.com/scripttemplates/202311.1.0/ 		427 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202311.1.0/otBannerSdk.js
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4ad3a7c4aa97b074c4d59a438bb5813ded8ad1d8bb8cf630abb4c6ee075d54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Jan 2024 13:32:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
Jal9ZuZ5o01PB+RcMoFDzw==
age
24308
x-ms-lease-status
unlocked
last-modified
Fri, 01 Dec 2023 17:43:55 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e2e61139-401e-003c-41ef-24118a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
843d86d89947bb80-FRA
expires
Fri, 12 Jan 2024 13:32:36 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e7d4d79a9e6e9e8517a50ccf73d395158447af175d89d638be16072f86709132
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 11 Jan 2024 13:32:37 GMT
content-md5
N5SnbGwtCyZvQsKKGUrB6g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
x-fb-debug
XUUsuaTt0LUo5L5HI0sz5J+sqSxcSrJ17mF5f2tfixGgV+USRmrWdr1z/PmqDkTc2EqBsyAjcuSGrlf9jxi2og==
x-fb-content-md5
81adc54a4440c82834125e3ff2d76e51
cross-origin-opener-policy
same-origin-allow-popups
etag
"9f4ab8df647e7dc2f472d2dcd401ef07"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:45:46 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/deseret.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78aedee867f376acedb7baf555f6ad3b8871aafd40d1d7349c1146b21c5cd33c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29336
x-xss-protection
0
server
cafe
etag
776 / 19733 / m202401030101 / config-hash: 1407827963928654873
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:32:37 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/deseret.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-110-17.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:13:22 GMT
content-encoding
gzip
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront), 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P5
age
1156
x-amz-server-side-encryption
AES256
etag
W/"d6937d02acbbf691a008906e9d0617e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
er8EwxbA73PfSb9RpmwOo-JqORbolR5SjXWjrnFrt2lSE7iSn3NUwg==
gtm.js
www.googletagmanager.com/ 		287 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
97e0d65ace73cf6609e6b3aceef4359662f2919f7a274f59b81339a08a2d0155
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97454
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 Jan 2024 13:32:37 GMT
v2ghq4H8pSqsSE5TvCRMeg19JrcNjnOdwdTO_2xu06qvex-mky4fUPQk
restrainstorm.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://restrainstorm.com/v2ghq4H8pSqsSE5TvCRMeg19JrcNjnOdwdTO_2xu06qvex-mky4fUPQk
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a38::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
83b974070760f2509bd8460ef35022d20f00556bac3be188a50cfef762d2327e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Thu, 11 Jan 2024 13:32:37 GMT
x-datacenter
gce-europe-west1
etag
"0b1177fc9dcd0b6481dc79301edcc55f28580e63abaee9a034207d893470c907"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-06pp
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
truncated
/ 		85 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af8574c64eb8a1a24537fe67d1c22a775ddff60c52157b8922dae42caf91db97

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
742eda3b2d2aefb9c25c7daa5dfe251f02317aae3027a7f8221710d9a5a3d3d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6228e761dcb43896055c3e8271b1e4dfd480df47f1ee88c57c1000b991e60c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
228f7278b56ec5f4c512.8764e4dc5bb5d6dc0a7723926dadba3f.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/228f7278b56ec5f4c512.8764e4dc5bb5d6dc0a7723926dadba3f.woff2
Requested by
Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.28d7bfdcf2abbfaba5998e431b7efb10.gz.css?v=1212
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c98415225e2d798f63c5cf293cecc7e25003e2bfdd5c36a15131e481377d3a5

Request headers

Referer
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.28d7bfdcf2abbfaba5998e431b7efb10.gz.css?v=1212
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 20:43:02 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1442974
x-cache
Hit from cloudfront
content-length
42200
last-modified
Thu, 17 Feb 2022 23:47:51 GMT
server
AmazonS3
etag
"9bbb521bbc889f7adbd15c91e025b3e9"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
LreeWihYDtrT9VT5108DTcSf4JxnAYC_IYMcIL8gwX-daAepVEN37g==
56873dddf01c173e6d7c.86be8971ac1519f2cfdf90b1b087eeaa.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/56873dddf01c173e6d7c.86be8971ac1519f2cfdf90b1b087eeaa.woff2
Requested by
Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.28d7bfdcf2abbfaba5998e431b7efb10.gz.css?v=1212
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aeac3df5ca446725ac4a984ed4b6172c3b3b1cec23d70cc45ec546863f792264

Request headers

Referer
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.28d7bfdcf2abbfaba5998e431b7efb10.gz.css?v=1212
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 17:34:17 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
763100
x-cache
Hit from cloudfront
content-length
26436
last-modified
Thu, 17 Feb 2022 23:47:52 GMT
server
AmazonS3
etag
"03b913edebe839076662cf2c26e236e4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
bv-mCsxbQaA9br0mtoOPJgnt5vLRwtu6149VwwaSx1T2tjvQkQwM0Q==
9a8d32d539073ef74f3e.64eccfd09cafb2704571be2d12cc225b.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/9a8d32d539073ef74f3e.64eccfd09cafb2704571be2d12cc225b.woff2
Requested by
Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.28d7bfdcf2abbfaba5998e431b7efb10.gz.css?v=1212
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f0b2df67130c20d3f75e473ccf941fc8fea7c029d15adf044af4df143c45b2c

Request headers

Referer
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.28d7bfdcf2abbfaba5998e431b7efb10.gz.css?v=1212
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 17:34:17 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
763100
x-cache
Hit from cloudfront
content-length
33672
last-modified
Thu, 17 Feb 2022 23:47:53 GMT
server
AmazonS3
etag
"14a8a2847cf9b842624f7e4974f4fcd0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
x1N1joxHqMCFpNl6N6PvrU0KCzlZsKGTOqEuQ_eLxElJZvOa5LFflg==
d02ee5d3226eb0e8bf36.bd48110194a908a4a1e939b1656d318a.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/d02ee5d3226eb0e8bf36.bd48110194a908a4a1e939b1656d318a.woff2
Requested by
Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.28d7bfdcf2abbfaba5998e431b7efb10.gz.css?v=1212
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79bfd990f4a7c0761fba24d187be6877d875e0e3c4563cd99f2821ef8d1a915a

Request headers

Referer
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.28d7bfdcf2abbfaba5998e431b7efb10.gz.css?v=1212
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 16:16:23 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
767774
x-cache
Hit from cloudfront
content-length
33908
last-modified
Thu, 17 Feb 2022 23:47:54 GMT
server
AmazonS3
etag
"f9493b31a6a412afbbc1687f1b0e24c0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
GUMrxgYxAuhjZRsuc4tnIj-Z7fMpRbxNsUTr4ntpHlDvEtBif26dkg==
a9fcb7d84180304e8fe7.f07418e94d3ab3dc90c1135c26084266.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/a9fcb7d84180304e8fe7.f07418e94d3ab3dc90c1135c26084266.woff2
Requested by
Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.28d7bfdcf2abbfaba5998e431b7efb10.gz.css?v=1212
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
36b2007c0fe0a0f968bd49d1d050bd46989db93585b00b39df19ffa3e164047f

Request headers

Referer
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.28d7bfdcf2abbfaba5998e431b7efb10.gz.css?v=1212
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 01:18:44 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
216833
x-cache
Hit from cloudfront
content-length
41444
last-modified
Thu, 17 Feb 2022 23:47:51 GMT
server
AmazonS3
etag
"d9f196409e9e47511b99a9e6ba9a3df7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
0j4LllPiFvA7k8BQG3aou8pekc100TWwjtohCXPw3Lx3Oz00uiEnYA==
embed.js
deseretnews.coral.coralproject.net/assets/js/ 		105 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deseretnews.coral.coralproject.net/assets/js/embed.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.156.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.156.244.35.bc.googleusercontent.com
Software
/
Resource Hash
2f5ec0118626853c74c86c3a42bce3e20e9cd23523770f327d197b1b98cc1200
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 11 Jan 2024 13:05:46 GMT
via
1.1 google
age
1611
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30751
x-xss-protection
1; mode=block
x-trace-id
498bf160-b07e-11ee-8c5a-31487d894089
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 13 Dec 2023 21:29:11 GMT
etag
W/"781f-18c65156858"
vary
Accept-Encoding
content-language
en-US
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800, s-max-age=604800
accept-ranges
bytes
truncated
/ 		87 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d37a519f3a04fe4c01c920f2ba0cf85283ebd419b5d101a606c5ee2b33f19b35

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
_track
www.deseret.com/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.deseret.com/_track
Requested by
Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.196.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-196-90.mrs52.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 11 Jan 2024 13:32:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-decorator-operation
brightspot-cms-verify.deseret.svc.cluster.local:80/*
via
1.1 0a2c7c875f8793c5e59592c87bbf97ea.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
MRS52-P6
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
x-amz-cf-id
k9B8LbXU7yfSTAQF6Ja4z9MWD4OV1623mz22yafx3Poa-sdfCUV2sg==
l
use.typekit.net/af/49ef66/00000000000000003b9b2cfc/27/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/49ef66/00000000000000003b9b2cfc/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
351ba2ac20d28ffadb1115a6dd19d3a789cbd9d30d88630ca6d0a9a7fa6122d9

Request headers

Referer
https://use.typekit.net/qzq4qkv.css
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:36 GMT
server
nginx
etag
"cea691f813baff9c459e093daf1ff69d154fedc0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
37980
trending-web.json
api.deseret.com/ 		8 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.deseret.com/trending-web.json?d=2024-0-11-14
Requested by
Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.63baa46b878b908e122a755d549ee143.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1871 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
927dedc9a3661b1abc859b113cf96c427a928af9f2bfbf35df7476bccd2f34f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
x-amz-version-id
cPG7JufXa8FOclDrWVNIWr7cgavj.Hf4
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
HDBA2YGKDB437MDK
age
3856
x-amz-id-2
GegDcx69Qpl7de2DAa26f7C9cNjzA+XlF3uRiX/6Ru7V20O5CgxEuQ41uFFe7UIE4ZM4nEv5Axc=
last-modified
Thu, 11 Jan 2024 11:01:01 GMT
server
cloudflare
etag
W/"ede4bc0c146e60136f817043e1166d2a"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=120
cf-ray
843d86db89415b32-FRA
/
deseret.brightspotcdn.com/dims4/default/c50cb3a/2147483647/strip/true/crop/2678x1784+0+1/resize/1300x866!/format/webp/quality/90/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://deseret.brightspotcdn.com/dims4/default/c50cb3a/2147483647/strip/true/crop/2678x1784+0+1/resize/1300x866!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FRlpE1R2Py41X-nZUNSV8g_PvNRI%3D%2F0x0%3A2678x1785%2F2678x1785%2Ffilters%3Afocal%281339x893%3A1340x894%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F25217645%2FAP24009839395683.jpg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
7a45273b45f8e27e7112f967d5d17207567a10f406512edad9881a05a1dba469

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 05:50:59 GMT
x-envoy-decorator-operation
brightspot-dims-verify.deseret.svc.cluster.local:80/*
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA50-C1
age
27697
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
678
content-length
93084
x-amz-cf-id
7TjUL9EvzI5NmGcvGazT7TxzWxtLJPohhSqo6Rl4zrbqbNK4bhS4PA==
expires
Fri, 10 Jan 2025 05:50:59 GMT
en.json
cookie-cdn.cookiepro.com/consent/f7029bfa-4907-411f-b3ea-2327c44ae364/d5a55357-69fa-4f57-bf66-fb37b07bcec3/ 		70 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/f7029bfa-4907-411f-b3ea-2327c44ae364/d5a55357-69fa-4f57-bf66-fb37b07bcec3/en.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0d01b7dcb4fad6330dbe35bd607491e5974b40a0d4e60ccf82bf79f82ade80e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Jan 2024 13:32:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
jJv4BI8tNJJZfs5GRWIVjg==
age
66983
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 18:05:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a9b0026d-e01e-0057-4e38-3f967e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
843d86db8a4203d0-FRA
sdk.js
connect.facebook.net/en_US/ 		303 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f56e420eb6e4b3321733fe6afa70782a
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
884745c5681a986cfcad22b959065049a2f2f5ac4c90d21dcd2c087b264f903d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 11 Jan 2024 13:32:37 GMT
content-md5
msWF5X/zchYqz4gBXXNQGQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88384
reporting-endpoints
x-fb-debug
yuzAvv757julTWcaY1Tl+NZda4SbpLK+MlBsl59cwuOtHtErMza8j1kBLUDkGzyB0dKUPGQoNfNE9JZh4Hieow==
x-fb-content-md5
df62c9faf81ea82aeeb59d901022ba9c
cross-origin-opener-policy
same-origin-allow-popups
etag
"136d6828947bc0052645a1e0a4bb994a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 10 Jan 2025 12:33:08 GMT
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:11:08 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
3543689
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
oaYOIo_Abt9ZrGwWN66353IaI5eBR2yysM-rfLFk60dTbPHjeliPwQ==
bl-250cc79-98ebe0b5.js
tagan.adlightning.com/deseretdigital/ 		77 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-250cc79-98ebe0b5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ee4feaf7d7d9ebbdc924f9d70e67a34ba1fc00f48051151f66f747d5846ea54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:06:43 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
_wF20aOmHzwNDMjUSSAIr0qQSsAff7iP
x-amz-cf-pop
FRA60-P4
age
77155
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33407
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 15:18:08 GMT
server
AmazonS3
etag
"2d8e8f851c043de1e7d50af54fbb1b1c"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
MzljiSIRmdlJE23-FrFW5ta2MxxmtFyz5LNijkqM1fGTxdUb7oO86Q==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/webp
Screenshot_2024_01_07_at_1.14.52_PM.png
cdn.vox-cdn.com/thumbor/0e1sUcuDl5UNAeLZ3-TsgnmeOM0=/0x0:2272x1510/800x533/filters:focal(1585x682:1586x683)/cdn.vox-cdn.com/uploads/chorus_asset/file/25209732/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vox-cdn.com/thumbor/0e1sUcuDl5UNAeLZ3-TsgnmeOM0=/0x0:2272x1510/800x533/filters:focal(1585x682:1586x683)/cdn.vox-cdn.com/uploads/chorus_asset/file/25209732/Screenshot_2024_01_07_at_1.14.52_PM.png
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
62a1d4170d36abf67ef44e5e27efcf3c6838d1cd751b775296b86c08295bb4b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 11 Jan 2024 13:32:37 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
age
311476
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
102640
x-served-by
cache-fra-etou8220044-FRA
server
Thumbor/6.7.0
x-timer
S1704979957.228329,VS0,VE2
etag
"53c935593cf4ab8ac398ef6faa145399224f9976"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Sat, 07 Jan 2034 11:01:20 GMT
GroupLazLivingRoom.jpg
cdn.vox-cdn.com/thumbor/nd2WV5IfYAu240iWUu0O5SE3SLs=/0x0:3120x2080/800x533/filters:focal(1619x1072:1620x1073)/cdn.vox-cdn.com/uploads/chorus_asset/file/25177378/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vox-cdn.com/thumbor/nd2WV5IfYAu240iWUu0O5SE3SLs=/0x0:3120x2080/800x533/filters:focal(1619x1072:1620x1073)/cdn.vox-cdn.com/uploads/chorus_asset/file/25177378/GroupLazLivingRoom.jpg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
2ae6b8bae3212d1e511a1b0c51cd09855cb81b9df53db3afaaffb0229df025b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 11 Jan 2024 13:32:37 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
age
192694
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
88026
x-served-by
cache-fra-etou8220044-FRA
server
Thumbor/6.7.0
x-timer
S1704979957.228908,VS0,VE2
etag
"32fe47580b140487ad780150cad5974df4a92a44"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Sun, 08 Jan 2034 20:01:02 GMT
AP23199632436601.jpg
cdn.vox-cdn.com/thumbor/Rxs2QsCE8Nzg1ujNj_WkPI8m4Tk=/0x0:3903x2602/800x533/filters:focal(1952x1301:1953x1302)/cdn.vox-cdn.com/uploads/chorus_asset/file/25212387/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vox-cdn.com/thumbor/Rxs2QsCE8Nzg1ujNj_WkPI8m4Tk=/0x0:3903x2602/800x533/filters:focal(1952x1301:1953x1302)/cdn.vox-cdn.com/uploads/chorus_asset/file/25212387/AP23199632436601.jpg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
7d7434ecc674742ed5a87be268af3c99a9d9a67b4d55898128dbc5ae899eab26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 11 Jan 2024 13:32:37 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
age
201526
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
52462
x-served-by
cache-fra-etou8220044-FRA
server
Thumbor/6.7.0
x-timer
S1704979957.228293,VS0,VE2
etag
"03b2a6976b5f02c280412abce8e046dd91f51b74"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Sun, 08 Jan 2034 17:33:51 GMT
merlin_2953798.jpg
cdn.vox-cdn.com/thumbor/Xu250CU_uLN2T0eQKqJcTszvB4c=/0x0:3000x2030/800x533/filters:focal(1599x622:1600x623)/cdn.vox-cdn.com/uploads/chorus_asset/file/25212764/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vox-cdn.com/thumbor/Xu250CU_uLN2T0eQKqJcTszvB4c=/0x0:3000x2030/800x533/filters:focal(1599x622:1600x623)/cdn.vox-cdn.com/uploads/chorus_asset/file/25212764/merlin_2953798.jpg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
4d63e78bf545113a89fe586ca2edf214a9937d1569a9ccaf9b1d232906765228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 11 Jan 2024 13:32:37 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
age
45031
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
58392
x-served-by
cache-fra-etou8220044-FRA
server
Thumbor/6.7.0
x-timer
S1704979957.228649,VS0,VE2
etag
"a395e4f5f4a5361705e6c8170bae12e4586417a6"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Tue, 10 Jan 2034 13:02:05 GMT
AP24008193356320.jpg
cdn.vox-cdn.com/thumbor/EFelyX2F0rnTuZTTcPMfJFMzzq0=/0x0:6884x4112/800x533/filters:focal(3442x2056:3443x2057)/cdn.vox-cdn.com/uploads/chorus_asset/file/25212719/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vox-cdn.com/thumbor/EFelyX2F0rnTuZTTcPMfJFMzzq0=/0x0:6884x4112/800x533/filters:focal(3442x2056:3443x2057)/cdn.vox-cdn.com/uploads/chorus_asset/file/25212719/AP24008193356320.jpg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
7c169a2b8c8c7d9c1d7a302528ba979a59419d832d22575a996b914ea44e079e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 11 Jan 2024 13:32:37 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
age
19863
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
63587
x-served-by
cache-fra-etou8220044-FRA
server
Thumbor/6.7.0
x-timer
S1704979957.228981,VS0,VE2
etag
"0a43c8d12d53170fdf5bfeb96e84095b4c79339c"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Tue, 10 Jan 2034 20:01:34 GMT
merlin_3012906.jpg
cdn.vox-cdn.com/thumbor/oQ9JzmkZZwmP04BxrhEnkU82Zos=/0x0:2787x3000/800x533/filters:focal(1877x623:1878x624)/cdn.vox-cdn.com/uploads/chorus_asset/file/25209017/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vox-cdn.com/thumbor/oQ9JzmkZZwmP04BxrhEnkU82Zos=/0x0:2787x3000/800x533/filters:focal(1877x623:1878x624)/cdn.vox-cdn.com/uploads/chorus_asset/file/25209017/merlin_3012906.jpg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
617d8707a5d4b256aac7f90276660fe1330782c98523ef14da8cba553c2e6dd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 11 Jan 2024 13:32:37 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
age
16284
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
66143
x-served-by
cache-fra-etou8220044-FRA
server
Thumbor/6.7.0
x-timer
S1704979957.228607,VS0,VE2
etag
"5e1585a1200c12f31e75d4f592d6c0e5e420e15e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Tue, 10 Jan 2034 21:01:12 GMT
otFlat.json
cookie-cdn.cookiepro.com/scripttemplates/202311.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202311.1.0/assets/otFlat.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Jan 2024 13:32:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
k/F42BQAEUqNDKd4RaNADA==
age
27961
x-ms-lease-status
unlocked
last-modified
Fri, 01 Dec 2023 17:43:42 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
c857c157-501e-0099-1adc-2447f0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
843d86dc2ae203d0-FRA
expires
Fri, 12 Jan 2024 13:32:37 GMT
otPcCenter.json
cookie-cdn.cookiepro.com/scripttemplates/202311.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202311.1.0/assets/v2/otPcCenter.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a811246367093979c01fc9ea67e8db8c1b1e5abbd10fd669d6de163702c942b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Jan 2024 13:32:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
yvXg9cqHerDDeRorhtpvbQ==
age
27961
x-ms-lease-status
unlocked
last-modified
Fri, 01 Dec 2023 17:43:45 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
ad2b674b-201e-0077-0dba-24edd9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
843d86dc2ae403d0-FRA
expires
Fri, 12 Jan 2024 13:32:37 GMT
otCommonStyles.css
cookie-cdn.cookiepro.com/scripttemplates/202311.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202311.1.0/assets/otCommonStyles.css
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Jan 2024 13:32:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
27961
x-ms-lease-status
unlocked
last-modified
Fri, 01 Dec 2023 17:44:03 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
3f457043-001e-004f-32c0-244919000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
843d86dc2ae503d0-FRA
expires
Fri, 12 Jan 2024 13:32:37 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=ryghhm_728x90_
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:5c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2664174
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
Aw-1vLuegF-ayNxUwX265VgZH9mo_pXikE2G_cBCaaQQNEIFEGhmHg==
most-commented-stories.json
api.deseret.com/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.deseret.com/most-commented-stories.json
Requested by
Host: uploads.deseret.com
URL: https://uploads.deseret.com/scripts/deseret-scripts.bsp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1871 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7e4f76a293cf884c18a80a1b4f815223536cf2d56a1c9f8d6ba5a8f71a4ed2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
x-amz-version-id
XIzuk3s2ZjUFNZV8LdgYIT3QBqQR2tX3
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Jan 2024 13:00:15 GMT
server
cloudflare
x-amz-request-id
5SWATHHDMSQFHVF8
etag
W/"2580472f188a17f31de84273c36b0a63"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=60
cf-ray
843d86dc49b75b32-FRA
x-amz-id-2
3+O8Rs+yPVBRVLS9NfA6p6IkXvPNDFPc7W6JAIwVuVybXTNC3CGwfvw2nVHAiLyu145nKeQAOYI=
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-110-17.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
date
Thu, 11 Jan 2024 09:18:55 GMT
x-amz-cf-pop
FRA56-P5
age
15223
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
LH6b3V2yBq6TFY5kmm6lDhrJiKO62UbS6cEPoYvLuW7kUfeFKYSopQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/ 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
292c4b31226660d43c28401602552c41ee62725a14405471e49b069251908026
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
855
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140053
x-xss-protection
0
server
cafe
etag
1469350900164882112
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 10 Jan 2025 13:18:22 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 10 Feb 2024 13:32:37 GMT
date
Thu, 11 Jan 2024 13:32:37 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 18 Jan 2024 13:32:37 GMT
b
sb.scorecardresearch.com/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=16033947&ns__t=1704979957346&ns_c=UTF-8&c8=Trump%20barred%20from%20give%20closing%20argument%20in%20NYC%20civil%20fraud%20trial%20-%20Deseret%20News&c7=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&c9=
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-76.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
N_P7BF1ipWG2s9Y_Ib4kLRMUdDyvWX4fviWxf702gAkyVoUWBXAkWw==
x-cache
Miss from cloudfront
js
www.googletagmanager.com/gtag/ 		278 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YNRPD2MVFD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8194aa79ecf954eb2b1a9a19c7ed16d893ab737297f1c3ac58c662073c76aa4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93553
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 Jan 2024 13:32:37 GMT
p.js
cdn.parsely.com/keys/deseret.com/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/deseret.com/p.js?gtm_ver=3.1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-61-60.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
c94ebc505ac53cbcf1dd0aa14f8ddb99e063d1fbb6757cf37d7ea27e543c199b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
public
date
Thu, 11 Jan 2024 10:08:24 GMT
content-encoding
gzip
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 15:08:34 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
12359
etag
W/"641330f2-1154a"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
7A_7Bb0l1UehOS-D-e3jJrIYY4sqJRNF2HOxiR0N4Os1dZMRqvm4Rw==
expires
Fri, 12 Jan 2024 10:06:38 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 11 Jan 2024 11:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6260
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 11 Jan 2024 13:48:17 GMT
deseret-scripts.min.js
uploads.deseret.com/scripts/ 		305 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uploads.deseret.com/scripts/deseret-scripts.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1971 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ff28e2ad4b71d4e10bc872b1b79402455ad47907c3b3be54e631404ac8848b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 00:39:15 GMT
server
cloudflare
x-amz-request-id
MAG8WTMPV9HBWGQK
age
5466
etag
W/"1ab607976f78b9c16e26df25af97e34d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=14400
cf-ray
843d86dda8a23625-FRA
x-amz-id-2
2iSpV7AOUqEn7aGlVVyArLNk46g3Gtute+50aQYjeurwOia7PdGR340xLiJYKLq4xG4az32rdxU=
Asyncload.js
d1vg5xiq7qffdj.cloudfront.net/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1vg5xiq7qffdj.cloudfront.net/Asyncload.js?fpkey=120242&encsid=tf8ClPr38BM,&enccid=AFPv3kNG4Ik,&wsid=NDk5&trackingUrl=2PtuCvDuCGT5LwTmxa5wjl35YCAFpwehX6VzxWewIgs,
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:5a00:0:6f3c:65c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
72753bf20ed288ede24c8c12689fd3ec0aaaae976f5155d7b8d90eca316506b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 07:52:14 GMT
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
366022
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
last-modified
Thu, 11 Feb 2021 17:53:16 GMT
server
Microsoft-IIS/10.0
etag
W/"d8aa53c69e0d71:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
access-control-allow-headers
Content-Type
x-amz-cf-id
GTc3RaLpt74dobjz3wFWb6tszTu3vGuHVZB6tXBTgJ8qa4ABFjDj-w==
up_loader.1.1.0.js
js.adsrvr.org/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 05:33:53 GMT
Content-Encoding
gzip
Via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 Dec 2023 01:34:49 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
28725
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
KLSvpOFBXdCLdNV6N-k8p7VkIjWK7iaCdKnpWAz6Pj2zMcUioiBMnQ==
get
mv.outbrain.com/Multivac/api/ 		99 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&idx=0&rand=39592&widgetJSId=AR_1&va=true&et=true&format=html&px=250&py=3176&vpd=1976&cw=770&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010599&sig=2G91tR4M&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
96ad235708770c4198d6310ee0c1a2d1a372974558d1e4a97fb3b79bf25d7d7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Thu, 11 Jan 2024 13:32:38 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1704979958.513066,VS0,VE1034
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21939-LGA, cache-fra-eddf8230086-FRA
x-traceid
1850886a7ccf184a259cfab67468637f
accept-ranges
bytes
content-length
15590
expires
Thu, 01 Jan 1970 00:00:00 GMT
l
use.typekit.net/af/bb6c4e/00000000000000003b9b2cf8/27/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/bb6c4e/00000000000000003b9b2cf8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f0b2aa044e220b8f9ec02d387f0a408309d8563232656a8700338f293598e1e0

Request headers

Referer
https://use.typekit.net/qzq4qkv.css
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
server
nginx
etag
"3bd094436e8172ab61cda9f0fed997dd1ff37d39"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
38868
ot_guard_logo.svg
cookie-cdn.cookiepro.com/logos/static/ 		497 B
473 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/logos/static/ot_guard_logo.svg
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Jan 2024 13:32:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
3560
x-ms-lease-status
unlocked
last-modified
Mon, 08 Jan 2024 02:29:27 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
25b6784a-101e-007c-48e2-4116b2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
843d86de9deb03d0-FRA
expires
Fri, 12 Jan 2024 13:32:37 GMT
Deseret_News_black__yellow_period.png
cookie-cdn.cookiepro.com/logos/8becd7f7-c923-4cd4-814a-e08c34baf60b/f30e28ec-ac7f-485d-be7f-5a500147b9c2/e624791d-5e87-4bcb-904a-8e6799b3517c/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-cdn.cookiepro.com/logos/8becd7f7-c923-4cd4-814a-e08c34baf60b/f30e28ec-ac7f-485d-be7f-5a500147b9c2/e624791d-5e87-4bcb-904a-8e6799b3517c/Deseret_News_black__yellow_period.png
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
400364eacf69f0a75ce19dd956ae13093eae641137d6e0a076ee76a52c67eceb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Jan 2024 13:32:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
content-md5
vhY3W8TIWDCio7fmA/GntA==
age
57807
cf-polished
origSize=29642
content-length
15370
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Wed, 15 Feb 2023 16:11:09 GMT
server
cloudflare
etag
0x8DB0F6F3FFAA384
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
2b0248bc-e01e-009c-1006-14952b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
843d86deb884bb80-FRA
expires
Fri, 12 Jan 2024 13:32:37 GMT
poweredBy_cp_logo.svg
cookie-cdn.cookiepro.com/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-cdn.cookiepro.com/logos/static/poweredBy_cp_logo.svg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Jan 2024 13:32:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
uInNdQwuuw8s7lYl3cE7eQ==
age
24964
x-ms-lease-status
unlocked
last-modified
Mon, 08 Jan 2024 02:29:27 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ffd35a3c-e01e-000a-1699-429cfa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
843d86deb887bb80-FRA
expires
Fri, 12 Jan 2024 13:32:37 GMT
bootstrap
deseretnews.coral.coralproject.net/embed/ 		896 B
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://deseretnews.coral.coralproject.net/embed/bootstrap
Requested by
Host: deseretnews.coral.coralproject.net
URL: https://deseretnews.coral.coralproject.net/assets/js/embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.156.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.156.244.35.bc.googleusercontent.com
Software
/
Resource Hash
9969d346aaf23751a6f8ab6c0b4b12c09c62ec8c594cb126e876a189bffd56bd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-trace-id
e2ccb6f0-b085-11ee-a45a-c53f3eee8454
strict-transport-security
max-age=15552000
date
Thu, 11 Jan 2024 13:32:37 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
etag
W/"380-oSpSSYL6E83IFMZJ3l9SbVnyQr4"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-language
en-US
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
896
x-xss-protection
1; mode=block
ads
securepubads.g.doubleclick.net/gampad/ 		812 B
463 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3357698144144033&correlator=3734338108511644&eid=31080301%2C31079233&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&iu_parts=22653237939%2Cdeseret%2Cwww.deseret.com&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704979957619&lmt=1704979957&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&vis=1&psz=1600x3900&msz=1600x-1&fws=4&ohw=1600&ga_vid=474329189.1704979958&ga_sid=1704979958&ga_hid=1933433248&ga_fc=false&dlt=1704979955883&idt=1687&prev_scp=position%3Dwunderkind&cust_params=htlbidid%3D20646%26is_testing%3Dno%26is_home%3Dno%26category%3DUtah%26post_id%3D0000018c-f60e-df12-afff-f75e7d580000%26entry_group%3Dlatest%252Cfront-page%252Cpolice-courts%252Cpolitics%252Cu-s-world%252Cnews-feed-national%252Cutah%26entry_id%3DEntry%253Af1a5a50a-2b6b-461c-9bbb-3c2be6f63835%26entry_type%3Darticle%26page_type%3Dinterior_page%26hub_pages%3DPolitics%26author%3DEmma%2520Pitts%26keywords%3Djudge%2520revokes%2520permission%2520for%2520trump%2520to%2520give%2520closing%2520argument%2520in%2520nyc%2520civil%2520fraud%2520trial&adks=784395597&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbcda260836aeb509a6fbffe6ec0101fb3f488f447bd84e72469d4a5535982b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
433
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3357698144144033&correlator=4340767514080875&eid=31080301%2C31079233&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&iu_parts=22653237939%2Cdeseret%2Cwww.deseret.com%2Cutah%2Cpolitics&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704979957630&lmt=1704979957&adxs=0&adys=3226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=474329189.1704979958&ga_sid=1704979958&ga_hid=1933433248&ga_fc=false&dlt=1704979955883&idt=1687&prev_scp=position%3Darticle_video_recirculation&cust_params=htlbidid%3D20646%26is_testing%3Dno%26is_home%3Dno%26category%3DUtah%26post_id%3D0000018c-f60e-df12-afff-f75e7d580000%26entry_group%3Dlatest%252Cfront-page%252Cpolice-courts%252Cpolitics%252Cu-s-world%252Cnews-feed-national%252Cutah%26entry_id%3DEntry%253Af1a5a50a-2b6b-461c-9bbb-3c2be6f63835%26entry_type%3Darticle%26page_type%3Dinterior_page%26hub_pages%3DPolitics%26author%3DEmma%2520Pitts%26keywords%3Djudge%2520revokes%2520permission%2520for%2520trump%2520to%2520give%2520closing%2520argument%2520in%2520nyc%2520civil%2520fraud%2520trial&adks=1566044566&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c08fb910a4a36aba1781397a920cc83568ac400b6180bc3a425c450ca636d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12682
x-xss-protection
0
google-lineitem-id
6429747569
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138457362255
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DE8E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:37 GMT
expires
Fri, 10 Jan 2025 13:32:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
30787d05-7895-471e-9cdf-d931d7b5ea5d
config.aps.amazon-adsystem.com/configs/ 		564 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
653b367c322558cb2e60712a158f56c2929b62408a35ad4dfec09359c25b34b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:03:26 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
1751
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
8lEOZY4U7LzqnEuPGsEEctYC7I5qEdFjcp0n7Wb9OS_6e8U3xcYYww==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.deseret.com&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-110-17.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5ae4511cca9105f1d4a785b54345acc66ba7a06dd9352fa9b5b280475cb05d63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 10:43:07 GMT
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P5
age
10169
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1029
x-amz-cf-id
2r3Bi6Oyeze1sbqK5wgeDn-dhkRJZGs6LFDrrebP7bSQCQBn5zNBGA==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&pid=gbPPq1eknDBDz&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-1-gpt%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F22653237939%2Fdeseret%2Fwww.deseret.com%2Futah%2Fpolitics%22%7D%2C%7B%22sd%22%3A%22htlad-3-gpt%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22653237939%2Fdeseret%2Fwww.deseret.com%2Futah%2Fpolitics%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!hashtag-labs.com%2C1000000598%2C1%2C%2C%2C&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.138.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-138-185.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P4
x-amz-rid
Z4FR00MXX6RTJ78ZAAFC
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.deseret.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
b9vWoJFB05Z08x5CVftFd71P-D1a-RjzQTXPL_-QjORuKPL7BC2QaQ==
1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 		68 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=ed72d3fb7396
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.10.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 13:32:38 GMT
Last-Modified
Mon, 26 Oct 2020 16:52:19 GMT
Server
AmazonS3
x-amz-request-id
BS6X6D9MF2CABDE7
ETag
"91e42db1c66c0b276abf6234dc50b2eb"
Content-Type
image/png
Cache-Control
no-store
Accept-Ranges
bytes
Content-Length
68
x-amz-id-2
cqBE6qHdutVH1VeKLKbhQKWCDM3rOgSqa9dFPzgb0TtAS98a+vHGZBfx2E4zNa2MPqkFJLVySDQ9euraWoSx1A==
/
p1.parsely.com/plogger/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1704979957702&plid=f787beab-ce48-47c1-b9bc-e37e3700cc77&idsite=deseret.com&url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely%3Ametadata-detection%22%3A%7B%22version%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial%22%2C%22hash%22%3A1443905832%7D%7D&sid=1&surl=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&sref=&sts=1704979957689&slts=0&title=Trump+barred+from+give+closing+argument+in+NYC+civil+fraud+trial+-+Deseret+News&date=Thu+Jan+11+2024+14%3A32%3A37+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=4a314ef7-e6d2-4854-9498-9a62e7ed2319&u=pid%3D4bf51625-604e-41bb-a247-07030beaa7a6
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 13:32:37 GMT
Cache-Control
no-cache
Last-Modified
Thursday, 11-Jan-2024 13:32:37 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
newsletters.json
uploads.deseret.com/files/deseret-news/ 		23 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uploads.deseret.com/files/deseret-news/newsletters.json
Requested by
Host: uploads.deseret.com
URL: https://uploads.deseret.com/scripts/deseret-scripts.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1871 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
998566e29ab8c76df582b811323fd5645930797a51fd6c32e0b48cd443bab086

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sun, 01 Oct 2023 06:43:24 GMT
server
cloudflare
x-amz-request-id
BS6R3240E06X3X25
etag
W/"1a397e229fe8e9d8cf508bf21a1283b4"
x-amz-server-side-encryption
AES256
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cf-ray
843d86dffc3d5b32-FRA
x-amz-id-2
Ap+LrLFe9dpdUyEWe3mGranJA+F/9VbsR1H75dec8B/XEphWRyhFrSvO9hmcXflwR5KxzLJXIqQ=
ad-injection-config.json
uploads.deseret.com/files/deseret-news/ 		3 KB
747 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uploads.deseret.com/files/deseret-news/ad-injection-config.json
Requested by
Host: uploads.deseret.com
URL: https://uploads.deseret.com/scripts/deseret-scripts.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1871 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04a2016e7259df05d8a2674b190c10dea67900a6eb0890c5dc901b56b101fd5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 24 Nov 2022 02:32:54 GMT
server
cloudflare
x-amz-request-id
BS6J3KYGQQ29R5B5
etag
W/"4fec2a7334cbd80587bfe920d5d2d124"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cf-ray
843d86dffc405b32-FRA
x-amz-id-2
2BohwEzR4JzMsib88D3IimM7VEsQHlpvMzetADpgeogCB2GJS6cCP96uVF4jynUA4jx2r8Zsl7g=
fp2.min.js
d1vg5xiq7qffdj.cloudfront.net/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1vg5xiq7qffdj.cloudfront.net/fp2.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:5a00:0:6f3c:65c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 07:33:06 GMT
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
820635
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
last-modified
Tue, 04 Feb 2020 16:16:08 GMT
server
Microsoft-IIS/10.0
etag
W/"014506876dbd51:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
access-control-allow-headers
Content-Type
x-amz-cf-id
3P7J_hhFcOpWnIlNGSV19fQ-EfX5vo34y1izwzBSPULnnK_LXcPrwA==
rules-p-e6fjgk4FzErQ3.js
rules.quantcount.com/ 		160 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-e6fjgk4FzErQ3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2439d09276050789596af71728fc61f652e2c7a0d721b3d19e20b506118df1fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 12:36:04 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
3394
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:26:39 GMT
server
AmazonS3
etag
"338d64467334d314d195404751286c4f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
4UF6vWBRZQHSv-c0ifv6NCuyOPZDj40Q37fqtAr-yhScgHylw8g_Hw==
services.js
js.gumgum.com/ 		111 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gumgum.com/services.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7201e6bac53c0dcb98d30679555b61e86990a8696eee906c8b2b7fd0634c3ddf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
uounoWuidCJp_2BwJahZDET0gaHhvuMF
content-encoding
gzip
via
1.1 34f8e9435dea359238debf97e45feb10.cloudfront.net (CloudFront)
date
Thu, 11 Jan 2024 11:56:05 GMT
x-amz-cf-pop
FRA60-P6
age
5793
x-cache
Hit from cloudfront
x-amz-meta-access-control-allow-origin
*
last-modified
Tue, 14 Nov 2023 15:47:26 GMT
server
AmazonS3
x-amz-meta-timing-allow-origin
*
etag
W/"5b437f255f2a7ede44fb0cdbc06d9e39"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
uYWM5MGOpMaMVXI5kwWpzSox_zCGEqGuB6dC2IWHwZta6Yqois9Vjg==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		113 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
F40P0G8RVVD17ZVD
age
630
etag
W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
843d86e0bb959156-FRA
x-amz-id-2
Pc583mZeZ2P+YcLbSVrKPnKX0zmUHuuIKS8J5uQD4NKwLu0HWsV+GCUPvB4iBF8qFsDajy8VTfY=
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 69FD 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:11:08 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
3543689
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
J4tO4pPEqsw_NwcD88BefaaafvMlGRyXCb6OzuKSpH82RkYGvx2GyA==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 69FD 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:32:37 GMT
pixel;r=2076071561;source=gtm;rf=0;a=p-e6fjgk4FzErQ3;url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial;uht=2;fpan=...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2076071561;source=gtm;rf=0;a=p-e6fjgk4FzErQ3;url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial;uht=2;fpan=1;fpa=P0-1310109665-1704979957765;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=deseret.com;dst=1;et=1704979957978;tzo=-60;ogl=title.Judge%20revokes%20permission%20for%20Trump%20to%20give%20closing%20argument%20in%20NYC%20civil%20fraud%20t%2Curl.https%3A%2F%2Fwww%252Edeseret%252Ecom%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closin%2Cimage.https%3A%2F%2Fdeseret%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F838be18%2F2147483647%2Fstrip%2Ftrue%2Fcr%2Cimage%3Aurl.https%3A%2F%2Fdeseret%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F838be18%2F2147483647%2Fstrip%2Ftrue%2Fcr%2Cimage%3Awidth.1461%2Cimage%3Aheight.834%2Cimage%3Atype.image%2Fjpeg%2Cimage%3Aalt.Former%20President%20Donald%20Trump%20speaks%20after%20exiting%20the%20courtroom%20for%20a%20break%20at%20%2Cdescription.%E2%80%98Is%20anyone%20surprised%20anymore%252C%E2%80%99%20Trump%E2%80%99s%20attorney%20Alina%20Habba%20said%20regarding%20Judge%2Csite_name.Deseret%20News%2Ctype.article;ses=2ee449bc-fb2a-4528-a7e1-56c76d3c77f8;mdl=
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sam_benson.jpg
uploads.deseret.com/cdn-cgi/image/width=80,height=80,fit=cover,gravity=0.44x0.42/deseretnews/newsletters/2d9b266c5a62d55f/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads.deseret.com/cdn-cgi/image/width=80,height=80,fit=cover,gravity=0.44x0.42/deseretnews/newsletters/2d9b266c5a62d55f/sam_benson.jpg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1971 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29547ffb25c2912fc1fd7127e48bc045ed9dac17308af24a77500bb3c6113ac7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
2137
cf-resized
internal=ok/h q=0 n=6+0 c=2+6 v=2023.9.8 l=2137
last-modified
Wed, 23 Aug 2023 02:47:24 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfj9dd0Qivrw85HpIK6u7T7cMKDXdqOAGi6UK6Lw_yDQ:6a2ace582158cbbec181e8b8a103a982"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
843d86e1ad563625-FRA
priority
u=5;i,cf-chb=(173;u=5;i=?0)
api.js
challenges.cloudflare.com/turnstile/v0/b/c8377512/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=cf__reactTurnstileOnLoad&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/b/c8377512/api.js?onload=cf__reactTurnstileOnLoad&render=explicit
34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/c8377512/api.js?onload=cf__reactTurnstileOnLoad&render=explicit
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
850e587a96f9cad84206169720be046f289fa015e4b76b6ae79610c9d73c7eef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
843d86e2ca7f9183-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 11 Jan 2024 13:32:38 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/b/c8377512/api.js?onload=cf__reactTurnstileOnLoad&render=explicit
cache-control
max-age=300, public
cf-ray
843d86e248f19183-FRA
alt-svc
h3=":443"; ma=86400
view
securepubads.g.doubleclick.net/pcs/ Frame 69FD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUzTJVTLPR4OPetmjfyewdaQ2dAxlxa5BSwwauozW3CV29Sq3IorAs6hmHVGAO0B4Stss-mF35hpKEGl50tXQdEqkG35jaYnjG1JX406Dk_KGarJ618liQw_rfR9LG_ZoVp9WBRu1W_BN3IVBlPCj_EENsFX93fxMG9O9bfudoLcf2bcdxugMA_TDWBh4JeqoNUOVPnDaqBO7K-KQJDLUUmVSSgVoZrRqIomaBIMa5fD2nKpRKydkT59bTOdNWSwHCq8XF6MGK-VBL3iuVNi8s8X1X6-uBaE7FHFG1wn_XRTfKhFn0NUQ0JL_hZCE4YasMj1g1tgZPPXlRLr-norSY4oejHv8p1MSqmYZkpTDlltQkJZWMFO6d65DB&sai=AMfl-YRJ6Um4VgRZQrrL0YZdHVBHTSQtgmGo8lyxWIhb7a21ea41YumgFJ4qbk8gN7pjMz3fFzygBykstZyTU11hjdDIrZGy1CIhfhsBoR2n4PEZpJahrAVbZDVLCP7AykgipMg_0sPhNgeTh8tbbiGiMco&sig=Cg0ArKJSzGdT9D7n4bOzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jan 2024 13:32:38 GMT
embed.js
embedcdn.sendtonews.com/easy-stn-player/7.29.5-Z/
Redirect Chain
  • https://embed.sendtonews.com/player3/embedcode.js?fk=DXzBc7p4&cid=9773&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
  • https://embedcdn.sendtonews.com/easy-stn-player/7.29.5-Z/embed.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embedcdn.sendtonews.com/easy-stn-player/7.29.5-Z/embed.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Server
108.138.26.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-63.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a17ae6bc886c2c22c1e22c582d2f7e847265e816459994e967766e35093c9786

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:26 GMT
x-amz-version-id
UNEIrSotSHXmYZnBYS0O7zol60O0xXtW
content-encoding
br
last-modified
Tue, 09 Jan 2024 18:02:12 GMT
server
AmazonS3
via
1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"0d06f2f0ba0b32754b33fcdb0a31b468"
age
13
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
LwhM71gHOS8X-9HHbTUiX1bfio5EcRPH2XCku7Ywsro18lxXytjKTg==

Redirect headers

date
Thu, 11 Jan 2024 13:32:38 GMT
via
1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
FunctionGeneratedResponse from cloudfront
location
https://embedcdn.sendtonews.com/easy-stn-player/7.29.5-Z/embed.js
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
DqrbQVO_9_UXFO4hF0G2lvTkO5cA1UBpBN_Xi-NysaG5KCuUjGFCrg==
truncated
/ Frame 69FD 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5c5b350418be584122397d04f348fa5735a376d38a7ec875a267fde565dbba8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 69FD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHA7NwH3JTir2fReqGNkGUNtoOw2BQ6XK7IBODyEkuQYPQ4ytOuW-e9-yc6fA2YTtp6XU30qTdQ9InTG1ZYxBQlcOXRqxifABaIWSFciHdE2YjJUZlpnhWKzfcdoqmhR2dTEqtlxMXv3ZWg70rvRaVUnM-91cFkS1SMx_v4l7Zyy1cyKWCw90oq--lV3GhqdZZZ9oZ_zIj7i82OaxZiViijLrR2EeWMquS5DJrtItS-Ph8wFIE0IL2ItHzmgfenPRcDw7DcpWFWUw0my02l8a0-4nyd58sMqz6OAQXTsQ441DhhUpPV6nB0E8qLOBHdRv45sGTN6VQJ1a22IzEI6u6oMJgcZ210W0RfzvyWD8xt_7Hxw8mnADuT-Skj7o&sai=AMfl-YRlyuaEHPd0UgxEv0k1nrOYM8GgVct9UwAMQ-Gq8liNpGpd0FAEtgBuvGqd-QjdDJWpkdPJ5Z1Cdm6_RikRwEKxorL64ZmUmZ3hHiyX7u-AUqN8LC0WNUgiPNSyfaUisP5xBTyRXv1EZHC5uB74_UI&sig=Cg0ArKJSzH6rCbtdcf6lEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jan 2024 13:32:38 GMT
879342afa7247ea0a9aad29404dd6c8b386337f743ca76618df0
restrainstorm.com/submit/ 		303 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://restrainstorm.com/submit/879342afa7247ea0a9aad29404dd6c8b386337f743ca76618df0
Requested by
Host: restrainstorm.com
URL: https://restrainstorm.com/v2ghq4H8pSqsSE5TvCRMeg19JrcNjnOdwdTO_2xu06qvex-mky4fUPQk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7a38::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
fb963f606e9332dc0135d41b0769ef60751afe0357fbef8f8926c4b6efc73ff8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 11 Jan 2024 13:32:38 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
303
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.deseret.com
x-hostname
fen-hoothoot-europe-west1-06pp
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Thu, 11 Jan 2024 13:32:37 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YNRPD2MVFD&gtm=45je4180v9100733662z871931159&_p=1704979956551&gcs=G100&gcd=11p1p1l1l5&dma_cps=sypham&dma=1&gdid=dYWJhMj&cid=474329189.1704979958&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704979957&sct=1&seg=0&dl=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&dt=Trump%20barred%20from%20give%20closing%20argument%20in%20NYC%20civil%20fraud%20trial%20-%20Deseret%20News&en=page_view&_fv=1&_ss=2&ep.content_id=23797535&ep.content_type=article&ep.author_name=Emma%20Pitts&ep.published_date=2024-01-10%2020%3A06&ep.last_time_updated=2024-01-10%2020%3A06&ep.tags=www.deseret.com%3Awww.deseret.com%3Alatest%3Afront-page%3Apolice-courts%3Apolitics%3Au-s-world%3Anews-feed-national%3Autah&epn.story_word_count=531&ep.hidden_tags=&ep.hour_of_publish=20&ep.hour_of_update=20&ep.site_language=en&ep.page_theme=light&ep.author_id=00000186-0a35-decc-af97-8b3f05800001&ep.acquistion_date=2024-01-11&ep.userid=2fa2e402-bf72-4da3-8d88-9fb8a368d0c1&ep.site_version=release-2023.12.20&ep.hit_timestamp=1704979955&ep.primary_category=Politics&tfd=3031
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YNRPD2MVFD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1933433248&t=pageview&_s=1&dl=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&ul=en-us&de=UTF-8&dt=Trump%20barred%20from%20give%20closing%20argument%20in%20NYC%20civil%20fraud%20trial%20-%20Deseret%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCgACAABFAAAAAAAIk~&cid=474329189.1704979958&tid=UA-25484401-1&_gid=922766671.1704979958&gtm=45He4180n71W9QHGHv71931159&cd1=23797535&cd2=article&cd4=Emma%20Pitts&cd5=2024-01-10%2020%3A06&cd8=2024-01-10%2020%3A06&cd11=deseret&cd12=deseret&cd20=www.deseret.com%3Awww.deseret.com%3Alatest%3Afront-page%3Apolice-courts%3Apolitics%3Au-s-world%3Anews-feed-national%3Autah&cd22=dated&cd53=531&cd55=Politics&gcs=G100&gcd=11p1p1l1l5&dma_cps=sypham&dma=1&z=1450465687
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 01:51:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
42051
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/crp28/0x4AAAAAAAA2pgcWAmjzIY_M/auto/ Frame CB11 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/crp28/0x4AAAAAAAA2pgcWAmjzIY_M/auto/normal
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
843d86e3cba93718-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:38 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
92806d2f71fc4794eac5f99a8fe7f138c835060528bc871ff6b9
restrainstorm.com/ 		3 B
29 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://restrainstorm.com/92806d2f71fc4794eac5f99a8fe7f138c835060528bc871ff6b9
Requested by
Host: restrainstorm.com
URL: https://restrainstorm.com/v2ghq4H8pSqsSE5TvCRMeg19JrcNjnOdwdTO_2xu06qvex-mky4fUPQk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7a38::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 11 Jan 2024 13:32:38 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.deseret.com
x-hostname
fen-hoothoot-europe-west1-06pp
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Thu, 11 Jan 2024 13:32:37 GMT
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/7.29.5-Z/ 		684 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.26.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-63.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
769657ed5b1cbb514cb65e29be0742b3479af5816541609308966ed1c511e917

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:13 GMT
x-amz-version-id
q.MN4mcn2zGXSlEIMC7ww6xcBb_L81RV
content-encoding
br
last-modified
Tue, 09 Jan 2024 18:02:13 GMT
server
AmazonS3
age
26
x-amz-cf-pop
FRA56-P7
etag
W/"640f38c97d7139e471ddb9acda4d063a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
FqS69BZkVHrV5-Ktpe0YP4rf5BnTqMdwp2XMPWw1Wc5SxmbrjL07Ww==
ads
securepubads.g.doubleclick.net/gampad/ 		115 KB
44 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3357698144144033&correlator=2919790484840309&eid=31080301%2C31079233&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&iu_parts=22653237939%2Cdeseret%2Cwww.deseret.com%2Cutah%2Cpolitics&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x250%2C300x250%7C300x600&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D4b0742be3c1d7fc0%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_Mbs4rw_CKJhjAJvo6h35at8qhUi2Q&gpic=UID%3D00000d3f76510e2f%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_MavKhLTXflWEFLNeuE1r7_8Dk1UXA&abxe=1&dt=1704979958438&lmt=1704979958&adxs=315%2C1050&adys=295%2C779&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=3%7C4&oid=2&tos=~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&vis=1&psz=970x0%7C300x0&msz=970x0%7C300x0&fws=4%2C4&ohw=1600%2C300&psts=AOrYGskCSXEhVSXkd9XPTFZueOExjbrWbHW9QtkvfPBZ6CVrBsnW2AoLPfQ2Ps6raZh5a4wx6NtOqSr426IXg2ty-4KwVHSI2CbDogngUBQ6Nw%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=474329189.1704979958&ga_sid=1704979958&ga_hid=1933433248&ga_fc=false&dlt=1704979955883&idt=1687&prev_scp=position%3Ddesktop_leaderboard_variable%7Cposition%3Dmedium_rectangle_variable_article%26pos%3Dright&cust_params=htlbidid%3D20646%26is_testing%3Dno%26is_home%3Dno%26category%3DUtah%26post_id%3D0000018c-f60e-df12-afff-f75e7d580000%26entry_group%3Dlatest%252Cfront-page%252Cpolice-courts%252Cpolitics%252Cu-s-world%252Cnews-feed-national%252Cutah%26entry_id%3DEntry%253Af1a5a50a-2b6b-461c-9bbb-3c2be6f63835%26entry_type%3Darticle%26page_type%3Dinterior_page%26hub_pages%3DPolitics%26author%3DEmma%2520Pitts%26keywords%3Djudge%2520revokes%2520permission%2520for%2520trump%2520to%2520give%2520closing%2520argument%2520in%2520nyc%2520civil%2520fraud%2520trial&adks=2795228261%2C2639951260&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2f09e431b6ef8f992bad9473ab180eb81560fb1f5dcb16b14621abff65e5d6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45488
x-xss-protection
0
google-lineitem-id
-1,6360185272
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138442988005
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 10 Feb 2024 13:32:38 GMT
date
Thu, 11 Jan 2024 13:32:38 GMT
last-modified
Tue, 05 Dec 2023 07:28:21 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=e96c5340154df1fef1ee3b1eb8b9c202_214965_1704979957593&tm=1380&eT=0&widgetWidth=770&widgetHeight=35&widgetX=250&widgetY=3624&wRV=2010599&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=1211&oo=true&lo=1890&obreq=1756&mvreq=2104&mvres=3315&cet=4g&to=1704979955266&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 13:32:39 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
625265d3d154807f711f687a4f017af2
Content-Length
6
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=b548aceb0a55482660ad1e517934caa4_214965_1704979957712&tm=1389&eT=0&widgetWidth=764&widgetHeight=578&widgetX=253&widgetY=3671&wRV=2010599&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=1890&obreq=1756&mvreq=2104&mvres=3324&re=3327&cet=4g&cs=5&to=1704979955266&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 13:32:39 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
5639a2435ddb1f20797aaeb6bbbe189c
Content-Length
6
clip.js
widgets.outbrain.com/nanoWidget/2010599/module/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2010599/module/clip.js?e=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
61a9edae0f9dab3007c0b61f6e9ce733aa2ff81164a248cf830a714ddd04ff53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Thu, 11 Jan 2024 13:32:38 GMT
content-encoding
gzip
content-length
708
last-modified
Thu, 11 Jan 2024 11:48:17 GMT
server
AkamaiNetStorage
etag
"91b64571a1f294b3e2f476c997635eb6:1704976340.759456"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Thu, 18 Jan 2024 13:32:38 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=809f6e7d70e69ca58605def8ac7b8b07_214965_1704979957946&tm=1396&eT=0&widgetWidth=764&widgetHeight=578&widgetX=253&widgetY=4273&wRV=2010599&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=1890&obreq=1756&mvreq=2104&mvres=3324&re=3335&cet=4g&cs=5&to=1704979955266&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 13:32:39 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
c6fec12c19f3645d6a940d3edcbd0a7d
Content-Length
6
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=0f3952c3b88214006f62bac1b959b7b5_214965_1704979958103&tm=1399&eT=0&widgetWidth=764&widgetHeight=578&widgetX=253&widgetY=4875&wRV=2010599&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=1890&obreq=1756&mvreq=2104&mvres=3324&re=3338&cet=4g&cs=5&to=1704979955266&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 13:32:39 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
e7b8d6c01becdf6ac7e1252e2a565230
Content-Length
6
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=cad1145c25d34fcc465e1449fe0f78e7_214965_1704979958347&tm=1401&eT=0&widgetWidth=764&widgetHeight=578&widgetX=253&widgetY=5477&wRV=2010599&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=1890&obreq=1756&mvreq=2104&mvres=3324&re=3340&cet=4g&cs=5&to=1704979955266&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 13:32:39 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
0a0a284166a480ddaa5732e32d7f9b75
Content-Length
6
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=8fd166d1aadeee09ed33a831ef2237c1_214965_1704979958440&tm=1404&eT=0&widgetWidth=764&widgetHeight=371&widgetX=253&widgetY=6079&wRV=2010599&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=1890&obreq=1756&mvreq=2104&mvres=3324&re=3342&cet=4g&cs=5&to=1704979955266&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 13:32:39 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
5d899d374bc1bade19ee12a9f6b5eba1
Content-Length
6
ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 10 Feb 2024 13:32:38 GMT
date
Thu, 11 Jan 2024 13:32:38 GMT
last-modified
Tue, 05 Dec 2023 07:28:21 GMT
server
AkamaiNetStorage
etag
"b79638966e0374c455e78107aee59bf4:1701762092.299136"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
7647
access-control-request-headers
X-OB-STG,X-OB-PRD
eyJpdSI6ImRlMGQ3OWFlNjEyYmI1MjBmNjNhOWIwMGNmNTQ1OTRjYmFmNzFjNmJjYjU1YWI1NmU5NmEzNzUxMDdiZTQ3NTIiLCJ3Ijo2MDAsImgiOjQwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRlMGQ3OWFlNjEyYmI1MjBmNjNhOWIwMGNmNTQ1OTRjYmFmNzFjNmJjYjU1YWI1NmU5NmEzNzUxMDdiZTQ3NTIiLCJ3Ijo2MDAsImgiOjQwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.233.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-233-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
last-modified
Thu, 12 Oct 2023 05:42:03 GMT
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=374763
access-control-allow-credentials
false
x-traceid
bb72880836b382f2cab957b21ed32406
timing-allow-origin
*, *
content-length
642302
187621-164323601241456.js
js-sec.indexww.com/ht/p/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 11 Jan 2024 13:30:31 GMT
server
cloudflare
age
14
etag
W/"9057cc-856b-60eab8d36e585"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
843d86e62db144fe-TXL
expires
Thu, 11 Jan 2024 17:32:38 GMT
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
85976c05de46ce57ed5573e315c75d3377b11c946683a4ee81d6092a59032f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 Jan 2024 13:32:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 11:49:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Jan 2024 13:32:38 GMT
icon
fonts.googleapis.com/ 		569 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 Jan 2024 13:32:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 13:32:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Jan 2024 13:32:38 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5230571
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4023
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FLSA5H3sCLNn8sSQ3MnO8uVOQH7eaRQ4k%2BTnc0y3zWlEpOxznlScHFMDpdqZMEZkGkh3oog%2FBHKNLNXbzmwgT4RkKNHr38KTAtROLb2u6TkNy0EqF5k1jJL8m%2F3YVVXKQS8Ka2TaF%2FRUhrd8zOk%2Budc"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
843d86e67c139202-FRA
expires
Tue, 31 Dec 2024 13:32:38 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame 9A52 		53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2397164
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20502
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9%2BtsNKOiUunEJ2M1owzPUu0LjgnE%2BhZe2f%2FXiEq8POy%2F%2FNuTFu7IuAe8RHo65e4lWNVFEwA8pDJRq7%2BwtmKS0ar0DKh37Yd6XsG1NwtQ4I7Ayq041CaDVtKEXriWmqDDtNh%2BRPlsQQXq%2BEpXhZ0LReS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
843d86e67c169202-FRA
expires
Tue, 31 Dec 2024 13:32:38 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Thu, 11 Jan 2024 13:32:38 GMT
prebid.js
embed.sendtonews.com/library/prebid/8.6.0/ Frame 9A52 		443 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.26.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-63.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3e6adbda65d2903f09a41c14896d338479636be883f23fd9c22cfdecdadcd26

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
i3B_jjvrdw.lF4dn27SHtSate1_g8CWu
content-encoding
gzip
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
date
Thu, 11 Jan 2024 08:59:29 GMT
last-modified
Wed, 29 Nov 2023 21:48:59 GMT
server
AmazonS3
age
49316
x-amz-cf-pop
FRA56-P7
etag
W/"4b9ce2a8c4f2b111ada55ff0f82ba870"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
6jyjP0pkYrWTvM-6zI0etYVZ3Pr-VGKIhTmpWqzKbRzvDk5mjUSc-g==
ppid.js
cdn-ima.33across.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ppid.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ff9ab9217afbaacb4ccd2a48d03c83161ba8126c0a1ffea3598b2946817880

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:46 GMT
server
cloudflare
age
62831
etag
W/"65833eca-2947"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
843d86e66c634541-TXL
expires
Sun, 14 Jan 2024 13:32:38 GMT
comScore.gt.min.js
embed.sendtonews.com/library/streamsense/6.3.4.190424/ Frame 9A52 		335 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.26.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-63.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
..7XtSbDM3xjP8tWp7l1eb4E8v7z8_OL
content-encoding
gzip
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
date
Thu, 11 Jan 2024 05:18:08 GMT
last-modified
Thu, 13 Apr 2023 16:36:13 GMT
server
AmazonS3
age
29671
x-amz-cf-pop
FRA56-P7
etag
W/"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
cZAl1O50KoON0lWilBc51K_CArj6G7FrmsAVTYUTzFJtXrWwni8QeQ==
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:37:08 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
75331
etag
"cb93bb50e5d021cc38de445a672c18a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1094
x-amz-cf-id
d1an3ccwQ9zpPTSFzhpF3k4kluyIwlJZpXDELuDHNKrfZ3G7pADh4g==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		322 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 17:04:28 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
73691
etag
"311cf2edc46e82f2a6911332b7db54e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
322
x-amz-cf-id
wgE5ETRZDUFy9ZcC8AkTS2KlSkqgA_yFJgFFTu_DrOTs6bDHYXNdvg==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 14:18:08 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
83672
etag
"8be584e844dabfe22970a0cb943c047e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
832
x-amz-cf-id
u4fE1cF5n_yC_OdnaRHhzxe0nG3HRQXypLWT1TMask6Xdyw2PTpKDQ==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:37:08 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
75331
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
773
x-amz-cf-id
khj9w6wmeNxsl3NdUuYmowmTdcMfWTOup8x-j9XF6kgkZjYW2_0zhA==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 9A52 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-110-17.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:13:22 GMT
content-encoding
gzip
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront), 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P5
age
1157
x-amz-server-side-encryption
AES256
etag
W/"d6937d02acbbf691a008906e9d0617e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
uwTcfwTeHBbaw-Gz6GIaJjxYRMT1A94swQCF3wRKjRNJ0vdOIncB6g==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=klGSJ7kVemkmgute&instance=733147&version=7.29.5-Z&age=240111&cmd=PRE_INIT&key=DXzBc7p4&seq=1&order=1&vIndex=0&absoluteTime=3434.4&relativeTime=0.2&canonical=https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&EXTREF=https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&REF=https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.68.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-68-173.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:39 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/ 		42 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=klGSJ7kVemkmgute&instance=733147&version=7.29.5-Z&age=240111&ESG_key=DXzBc7p4&type=FULL&EXTREF=https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&REF=https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.26.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-63.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
ccbc178ef65d63d799889051c0ff77970e2d9cb0b64befbcc2056de0b692572e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
content-encoding
gzip
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
FRA56-P7
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
alt-svc
h3=":443"; ma=86400
content-length
8496
x-amz-cf-id
djMCzWSKpRVibkbR9i9ZnEVaw7PKabbvRr85jzryQQuAfED4mzw23A==
expires
Thu, 11 Jan 2024 13:32:39 GMT
eyJpdSI6IjNlNjI1N2FmZDg0YTNkZTQ3ZGZjMjVhZjY2MzRjZmI2YjMwMjE3MmU4ZWZjN2I5MTY0ZjFkYmRhZWNkMzBiNGIiLCJ3Ijo2MDAsImgiOjQwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjNlNjI1N2FmZDg0YTNkZTQ3ZGZjMjVhZjY2MzRjZmI2YjMwMjE3MmU4ZWZjN2I5MTY0ZjFkYmRhZWNkMzBiNGIiLCJ3Ijo2MDAsImgiOjQwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.233.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-233-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6547ba08705ae158059937825bcc38dddaebc8f48af354e8e570fafbe70fa926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
last-modified
Mon, 27 Nov 2023 14:55:31 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=783914
access-control-allow-credentials
false
x-traceid
eef6502dd5dedc29e97101cb2d1afc91
timing-allow-origin
*, *
content-length
9782
eyJpdSI6ImRlMGQ3OWFlNjEyYmI1MjBmNjNhOWIwMGNmNTQ1OTRjYmFmNzFjNmJjYjU1YWI1NmU5NmEzNzUxMDdiZTQ3NTIiLCJ3Ijo2MDAsImgiOjQwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		627 KB
628 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRlMGQ3OWFlNjEyYmI1MjBmNjNhOWIwMGNmNTQ1OTRjYmFmNzFjNmJjYjU1YWI1NmU5NmEzNzUxMDdiZTQ3NTIiLCJ3Ijo2MDAsImgiOjQwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.233.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-233-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
be006d80a99b5528054b3db1558fc7326c5d2139c890d4216a293ec1a996b9a6

Request headers

Referer
https://www.deseret.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
last-modified
Thu, 12 Oct 2023 05:42:03 GMT
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-642301/642302
cache-control
max-age=374763
access-control-allow-credentials
false
x-traceid
bb72880836b382f2cab957b21ed32406
timing-allow-origin
*, *
Content-Length
642302
lnktrk.js
www.mirabelanalytics.com/mmwap/ 		67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mirabelanalytics.com/mmwap/lnktrk.js
Requested by
Host: d1vg5xiq7qffdj.cloudfront.net
URL: https://d1vg5xiq7qffdj.cloudfront.net/Asyncload.js?fpkey=120242&encsid=tf8ClPr38BM,&enccid=AFPv3kNG4Ik,&wsid=NDk5&trackingUrl=2PtuCvDuCGT5LwTmxa5wjl35YCAFpwehX6VzxWewIgs,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.20.119.232 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-20-119-232.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b52608eb90130f261d38507f7445e73f9c54fde9b481d23f1987bafd1ed5090a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 13:32:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Mar 2020 04:35:00 GMT
Server
nginx
ETag
W/"5e7d8274-10d63"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
JsResourse.ashx
app.mirabelsmarketingmanager.com/fpv2/fps/ 		52 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.mirabelsmarketingmanager.com/fpv2/fps/JsResourse.ashx?encsid=tf8ClPr38BM,&enccid=AFPv3kNG4Ik,&fpid=020c4699-78d0-4dcc-be37-f766ea6ac05d&trackingUrl=2PtuCvDuCGT5LwTmxa5wjl35YCAFpwehX6VzxWewIgs,
Requested by
Host: d1vg5xiq7qffdj.cloudfront.net
URL: https://d1vg5xiq7qffdj.cloudfront.net/Asyncload.js?fpkey=120242&encsid=tf8ClPr38BM,&enccid=AFPv3kNG4Ik,&wsid=NDk5&trackingUrl=2PtuCvDuCGT5LwTmxa5wjl35YCAFpwehX6VzxWewIgs,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.12.68.237 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-12-68-237.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0251289d2acf9ce1c07d69193df8c2ea279d5c9a057bcd4704b8ede0567384c0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
cache-control
private
access-control-allow-headers
Content-Type
content-length
53608
fetchdata
api.emailsnow.info/ 		68 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.emailsnow.info/fetchdata?ref=&cid=AFPv3kNG4Ik%2C&wid=tf8ClPr38BM%2C&trackurl=2PtuCvDuCGT5LwTmxa5wjl35YCAFpwehX6VzxWewIgs%2C&uuid=94959f7c-22a8-4068-9c11-3bd7792c15c3&msg=asyncload&pageurl=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.58.98.49 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-58-98-49.us-east-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
cef4f8291e3a04c0285761f4bce1be1ba267090ce3078367eaab21653a48319b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 11 Jan 2024 13:32:39 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
Express
Content-Length
68
Content-Type
image/png
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 9A52 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-110-17.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
date
Thu, 11 Jan 2024 09:18:55 GMT
x-amz-cf-pop
FRA56-P5
age
15224
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
KqeROVG9PSbNy9pS130bLz8Qy-ewYLoG9bh4mPbO-gQtWvFPmoRpJw==
identity
api.rlcdn.com/api/ 		44 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.deseret.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
id.sv.rkdms.com/identity/ 		72 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.deseret.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.99.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-99-162.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
6851edc0fca6eb99fa5fa083c37055fb96b62567bcd4730305e755e4cc0ab82a

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.deseret.com
date
Thu, 11 Jan 2024 13:32:39 GMT
access-control-allow-credentials
true
server
awselb/2.0
content-length
72
vary
Accept-Encoding
content-type
application/json
rid
match.adsrvr.org/track/ 		63 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
1e8748e6b61572fabe24423cbff6af4e6c67775288ac09f4ba351f41d71d8c42

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 10 Feb 2024 13:32:38 GMT
ppid
lexicon.33across.com/v1/ 		49 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ppid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
config.aps.amazon-adsystem.com/configs/ Frame 9A52 		564 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
d2288c575a997b8e3c506f2d9d6ee20a12c9592d66a98404f58100369797c939

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 12:58:37 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2041
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
mwyL0_wHZ-aXZrUC-buPPMcdf7vUujrc8bscIhXBEfCaxEZbI45rHQ==
config
c.amazon-adsystem.com/cdn/prod/ Frame 9A52 		1006 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.deseret.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-110-17.fra56.r.cloudfront.net
Software
Server /
Resource Hash
fd8e6d26ae464a400f3c77955c4d426cec2d159f514c30ff72f9155f6e606a15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:38 GMT
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1006
x-amz-cf-id
QC3MGXm28sn_BKraq9SNjgk7FHXnPl29lv9WWRVXFdatjDLW9zf1bQ==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=klGSJ7kVemkmgute&instance=214733147&version=7.29.5-Z&age=240111&cmd=GET&key=DXzBc7p4&c_id=9773&seq=1&order=2&vIndex=0&absoluteTime=3642.9&relativeTime=208.7&canonical=https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&EXTREF=https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&REF=https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&playerCfg=FL&playerType=FLOAT&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.68.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-68-173.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:39 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
0_7.29.4.js
player.sendtonews.com/bidderFiles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0_7.29.4.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-100.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1496e19cbae1f57865ce25d8d72caadd2195fabb9d9f19d18a10849c370371e1

Request headers

Referer
https://embed.sendtonews.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
2miqZZojvdExFC3PxaxRBVo7Q1zv7LHP
content-encoding
gzip
via
1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront), 1.1 765a91ad9951d0108fc1de53e348bac4.cloudfront.net (CloudFront)
date
Thu, 11 Jan 2024 11:36:20 GMT
x-amz-cf-pop
FRA56-P7, FRA60-P5
age
6980
x-cache
Hit from cloudfront
last-modified
Tue, 19 Dec 2023 00:53:14 GMT
server
AmazonS3
etag
W/"51b151e3905514740fdc9f430b3c6d1b"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id
smEb9ORp0d1PO24vBHY5NQFHkqgyl797MjLf0vrtcIrLLCojxfWw7g==
ygq51i8fst4rcd55mcx1vdw1k0scvxvn.png
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		240 KB
241 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ygq51i8fst4rcd55mcx1vdw1k0scvxvn.png
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
629cdf78e2bf67f7b63b1d2b9b73ff5078c52e48af5f50f8823819e53042f6a7

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 14:36:28 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
82572
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
245606
last-modified
Wed, 10 Jan 2024 14:25:15 GMT
server
AmazonS3
etag
"44c87dd04491a2f5c2e16a1b9ed67983"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
evGUoRV3GAcFxm4gGcL2uS7ibr1AfQ1nMB79y_VxFZemBvOa_R0eKg==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=klGSJ7kVemkmgute&instance=214733147&version=7.29.5-Z&age=240111&cmd=RTP&key=DXzBc7p4&c_id=9773&seq=1&order=3&vIndex=0&absoluteTime=3647.1&relativeTime=212.9&sC_ID=14571&sm_id=3303689&load=1&status=LVFNSNIY&ac_id=2008&EXTREF=https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&REF=https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&playerCfg=FL&playerType=FLOAT&DS=found&eg.enabled=false&eg.delay=15&eg.ctdwn=5&eg.vl=30&eg.mid=rm&eg.source=p6&eg.time=false
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.68.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-68-173.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:39 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:42:39 GMT
x-content-type-options
nosniff
age
24600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 06:42:39 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:59:49 GMT
x-content-type-options
nosniff
age
189170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 08:59:49 GMT
qovg623c7gv1flec21zf4gyqw70al4ky.png
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		258 KB
259 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/qovg623c7gv1flec21zf4gyqw70al4ky.png
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa6e94acb00215b8da920da7fbf9f18b00d1ae97184dbaf4a4e37b4c87938459

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 14:52:44 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
81596
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
264061
last-modified
Tue, 09 Jan 2024 14:45:11 GMT
server
AmazonS3
etag
"757193f3616b41e3572188dc0d99ebf0"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
4RepdhAlYMy8LtxKn22RaJ9CFE-av_YTtaXbhu8ygBVWUD_Dpg3BOQ==
aqp2dxa9tcymjrmgbfrpqsl5wfx8daf7.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/aqp2dxa9tcymjrmgbfrpqsl5wfx8daf7.jpg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d75c1ccca03452171a4a1228fcd5b26df8dea67439e85cb5ba3b2e7c84dc9dcc

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 17:39:56 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
71564
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
30240
last-modified
Wed, 10 Jan 2024 17:23:37 GMT
server
AmazonS3
etag
"508f5f264a4e94429289c77398bf63f7"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
YBhmBbqSvB-6-B8UaWnYLHXbfdb3G0uRbTT1Ntx4cK3pBYkhg9Q1Mw==
32360231181374769659ea900c0cfa2.37141390playlist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 		307 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/32360231181374769659ea900c0cfa2.37141390playlist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a476972d8bfd0c31d4e4dfc6886d6083aab91dfe744de364c1fc93978e8ad793

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 14:39:58 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
82362
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
307
last-modified
Wed, 10 Jan 2024 14:26:49 GMT
server
AmazonS3
etag
"901fb81489fbe41110594b1f1f6f8575"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
wKzDc6MQ0aHUe-CASRJ5VfAgKtiH6-sVufwvHIUf_YcreKGQHOg3MA==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=klGSJ7kVemkmgute&instance=214733147&version=7.29.5-Z&age=240111&cmd=IMA&key=DXzBc7p4&c_id=9773&seq=1&order=4&vIndex=0&absoluteTime=3730.7&relativeTime=296.5&EXTREF=https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&REF=https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&playerCfg=FL&recoveryMethod=NONE&imaVersion=3.609.1&blocked=false&recovered=false&hasAdParams=true&imaAttempt=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.68.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-68-173.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:39 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
bridge3.609.1_en.html
imasdk.googleapis.com/js/core/ Frame 5CBD 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
254375
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245986
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Jan 2024 14:53:04 GMT
expires
Tue, 07 Jan 2025 14:53:04 GMT
last-modified
Mon, 18 Dec 2023 19:42:36 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 13:32:39 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5D83 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 12:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 11 Jan 2024 13:53:11 GMT
ads
pubads.g.doubleclick.net/gampad/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C22653237939%2Fdeseretnews-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2631244&plcmt=2&vid=3303689&us_privacy=false&cust_params=sessionKey%3D214733147-klGSJ7kVemkmgute%26schain%3Dstnvideo.com%2CSTN_0000735%26content%3D14571%26placementType%3DPremium%26embed%3DDXzBc7p4%26domain%3Ddeseret.com%26player_size%3Dsmall%26player_width%3D770%26player_height%3D433%26player_type%3Dfloat%26smartmatch%3Dno%26version%3D7.29.5-Z%26player_status%3DLVFNSNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00505%26rand%3D4%26uhr%3D14%26us_privacy%3Dfalse%26keywchk%3Dtrump
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
549e563419bcc1947e3f4676dcc2d0f0d9a079fecd796a3a5d0dc8006143e8c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
981
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 48CC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:37 GMT
expires
Fri, 10 Jan 2025 13:32:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 7F4F 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:11:08 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
3543691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
O3FafxQHTd5n_hNAbZ1d4SV8B6oiXhpVaF3m8DwMkwNcjXEDNZ07ag==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7F4F 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:32:39 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 9A52 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:39 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 11 Jan 2024 13:47:39 GMT
hadron.js
cdn.hadronid.net/ Frame 9A52 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&ref=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&_it=amazon&partner_id=694
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:39 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CC8G5F16RM7B26
age
1621
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
843d86ea0b2d1c2e-FRA
x-amz-id-2
HXRUR8HjAo6USwQLdtHY+PYQf8tGuqDCh/+7XnINsX6lV9HyCEeo0/fdHmm/D8O2xprGCoT8y84=
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
ab90132e45888410d7ca1b5b647a9d40eff08c262b97edf1d7b6354e34680551
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
https://www.deseret.com
date
Thu, 11 Jan 2024 13:32:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
32360231181374769659ea900c0cfa2.37141390.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		347 B
926 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/32360231181374769659ea900c0cfa2.37141390.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f928e3c53fd579926f3c8bf4473084a5b67d9e08bb33bf3de87fa1bfd944c863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 14:39:59 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
82361
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
347
last-modified
Wed, 10 Jan 2024 14:26:48 GMT
server
AmazonS3
etag
"daa09498ba0e97afcaa693729edb5e2e"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
AF4J9jwmNmjx8wiNwLSPQZDyLk8Vf7BKRPfOHr5ZFxS0T9l7_Z3dlw==
bl-250cc79-98ebe0b5.js
tagan.adlightning.com/deseretdigital/ Frame 48CC 		77 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-250cc79-98ebe0b5.js
Requested by
Host: 46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com
URL: https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ee4feaf7d7d9ebbdc924f9d70e67a34ba1fc00f48051151f66f747d5846ea54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:06:43 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
_wF20aOmHzwNDMjUSSAIr0qQSsAff7iP
x-amz-cf-pop
FRA60-P4
age
77157
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33407
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 15:18:08 GMT
server
AmazonS3
etag
"2d8e8f851c043de1e7d50af54fbb1b1c"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
MvwyT4XYn3Oqj83X3FlWq0UA38LlGafIuOing9TPmaQmLcoiNcMM-Q==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 48CC 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: 46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com
URL: https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:11:08 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
3543691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
wj0fbd6LWDYbD-GF1mrSoyOlOTMcImSA4dN16SOkhL6En1UdjfXixQ==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 48CC 		42 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CgM-FuV-1Fxo_LP7GSFe8p24t6Kd9S5zb8_m4_Tt0-YwgrOGUB6IZnM8v1LnwGWPYxnFPiTFpyCZIYB5tpbHq_krMb7KA5Xx0zNyUCZrse3eJ_I-w
Requested by
Host: 46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com
URL: https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 48CC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com
URL: https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 07:44:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
20910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 07:44:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 48CC 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com
URL: https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:06:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
51992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:06:07 GMT
l
www.google.com/ads/measurement/ Frame 48CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQB_PtvjGXZGXHfpyHJv7n4pB7PF-Qw1Fo_BK39WbsZ1EfL1M3Sl241qyT5aber2886Mwg2
Requested by
Host: 46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com
URL: https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 48CC 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com
URL: https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:32:39 GMT
32360231181374769659ea900c0cfa2.37141390-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		519 KB
520 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/32360231181374769659ea900c0cfa2.37141390-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f1d7a8d874d9620f5c3d094cc8874b372d085546e46a9d5b5e48fb750e0ea59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 14:40:00 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
82360
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
531664
last-modified
Wed, 10 Jan 2024 14:26:36 GMT
server
AmazonS3
etag
"492daa4eff9924621c4aea19533121f1"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
K7nPZYGxFPa6hvIk2yrSgNwcy2RADiRzh0u7QnM9fFUT4wTDI8YkcA==
view
securepubads.g.doubleclick.net/pcs/ Frame 7F4F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvM2AwBg_ZgPKwPnJXdws34bHuqnLfl2HMx5EM01Gb-B9SwEMOetazBkRObfgaspt57A1--WcsWWoNkwDHdj7fC_w5-LpuiP_PP5AeYfYo4GE_dkroLGjyiAsgli8zpF476Ksh8ZZ5h7ITnA5ZHTzEFU1weU6aTXjk__f5r3KMOvlwuAUnPTBuvpDT4gqNhWdV6vvQJZoVFfV0Db4wcm2EPbAV0mT6moqMjWUKt3Pp2h-iasJiXARQFPeGyR4rTX6ZJy-e-xRkXYdwRgcCGnjtdsil8TViNoDh9XfdMqY7q0PrCRJCZNEZjJ8JNHiMaK6QrnfY-rmIlAXP78z1ZsnlXPumjdno1leR0NnT-MWv9ej0sNTOu1bAPBXX_Bd9ii_ZzJktuHPEKmDcVLVkgWpKMbjbUMw&sai=AMfl-YSr9Em7y93teRkBIMGxNh8CWJcO90qX4lvh60zYus5wm7QW2F07AMWWcqi4WuT7M3pZ8SkPK-npXiO9P66k6rcNy_Jzze-gsx76tAUHkrbUY98oxpX4S8imFAwkCA&sig=Cg0ArKJSzFFojFRP8W3oEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
smb-dispAd_300x250_single.js
saambaa.com/widget/gpt/300x250/assets/ Frame 7F4F 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
6bc5dd6f10419ca9cb3c62306501ceed08a23c1a65ec8e47804b221c37edaf83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:36 GMT
content-encoding
gzip
last-modified
Thu, 07 Dec 2023 00:03:36 GMT
server
Microsoft-IIS/8.5
etag
"0fcf4d2a028da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
12607
truncated
/ Frame 7F4F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ba5a3c632e847397757ee221ccb105c46e6ae84e06a4c2c6412d39f20513059

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.deseret.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.deseret.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 11 Jan 2024 13:32:39 GMT
hb
hb.undertone.com/ Frame 9A52 		0
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3590&domain=deseret.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-35.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:39 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.deseret.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
hi1w90wOH4q1YAiYNZKASKiRR-98yhfEZvRhbUo2d4kTR80c3vjdVg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 9A52 		138 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
05538211898904261ad3f287b6828176ee887139de3290dde48b9660ace9940d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:39 GMT
an-x-request-uuid
7c2bae1a-715e-47b7-8c44-d22da7c332cb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.108; 80.255.7.108; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ Frame 9A52 		19 B
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.6.0&referrer=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tmax=3000
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.30.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-30-2.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:39 GMT
accept-ch
sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua
x-auction-status
16
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 9A52 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Thu, 11 Jan 2024 13:32:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 9A52 		173 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
fbb22ef8eebf981424d05fe5c6ebf0ba79922ef57bf3a9347b8c410a0f30658e

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.6.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
Expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 9A52 		11 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Thu, 11 Jan 2024 13:32:39 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
pbjs
htlb.casalemedia.com/openrtb/ Frame 9A52 		37 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=438214
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b234a16b484ec2981e8f24f3f4a30c066539c3daa948a23b964868033217fc09

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYgLhSkcf1USrZBzwMgjOvownxejUdzThPffTtpUOUG8GOnIYSREO2kxaM16VTz9bDpl0jPzGPeuJBhFDYIm5i0YRLqLXJxRGTetQVippLBqRoSSANeIuniuL1xo4bYFb3ZfhDqN"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
843d86ec0ebaaca9-TXL
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
bid
aax.amazon-adsystem.com/e/dtb/ Frame 9A52 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&pid=UKpeHv1LOaqbj&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!stnvideo.com%2CSTN_0000735%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.138.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-138-185.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:39 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P4
x-amz-rid
7F250BS8CWWA86S0T1PY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.deseret.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
6l_4ZPiCioEX0KDAlBCEoSTKfHYhMUmzlExCeWePCBG5qXQw1mezQw==
lnktrk.php
www.mirabelanalytics.com/mmwap/ 		43 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mirabelanalytics.com/mmwap/lnktrk.php?action_name=Trump%20barred%20from%20give%20closing%20argument%20in%20NYC%20civil%20fraud%20trial%20-%20Deseret%20News&idsite=499&rec=1&r=235607&h=14&m=32&s=39&url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&_id=823a8e797f296906&_idts=1704979960&_idvc=1&_idn=0&_refts=0&_viewts=1704979960&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&cvar=%7B%221%22%3A%5B%22__fp_uuid%22%2C%2294959f7c-22a8-4068-9c11-3bd7792c15c3%22%5D%7D&_cvar=%7B%224%22%3A%5B%22ftype%22%2C%2294959f7c-22a8-4068-9c11-3bd7792c15c3%22%5D%7D&gt_ms=362&pv_id=mJOTx4
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.20.119.232 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-20-119-232.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 13:32:39 GMT
Cache-Control
no-store
Content-Encoding
none
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
v3
id5-sync.com/gm/ 		319 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
0a6be191a5569423993f2182b8a894733eb1c13804e0265773f5eca799d2e05b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Thu, 11 Jan 2024 13:32:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
hadron.json
id.hadron.ad.gt/v1/ Frame 9A52 		96 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=694&sync=0&domain=www.deseret.com&url=https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&ref=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&_it=amazon&partner_id=694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c77ff32582eb944231be1a9996a4e1d4472908643c1188c35b8e63a2832cf011

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 13:32:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
843d86edcf45bbf1-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=694&sync=0&domain=www.deseret.com&url=https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.deseret.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
843d86ecee41bbf1-FRA
content-length
0
content-type
application/json
date
Thu, 11 Jan 2024 13:32:39 GMT
debug
OPTIONS block
expires
Fri, 10 Jan 2025 13:32:39 GMT
server
cloudflare
pixel
googleads.g.doubleclick.net/xbbe/ Frame C76E 		0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhiTi5n0ATAB&v=APEucNXYO5GDZdCoVmqGHIm9PlCSl4gxp9wEJ9rAaT3FNWTkVse11HY0xOyPtPgHKskSqQ21hsj9on43DOmR4rkOt_dZtbii_A
Requested by
Host: 46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com
URL: https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 48CC 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 00:01:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
48679
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 00:01:21 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 48CC 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 00:01:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
48680
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 00:01:20 GMT
view
ad.doubleclick.net/pcs/ Frame 48CC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsscf4Jzkb_NKxSjTfEdTRZ2CE5R8PZnv9TGnbwek1LSAXyN7m--a1Uf5iGb5ZW9cuecBLAdm4FRgC_B0fRuZNPnjsy4k8IWmd4k9iR-baW5lufJ3OOmrwkX13HwuNpkC8jXQehzR8h1L8KUKwiO5OATbT58MD9dp_VuHY43ntbCRGJjH_q0v4zrPwkf6V5oUodGJzF9idMs0nYZ_8Ii8wza1c6fpFv4l4SSfwBgBMimE_onibgnnsTuVsNUkUNIjVg4gUjz4BVeuhhFd6WlmW_AzywiCIaRUilsr3Hf6sUCbXo9KGQiq7-Jj5EKep9R8jrnVZ_5TzMn3Ten4AmbvXOCA7c5knBBV5SXDjTkffxqU6fRqWon59GLhKVg4LCymJINDTLLSr5F18QiFXNS8UXqwgxIqhmE8r2Onk3wESIwc6InwU2NE8xlSSj_pBZ7XXx4qWj9EbSpG2iXDuXofN1tdgLXlviOd5BRrsj4DXVdl3h0iBUoyVuIJjLCApWuR3EtMtsETsHO0PSRF6h7zMl46my2J1AOzFVhWXMPuu8MeUXvuwuyfkg-zz-kH1BAN_YIo-tOOhMI3UJeYqRInqKWWDwhCzzhOP-zNsZoP7A8dET-osOcuEl1rSAWlzzdTk3iv3SyhcvoOwqsWw56GLYdq91k6hig7UcTomzlcZdZxOhhaKxDy_jGtjtNf2eIAemalgi33-A-OG-iUzE-70j0CiFZJzS4qKwyGS1Iag-Sc5yfejtRNCkPFiTFVqs-u5wfWQ_3niEWSSgSYIvhGpnn9rOb_i9avSK6t4E6zmMFkfmlp4H9L3vyHhsGxnQJDfqDSYOHNBiC7XE8FJzt0a4qLL8oj5uJSIExty-5cys9t5yRzldkYphVXFGV_qvfznsdnkMwiNlKAoLQBvzsgONsRJ5v8YQvVIkHD3M77ynOzuUYi4NVJGwo77gyRGD8cXK7pbcXnLq93M_hI4Mwk8na9GHmZDMgsp2Bu9CdV8BQLYRMvKS4sZlDmg_ZH8-DhXeZcHbuNifL1mN4Rt3HCZ_9hlrTvMldA7fsweNYpIKabr-dNKRkleKkDPhC30z0fKra6JYPzFUCOnqN7TZlegAV5xazvOQJ7RFuz_A4M3S47j3P0gsm4idg4fkpDhY50ZO_on4quJ6BvZafxiiAMR9knTpg43JRy46mSWz5awj9IeeZQBxOi1dmz2MX66XF5cFsc1PWu1N710S3HIGd731jETuEyIsIuv_t_dXOJzq4FPOWrAaF-0bvN7UJXkJoB2DUzGpInqn5vP9mYBSSIyQMiCc3DW1doZA4erQIgkapjJmtRvgULtUNlqUQAQ8M0wORpqEihnXASflg7W-sVvaNiA2NHb5ZGctHfxlbsb_1rRTfvkCYl68ef_3dk3hT_3rNRi69otddumMD4855HJftEwnzLmw9G4bN-8lZ2wtJvZrmfQlkWhHWtKkjXjYARmBWc9926Dlh7aczpstFwxRqk9r33Lu2nQ&sai=AMfl-YQIv89amqFni3jqGW_Nh8z0cI0B8yJK9p5B40A_h86_c979yHI9JQ4GqxPUzeKR1yW4mobtk1iyhfnRhc3werDVUdqjZgQTbOuuWL0UPTj8Lo4B5X0i0DGV1PVJFOhcObZKa147Dh_ZsiOUYSctugffSFjrg46-_IWdT-O_hk1tPgRrFticDAaApk8fkXeeYzStpb6QHupSF_XOg5_H9B6XhOq6qPdt2WNQV_PdNbY7QSFWekMtq5kIQpAXAv8WYMVg9kfojzMJr2uvqYArsl3jQZ3PyztZm3lxY6AQn6RbdeeEGXald3gj5YGMGGaZdSHv1IW7juf2dnT5JJm6Rc1Tj581zBqCQ8U9fEHnZbB106tyCpcEXm81EBY_1z9q7UBu50yRPCzWbXp7J7ZditDHRdUwT9LdX6IJFN6jJzGhUg3NnA&sig=Cg0ArKJSzBjO6jrFmxWlEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldG9yby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240109.45011&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 11 Jan 2024 13:32:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 48CC 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
171804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 13:49:16 GMT
17923339239959655070
s0.2mdn.net/simgad/ Frame 48CC 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17923339239959655070
Requested by
Host: 46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com
URL: https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
404dee41a85b8b1947fb898339c079c42f3a33ec89d1879636bc2f6ddd0482af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 04 Jan 2025 21:13:32 GMT
date
Fri, 05 Jan 2024 21:13:32 GMT
x-content-type-options
nosniff
age
490748
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80776
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 14:24:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=klGSJ7kVemkmgute&instance=214733147&version=7.29.5-Z&age=240111&ldt=BIDS&key=DXzBc7p4&c_id=9773&seq=1&order=5&vIndex=0&absoluteTime=4759.5&relativeTime=1325.3&sm_id=3303689&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=14571&load=1&status=LVFNLNIY&ac_id=2008&bidIndex=1&prebid.cid=0&prebid.bidders.undertone.time=436.8&prebid.bidders.appnexus.time=289.7&prebid.bidders.triplelift.time=288.2&prebid.bidders.pubmatic.time=293.2&prebid.bidders.rubicon.time=289.7&prebid.bidders.unruly.time=424.5&prebid.bidders.ix.time=292.3&prebid.start=4320.9&prebid.time=437.4&prebid.timeout=3000&adIndex=-1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.68.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-68-173.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:40 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
truncated
/ Frame 48CC 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6927fa049d3b1421c68ba743653d6dbcf4556f17cf0a0467ea67f106611e536c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
ads
pubads.g.doubleclick.net/gampad/ Frame 5CBD 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fdeseretnews-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214733147-klGSJ7kVemkmgute%26schain%3Dstnvideo.com%2CSTN_0000735%26content%3D14571%26placementType%3DPremium%26embed%3DDXzBc7p4%26domain%3Ddeseret.com%26player_size%3Dlarge%26player_width%3D770%26player_height%3D433%26player_type%3Dfloat%26smartmatch%3Dno%26version%3D7.29.5-Z%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00505%26rand%3D2%26uhr%3D14%26us_privacy%3Dfalse%26keywchk%3Dtrump&url=https%3A%2F%2Fwww.deseret.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=250000&vrid=1263268&us_privacy=false&hl=en&cmsid=2631244&plcmt=2&vconp=2&video_doc_id=3303689&vpa=auto&vpmute=1&cnc=22653237939&kfa=0&tfcd=0&sdkv=h.3.609.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&sdki=445&ptt=20&adk=3391914360&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&sid=00A86D67-7268-4170-80F2-566A2D347F45&nel=0&eid=44736293%2C44772139%2C44777649%2C44781409%2C44804291&top=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&loc=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&dlt=1704979955883&idt=3525&dt=1704979960092&cookie=ID%3D4b0742be3c1d7fc0%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_Mbs4rw_CKJhjAJvo6h35at8qhUi2Q&gpic=UID%3D00000d3f76510e2f%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_MavKhLTXflWEFLNeuE1r7_8Dk1UXA&correlator=4086191769482692&scor=391665498987674&ged=ve4_td4_tt0_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:40 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
32360231181374769659ea900c0cfa2.37141390.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		347 B
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/32360231181374769659ea900c0cfa2.37141390.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0235a432875e1486bdd643c49e0272b6e94df13ac7cec7ea269a0634afd2099f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 14:40:01 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
82360
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
347
last-modified
Wed, 10 Jan 2024 14:26:48 GMT
server
AmazonS3
etag
"3054cd5d1f90bbc7732a07efc368341f"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
lpXZYT0qEiqTqdJVVT0kqZFDiy8VrEhVxaQMOHzvorSvuRJRYe-3Yw==
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 528E 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
169921
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 14:20:39 GMT
expires
Wed, 08 Jan 2025 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
694
a.ad.gt/api/v1/u/matches/ Frame 9A52 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/694?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&ref=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&_it=amazon&partner_id=694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f15fcceb995f21bd3b51233147c6eaab83022b27090116c8eb835a67eae3fc94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 11 Jan 2024 13:31:33 GMT
server
cloudflare
age
67
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
843d86f03e6971b9-FRA
view
ad.doubleclick.net/pcs/ Frame 48CC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsscf4Jzkb_NKxSjTfEdTRZ2CE5R8PZnv9TGnbwek1LSAXyN7m--a1Uf5iGb5ZW9cuecBLAdm4FRgC_B0fRuZNPnjsy4k8IWmd4k9iR-baW5lufJ3OOmrwkX13HwuNpkC8jXQehzR8h1L8KUKwiO5OATbT58MD9dp_VuHY43ntbCRGJjH_q0v4zrPwkf6V5oUodGJzF9idMs0nYZ_8Ii8wza1c6fpFv4l4SSfwBgBMimE_onibgnnsTuVsNUkUNIjVg4gUjz4BVeuhhFd6WlmW_AzywiCIaRUilsr3Hf6sUCbXo9KGQiq7-Jj5EKep9R8jrnVZ_5TzMn3Ten4AmbvXOCA7c5knBBV5SXDjTkffxqU6fRqWon59GLhKVg4LCymJINDTLLSr5F18QiFXNS8UXqwgxIqhmE8r2Onk3wESIwc6InwU2NE8xlSSj_pBZ7XXx4qWj9EbSpG2iXDuXofN1tdgLXlviOd5BRrsj4DXVdl3h0iBUoyVuIJjLCApWuR3EtMtsETsHO0PSRF6h7zMl46my2J1AOzFVhWXMPuu8MeUXvuwuyfkg-zz-kH1BAN_YIo-tOOhMI3UJeYqRInqKWWDwhCzzhOP-zNsZoP7A8dET-osOcuEl1rSAWlzzdTk3iv3SyhcvoOwqsWw56GLYdq91k6hig7UcTomzlcZdZxOhhaKxDy_jGtjtNf2eIAemalgi33-A-OG-iUzE-70j0CiFZJzS4qKwyGS1Iag-Sc5yfejtRNCkPFiTFVqs-u5wfWQ_3niEWSSgSYIvhGpnn9rOb_i9avSK6t4E6zmMFkfmlp4H9L3vyHhsGxnQJDfqDSYOHNBiC7XE8FJzt0a4qLL8oj5uJSIExty-5cys9t5yRzldkYphVXFGV_qvfznsdnkMwiNlKAoLQBvzsgONsRJ5v8YQvVIkHD3M77ynOzuUYi4NVJGwo77gyRGD8cXK7pbcXnLq93M_hI4Mwk8na9GHmZDMgsp2Bu9CdV8BQLYRMvKS4sZlDmg_ZH8-DhXeZcHbuNifL1mN4Rt3HCZ_9hlrTvMldA7fsweNYpIKabr-dNKRkleKkDPhC30z0fKra6JYPzFUCOnqN7TZlegAV5xazvOQJ7RFuz_A4M3S47j3P0gsm4idg4fkpDhY50ZO_on4quJ6BvZafxiiAMR9knTpg43JRy46mSWz5awj9IeeZQBxOi1dmz2MX66XF5cFsc1PWu1N710S3HIGd731jETuEyIsIuv_t_dXOJzq4FPOWrAaF-0bvN7UJXkJoB2DUzGpInqn5vP9mYBSSIyQMiCc3DW1doZA4erQIgkapjJmtRvgULtUNlqUQAQ8M0wORpqEihnXASflg7W-sVvaNiA2NHb5ZGctHfxlbsb_1rRTfvkCYl68ef_3dk3hT_3rNRi69otddumMD4855HJftEwnzLmw9G4bN-8lZ2wtJvZrmfQlkWhHWtKkjXjYARmBWc9926Dlh7aczpstFwxRqk9r33Lu2nQ&sai=AMfl-YQIv89amqFni3jqGW_Nh8z0cI0B8yJK9p5B40A_h86_c979yHI9JQ4GqxPUzeKR1yW4mobtk1iyhfnRhc3werDVUdqjZgQTbOuuWL0UPTj8Lo4B5X0i0DGV1PVJFOhcObZKa147Dh_ZsiOUYSctugffSFjrg46-_IWdT-O_hk1tPgRrFticDAaApk8fkXeeYzStpb6QHupSF_XOg5_H9B6XhOq6qPdt2WNQV_PdNbY7QSFWekMtq5kIQpAXAv8WYMVg9kfojzMJr2uvqYArsl3jQZ3PyztZm3lxY6AQn6RbdeeEGXald3gj5YGMGGaZdSHv1IW7juf2dnT5JJm6Rc1Tj581zBqCQ8U9fEHnZbB106tyCpcEXm81EBY_1z9q7UBu50yRPCzWbXp7J7ZditDHRdUwT9LdX6IJFN6jJzGhUg3NnA&sig=Cg0ArKJSzBjO6jrFmxWlEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldG9yby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=125&vt=11&dtpt=123&dett=2&cstd=0&cisv=r20240109.45011&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 528E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 09:51:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
13241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 09:51:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 528E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BrlQm9u2fZe6oHpmO7_UPvry60A4AAAAAOAHgBAI&bg=!xMelx4jNAAaumcC-jpk7ADQBe5WfOHRLqgntARmvJHNMcM4YOOjE1AFiFDmw3tIe520IHI41idqSogBnoHF58ZFrNydPAgAAAGRSAAAAA2gBB5kDDnaXL5KC-JzWz0_w7mNYVzkjFQsDns64V_mHMA_ByMwRGAhHv5fhnStlNObJIk-Ye54dHnErW_SyGAWem7wdoC68zLT7pBWGIQ9srVu-mnLHprHFERi1zoeVNVpSnojNjpp0vckYBRh0UxW10VWMulJzo0IUt40uRYK19ZfZVAP9_23Hu8sedOG4YyOML6aJsAMnjYIEt6N6MQ5N5sDzhEXsq5DDRtbN43QgyIZwdQFknO0bJEeGHGw-kD8DvXPYdp29g6PRQllVnYtzy2SgOFmG7mU2xlCvc0STkPxI08tVqam0guTA46fdFY6zad4rywST1-jUW05XY_DQhERJR-JJkKDdATUGN2B7A_qP9t3t97_6Sr0ApWmOCCOVYEkcX3zLekTO9dffwaRBtzvkEFJyAeScyVpfhPavp4h9cf20XVijHOzDSFozQhn9Jvu1-sMBG3mRDMPC1bN_XGGvg7swJxYou6xfzrxpDCclOceC463cpHQtvk8BynO5RyGvajjMiqvLg-QT3Ku-GRZVfn14PFzg96fdiWXiXIse58SPcbczHsCsecjT9A9EFkNxkRD0UIHTiEHIcfn3koJ3Obid2FqtW1GJ21KyusNeiXvJhkYnwzeguX7j1-G47t-QftGejn2H3ggVDFkdbEBbpFjzYgHIn7-Nzvjl5uu-d0_C18pONPFDpJ-8CSEAR2HjM00rpxOuMlYc2SoQ85lgFawUd7Sewz39trmgEGeQ7pRfCQLwvGdvXvAHdUSqGKmYhWNzA6QtEOK3RT-O1AOIZUeQtfWEH0ibPRIf85Aqv8JTwET3uChCiigf3LhuaRMGDyzUXqWTa27V58GGpOjvXh1aUr6dDnRN5DJ-RYz7Ch_vLJ0T7yivhMWetMhLH6tu4WjwqPyxZWbXoMFQ6FmJvHxuh7DhZwHBqNQDP6dAgrAK134l--WeO5nGDMzGNmmsHh_HSgur6y81IIY15uki2U0TTjk-WfUEUEH2A4JpQwC1a97AHIHWrO6-UMzFCMKvrFVmdYzGoM4NbUGBoyfO
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 7F4F 		6 KB
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 Jan 2024 13:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 12:36:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Jan 2024 13:32:40 GMT
smb-dispVidAd_300x250.css
cdn.saambaa.com/widget/gpt/300x250/assets/ Frame 7F4F 		11 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.saambaa.com/widget/gpt/300x250/assets/smb-dispVidAd_300x250.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA2) /
Resource Hash
3b9c1cc05afebe36aaca5962ba895806b4d4439677ad000009879d5914f78b0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 11 Jan 2024 13:32:40 GMT
last-modified
Mon, 18 Sep 2023 20:48:47 GMT
server
ECAcc (frc/4CA2)
content-md5
0bBaQj7FrpCe29IeWoHQGg==
age
589461
etag
0x8DBB888A7C6D6DA
x-cache
HIT
content-type
text/css
x-ms-request-id
4722a4a3-701e-0061-5a36-3fa9dd000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
11666
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161763/8209/ Frame 7F4F 		233 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161763/8209/pwt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
00df4c71abce5525e275be8f94ee32a07ffbeea94226e8096bbb432e3928e8b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:40 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 01:09:13 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=38112
accept-ranges
bytes
content-length
78875
expires
Fri, 12 Jan 2024 00:07:52 GMT
0
api.saambaa.com/properties/widgetconfig/300x250/partner/deseret.com/platform/ Frame 7F4F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/properties/widgetconfig/300x250/partner/deseret.com/platform/0?callback=__smbcfgldr300x250250475
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
79e5b8e2b0df08368c09d142a09c363acfd72c462d011ab6052680363300f7e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:35 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
content-length
1526
vary
Accept-Encoding
content-type
application/javascript
ga4mp.umd.min.js
cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ Frame 7F4F 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b647edf1597f3427578fc09d41be48660f2388e92022eb0693975efd38acda0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6856
x-jsd-version
0.0.8
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"231b-bu7prZXfHly9j0HIF61RLekhwNc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuruxgGj9SIjU8i9vpfc%2FPtW%2FEFEqrl3U4s1IstOToaOXEhtX4tt1EOJw10tRsDK32svXdpu4pV1O1R7VG8NE9i85Xm4S7q64SgdoD6mb0tWutyTGyRybhD8YOEG36UVK1ox8juT0gSPEyjcWRY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
843d86f15a061c8b-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7F4F 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
075a4ff009dfd00746970507771335399665c783cfaa7e3ed1a785fe154860cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29329
x-xss-protection
0
server
cafe
etag
81 / 19733 / m202401030101 / config-hash: 1407827963928654873
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:32:40 GMT
saambaa_prebid.js
cdn.saambaa.com/assets/js/ Frame 7F4F 		344 KB
344 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.saambaa.com/assets/js/saambaa_prebid.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D02) /
Resource Hash
8db5740ee1b4996b2c0e7003cbd48645f9b3a01d7d2f7b5e4eaf11e291432c29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 11 Jan 2024 13:32:40 GMT
last-modified
Tue, 19 Dec 2023 01:14:20 GMT
server
ECAcc (frc/4D02)
content-md5
PPKhQe87zDBStTpHG0OOBA==
age
215835
etag
0x8DC002FD4189E9D
x-cache
HIT
content-type
text/javascript
x-ms-request-id
457f4dbd-701e-00c0-429c-426746000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
351990
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ Frame 7F4F 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13401719
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 13:32:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2023 16:20:24 GMT
Server
nginx
ETag
W/"64c7df48-22bf"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Thu, 11 Jan 2024 14:32:40 GMT
csi
csi.gstatic.com/ Frame 5CBD 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lr991ob3&c=7200322596148&slotId=3600161298074&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:81b::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=klGSJ7kVemkmgute&instance=214733147&version=7.29.5-Z&age=240111&ldt=NO_IMP&key=DXzBc7p4&c_id=9773&seq=1&order=6&vIndex=0&absoluteTime=5153.9&relativeTime=1719.7&sm_id=3303689&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=14571&load=1&status=LVFNLNIY&ac_id=2008&adIndex=-1&DS=found&prebidABS=G&prebidABC=[[1,%22control_mod_del%22],[1,%22bidder_mod%22,%220_mod%22],[1,%22bidder_del%22,%220_del%22]]&eg.enabled=false&eg.delay=15&eg.ctdwn=5&eg.vl=30&eg.mid=rm&eg.source=p6&eg.time=false
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.68.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-68-173.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:40 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
p
sb.scorecardresearch.com/ Frame 9A52 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1704979958917&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=27990&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=3303689&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1704979960421&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1504&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Deseret%20Recirc%20RSS&c3=sendtonews&c4=News&c6=*null&c7=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&c8=&c9=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-76.fra56.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:40 GMT
via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
lg4OsAt-uCa7OIA7O7Jky5v_Wna4zI4KHVjZj0BclfJIi3_8me_Rfg==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=klGSJ7kVemkmgute&instance=214733147&version=7.29.5-Z&age=240111&cmd=INV&key=DXzBc7p4&c_id=9773&seq=1&order=7&vIndex=0&absoluteTime=5160.1&relativeTime=1725.9&alt=0&sC_ID=14571&sm_id=3303689&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&REF=https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&playerCfg=FL&playerType=FLOAT
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.68.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-68-173.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:40 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=klGSJ7kVemkmgute&instance=214733147&version=7.29.5-Z&age=240111&cmd=PLAY&key=DXzBc7p4&c_id=9773&seq=1&order=8&vIndex=0&absoluteTime=5160.6&relativeTime=1726.4&alt=0&sC_ID=14571&sm_id=3303689&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&REF=https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&playerCfg=FL&playerType=FLOAT&pposition=float&floattype=s
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.68.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-68-173.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:40 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
csi
csi.gstatic.com/ Frame 5CBD 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lr991p41&c=7200322596148&slotId=3600161298074&ghmsh_eids=44736293%2C44772139%2C44777649%2C44781409%2C44804291
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:81b::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/ Frame 7F4F 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
292c4b31226660d43c28401602552c41ee62725a14405471e49b069251908026
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
858
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140053
x-xss-protection
0
server
cafe
etag
1469350900164882112
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 10 Jan 2025 13:18:22 GMT
quant.js
secure.quantserve.com/ Frame 7F4F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:40 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 18 Jan 2024 13:32:40 GMT
op.js
tagan.adlightning.com/saambaa-deseret/ Frame 7F4F 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/op.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
adf2a36c4c7fa138ab5bf38e689008bb84b9cccfeb212a5bc727ea5219f82dcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
.ntzEBohSvJGkUETq4ZZrrdL0HKygYJl
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
date
Thu, 11 Jan 2024 13:32:40 GMT
x-amz-cf-pop
FRA60-P4
age
7
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
7146
x-amz-meta-git_commit
d6435a4
last-modified
Wed, 10 Jan 2024 15:18:09 GMT
server
AmazonS3
etag
"996f271b3adb9f32eaeb61c2ada6fb9f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
clpf5fNJj7cZUaMX4EIyfSjPMwlgUuh2JSzDwzAE22QVkQ4rN3f5UA==
0
api.saambaa.com/post/storyboard/16846/market/ Frame 7F4F 		1 KB
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/post/storyboard/16846/market/0
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
139b5bbf6aaa835413c9de4f77fac25469a9ea4976e4dbda20b29bd0e63eef81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.deseret.com
access-control-allow-credentials
true
content-length
593
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 7F4F 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6200089548495652
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
497072e2582b04989a37eea01c697ce1add067414886d2bb81933b257cb3a242
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51718
x-xss-protection
0
server
cafe
etag
13289000666383893413
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 11 Jan 2024 13:32:40 GMT
logo-saambaa.png
saambaa.com/assets/image/ Frame 7F4F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/assets/image/logo-saambaa.png
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:37 GMT
last-modified
Mon, 02 Oct 2017 20:10:35 GMT
server
Microsoft-IIS/8.5
etag
"22c03482ba3bd31:0"
x-powered-by
ASP.NET
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
2412
truncated
/ Frame 7F4F 		690 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
www.google-analytics.com/g/ Frame 7F4F 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z61F9RX0DE&cid=518121936.1704979960&_npa=1&_s=1&sid=1704979960&sct=1&dl=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&dr=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&dt=&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=0&uap=&uapv=&uaw=0&seg=1&en=smb_300x250_desktop
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ Frame 7F4F 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-00RBY6GBVT&cid=240972562.1704979960&_npa=1&_s=1&sid=1704979960&sct=1&dl=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&dr=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&dt=&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=0&uap=&uapv=&uaw=0&seg=1&ep.pv_widget_type=300x250_desktop&cn=300x250_desktop&en=page_view
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-TWKb6gH_3MnFX.js
rules.quantcount.com/ Frame 7F4F 		160 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-TWKb6gH_3MnFX.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:19:38 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
841
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:10:08 GMT
server
AmazonS3
etag
"60b74b47b16486dd7914c1bc3fe2b29f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
FPQ78rB9ZCSq9x8PIJIMY92kDXqrR7XMiJ0ZoXa1BWv42o5W94Jr0g==
b-d6435a4-e8081c48.js
tagan.adlightning.com/saambaa-deseret/ Frame 7F4F 		79 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbec7e88311e23ca6604fdc4dc242d79f68860de276d4bb846b64ff310ec9b18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 23:33:49 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
X5ILD3._lZN2ce9.Buto.oRFyfoksHBJ
x-amz-cf-pop
FRA60-P4
age
2296732
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29477
x-amz-meta-git_commit
d6435a4
last-modified
Fri, 15 Dec 2023 23:33:24 GMT
server
AmazonS3
etag
"e4ab17739c2289a272b486a62960b789"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Mv-wdITl7XUbEQn1XvYQxkO0tbiy5MxBrn5pgK-CcTaBv8Nm6BfMcA==
bl-250cc79-baff5b41.js
tagan.adlightning.com/saambaa-deseret/ Frame 7F4F 		105 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/bl-250cc79-baff5b41.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b1c8eb0f8246cf8da5999b82f45975f0d02cf1be1e114c958278a766ccbd97a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 15:43:40 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
QaMFVZTIJk2EONw0.UQRowAKyI7UhqLR
x-amz-cf-pop
FRA60-P4
age
78541
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
44545
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 15:17:51 GMT
server
AmazonS3
etag
"7c1905428bbd96e6347f8d1a30e04198"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
kczfyRLeXPekGx0MgOiX0xVPqPhI7_UqAWR3GfV2Gtznte33gdOAVA==
pixel;r=1984559118;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial;ref=https%3A%2F%2Fwww....
pixel.quantserve.com/ Frame 7F4F 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1984559118;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial;ref=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial;uht=2;fpan=0;fpa=P0-1310109665-1704979957765;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=deseret.com;dst=1;et=1704979960886;tzo=-60;ogl=;ses=2ee449bc-fb2a-4528-a7e1-56c76d3c77f8;mdl=
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 Jan 2024 13:32:40 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ Frame 7F4F 		403 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6200089548495652&plah=www.deseret.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d6b0f3248092a19fd2fd52c9eb08778d6dd496b825eb7ae7a321e93f834755b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139437
x-xss-protection
0
server
cafe
etag
17054708389292279036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:32:41 GMT
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 472C 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
65731
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4168
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:17:10 GMT
etag
3009746639812436877
expires
Wed, 24 Jan 2024 19:17:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 48CC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjuX3SMri8ttDIcN-9D6-0nDWQThIaFewMsZsG17AvC2Gaed_O2W4lLHP1vTNHPRWWDW0dNbRKVFH1PPQPjhZHYLDu3THTOe7pZWRVzWNC-RPGmH_R3vVtJATih5O417GEy4juhlU8mJieBHvklP3gf7bw&sai=AMfl-YQaAZYl3iH_PU1SkEAS1TtfQURjIh9IcG9W1yiqX8uFcQS4IF88Z2VyHSK-7A8y6TvKTCJ4ov6X1skeIRNtFdcVn54xJybX26M9SI74-hWdCwTuJn0OlmTx0MU&sig=Cg0ArKJSzGMw-KaV2gBREAE&cid=CAQSOwAvHhf_6ht6JSJ1hHOS8mgDeowXjZ-9xUMqsYDztD58ne_I4M2OtkVFK1xbyBMSbqHpBpIkKF_7nm_EGAE&id=lidar2&mcvt=1001&p=169,315,419,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2795228261&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704979959171&rpt=962&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame FF39 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6200089548495652&output=html&adk=1812271804&adf=3279755405&lmt=1704979961&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704979961042&bpp=5&bdt=1866&idt=207&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&cookie=ID%3D4b0742be3c1d7fc0%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_Mbs4rw_CKJhjAJvo6h35at8qhUi2Q&gpic=UID%3D00000d3f76510e2f%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_MavKhLTXflWEFLNeuE1r7_8Dk1UXA&nras=1&correlator=7200322596148&frm=23&ife=4&pv=2&ga_vid=1939213249.1704979961&ga_sid=1704979961&ga_hid=1520196801&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=14802008&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C44809004%2C95320868%2C95320890&oid=2&pvsid=2122274307583474&tmod=157605140&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.z69nj3xlobhs&fsb=1&dtd=245
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F4F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=onetrust-banner-sdk&cls=otFlat%20bottom%20vertical-align-content&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7F4F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFogkpX-eL_ntMnXMc5mcqYp7FTu8YIIBxsLW5sv-9hu99yHjeLS4HpPJgxpUzmD1iWHGM1GchgymGniU78fZFSCbwi_kmaRNxto-v353ndUtfUsw3ZttKyU1bRT7csenWCZNI_YMmTxg_k1U86dyfPVBbMvgQhNIKZr-8ydZ-tFC0eiME83UwlnspGzZy5wRPWo0iIlUf1LJGuqMq-mCRkOjJwsSIyMLuZDPEa2c9VEf0hbThX7wW0J_qNGEGPmBI1ZbWhxRk7jghLAjnhYFLzvdckzPV2_1gv_Blh_YZLtxEfCuihq8SMc1fJ4pI-JVfOvS3Krr8-efAqCUrrDbXI4kTBGxwcYkHmOtIzuTDV76R-d7CNhM2WX9xqduYL9fUpSA9ItsZGkoAOQneGbz1jE9Ji7z-&sai=AMfl-YTiSyY7czsSdohWbkr9uq7ofGVpti7tZTVOhimY399Y7-3gT3w3DSyRY1yhQ4PO_2VBLtK6yj-LRVb81FlqpKaP7kpw5t76HYSH5jI2Fawdf6pCu3oy_CLBB8WjMQ&sig=Cg0ArKJSzM7Sg2s3XfCQEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jan 2024 13:32:41 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7F4F 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6200089548495652&plah=www.deseret.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
762c214cabdce5338b8e9b18339f3cbb2713ff8d3dbb69356c737a3aaa533414
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12129
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401030101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e11cc2bfb2fad7c637d1f41afe65456d855048d6e128f6affd56148fc45e3a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12245
x-xss-protection
0
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/16033947/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
384 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
18.66.112.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-76.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 12:41:13 GMT
via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
16914
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
CyCHNrdHgJmwhhKP9hXequv4R_efdM-TiIByMV1rL35i9pj6kOLQHQ==

Redirect headers

date
Thu, 11 Jan 2024 13:32:41 GMT
via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
iLK29GECNM7ZFUjTZqALSY54hNnqIMB_V5738BFDrbaPk0XRMUHQMQ==
up
insight.adsrvr.org/track/ Frame A2E3 		0
59 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=63l7ij2&ref=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&upid=5v8nc1s&upv=1.1.0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Thu, 11 Jan 2024 13:32:41 GMT
server
Kestrel
beacon
ce.lijit.com/ Frame A593 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Thu, 11 Jan 2024 13:32:41 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
300x250_oahu_v3.png
saambaa-static.azureedge.net/sidestage/ Frame 7F4F 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/sidestage/300x250_oahu_v3.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB8) /
Resource Hash
6d5bea8e0cdd9848eedee10232ad1498f8027e66a5d9ccee1d052622247ada7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 11 Jan 2024 13:32:41 GMT
last-modified
Thu, 27 Jan 2022 00:46:57 GMT
server
ECAcc (frc/4CB8)
content-md5
6Urn8SrRgO3o0cSRdd+hrw==
age
510339
etag
0x8D9E12E85A19017
x-cache
HIT
content-type
image/png
x-ms-request-id
2554b368-c01e-00bf-4fee-3ff974000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
24705
300x250_ak_v3.png
saambaa-static.azureedge.net/sidestage/ Frame 7F4F 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/sidestage/300x250_ak_v3.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD6) /
Resource Hash
b7f5d70a1071fe2f8b9e45d9befbb788d9912d50f7dbc60e5728bdf837a21d08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 11 Jan 2024 13:32:41 GMT
last-modified
Thu, 27 Jan 2022 00:46:57 GMT
server
ECAcc (frc/4CD6)
content-md5
Brxf/5pfZY4zgW2j5iapHg==
age
383511
etag
0x8D9E12E859EF83D
x-cache
HIT
content-type
image/png
x-ms-request-id
a43d7f50-b01e-005e-0d15-411e01000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
39311
300x250_yosemite_v3.png
saambaa-static.azureedge.net/sidestage/ Frame 7F4F 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/sidestage/300x250_yosemite_v3.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CAE) /
Resource Hash
86741fbbd4e540c5e2a541773927159732b41034318e0e0a4a78ee2253da2eab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 11 Jan 2024 13:32:41 GMT
last-modified
Thu, 27 Jan 2022 00:46:57 GMT
server
ECAcc (frc/4CAE)
content-md5
7FSdSDImvRJoVseoH9fwoQ==
age
383497
etag
0x8D9E12E85A47615
x-cache
HIT
content-type
image/png
x-ms-request-id
ab1697c7-501e-0054-2415-410788000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
34431
300x250_japan_v3.png
saambaa-static.azureedge.net/sidestage/ Frame 7F4F 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/sidestage/300x250_japan_v3.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBC) /
Resource Hash
d50cb6bda0a5fd7016cdfe46cadb1f5a517fd0135726d581dfe9826bebcd0cd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 11 Jan 2024 13:32:41 GMT
last-modified
Thu, 27 Jan 2022 00:46:57 GMT
server
ECAcc (frc/4CBC)
content-md5
g0ekiMWPyvO4+/SlJYqCdw==
age
383486
etag
0x8D9E12E859ED131
x-cache
HIT
content-type
image/png
x-ms-request-id
f18954d8-b01e-00dd-6015-41beac000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
26484
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7F4F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 11 Jan 2024 13:32:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 11 Jan 2024 13:32:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E525 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
20451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 07:51:50 GMT
expires
Fri, 10 Jan 2025 07:51:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1B8D 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
555f1db725cb79a4a3ae447aa5eb2e878dc39e3f4b2891829d9033da3130618c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-y_DGPUvBRy0Ou5zg2jPRxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-y_DGPUvBRy0Ou5zg2jPRxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:41 GMT
expires
Thu, 11 Jan 2024 13:32:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3CC7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
20451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 07:51:50 GMT
expires
Fri, 10 Jan 2025 07:51:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8B4F 		829 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6a8fbb5a0c2a63d1e01a428166747c6300d8549ebe1e18d3e840141264585928
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1c92qqGI1LBP42sg0_yAhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-1c92qqGI1LBP42sg0_yAhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:41 GMT
expires
Thu, 11 Jan 2024 13:32:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame E525 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 09:51:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
13242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 09:51:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8B4F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401030101&jk=3357698144144033&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 3CC7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 09:51:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
13242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 09:51:59 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.deseret.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.deseret.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 11 Jan 2024 13:32:41 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7F4F 		444 B
956 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&rf=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.pbadslot=%2F22784401475%2Fron01_300x250_desktop&tk_flint=pbjs_lite_v8.26.0&l_pb_bid_id=2386fb4cf06b62&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22784401475%2Fron01_300x250_desktop&m_ch_mobile=%3F0&slots=1&rand=0.38828630236548833
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a7dedf94200ec35597a1b32207ebb117b959a3d2d5bbf4e95e973c787ff892ba

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
444
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame 7F4F 		588 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2249d340bccad727%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F22784401475%2Fron01_300x250_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&s=358ed850-4f44-4598-bdf7-428e1b9992f6&pv=94e2e2a1-a423-466d-aa73-28e7ff6926cd&vp=mobile&lib_name=prebid&lib_v=8.26.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22deseret.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22deseret.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
f767c777d5b0c7bda7a7e315f2aaf053d62613362cd3d9b05da2b09bbd5be6c0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-146
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
331
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 7F4F 		11 B
204 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Thu, 11 Jan 2024 13:32:41 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
bid
ap.lijit.com/rtb/ Frame 7F4F 		24 B
402 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.26.0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
f04c91ee88b4ddb8c3d67e67a74d996c38e64a8126ef4aadc677331645693d50

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 11 Jan 2024 13:32:41 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.deseret.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ Frame 7F4F 		139 B
700 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0491e80e1960abebdd47ddd85c27a7ae3d3932d63c635daab0a7164f2d5a419d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:41 GMT
an-x-request-uuid
9072adb9-8bce-49fa-b3be-a438b11f8be9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.108; 80.255.7.108; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ads.yieldmo.com/exchange/ Frame 7F4F 		0
225 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.26.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-0%22%2C%22callback_id%22%3A%221479b7090c14bf1%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F22784401475%2Fron01_300x250_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&bust=1704979961722&dnt=false&description=&tmax=700&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Trump%20barred%20from%20give%20closing%20argument%20in%20NYC%20civil%20fraud%20trial%20-%20Deseret%20News&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.49.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-49-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Thu, 11 Jan 2024 13:32:41 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7F4F 		444 B
782 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832544&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&rf=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.pbadslot=%2F22784401475%2Fron01_300x250_desktop&tk_flint=pbjs_lite_v8.26.0&l_pb_bid_id=16da57f294d6507&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22784401475%2Fron01_300x250_desktop&m_ch_mobile=%3F0&slots=1&rand=0.36813480274933386
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8557d02fc2f9e24ddb17432f71b633c3afe7761887f2d4ed9668bacbf854554a

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
444
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 7F4F 		37 B
338 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66ca5597c9ea83b248a88ae983dba9366572a64571a204b8479e2a9a7665cf02

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=od34YykQUSpcvfXVjWrPKkSbpnXuR3E%2FCX7GR%2FD2Y3GpMzCWpOPCLWaghrSnLtw6PeyYM86YRM%2BzP72e3eSeDkhomKzzcXaobnUzF%2FIHZd3HZeP6NBIkfSBSFjOCh%2FeN2d%2BVfyYd"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
843d86f8eb24aca9-TXL
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
c
prebid.a-mo.net/a/ Frame 7F4F 		0
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Thu, 11 Jan 2024 13:32:41 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
18
server
envoy
vary
origin, Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/ Frame 1B8D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=2122274307583474&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame E525 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?iPqkQQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 3CC7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WdD0kQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.deseret.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.deseret.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 11 Jan 2024 13:32:41 GMT
prebid
ads.yieldmo.com/exchange/ Frame 7F4F 		0
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.26.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-1%22%2C%22callback_id%22%3A%222302e7c0053e6cd%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F22784401475%2Fron01_300x250b_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&bust=1704979961880&dnt=false&description=&tmax=700&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Trump%20barred%20from%20give%20closing%20argument%20in%20NYC%20civil%20fraud%20trial%20-%20Deseret%20News&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.49.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-49-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Thu, 11 Jan 2024 13:32:41 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
unruly_prebid
targeting.unrulymedia.com/ Frame 7F4F 		11 B
204 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Thu, 11 Jan 2024 13:32:41 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
bid
ap.lijit.com/rtb/ Frame 7F4F 		24 B
402 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.26.0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
2a67f6e2a1380b836695e3b6090dc2d70920620669e370ba5e1861bf8c44e3b9

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 11 Jan 2024 13:32:41 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.deseret.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ Frame 7F4F 		139 B
700 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e31197a6a66ed48020a2e8eed540b9151a60ffc48fa12ba64408dfab0c10c838
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:41 GMT
an-x-request-uuid
3743f7e4-6d61-4bff-a227-2a2f4b6bebec
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.108; 80.255.7.108; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 7F4F 		37 B
519 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dee47dde991622023f766b8259b8e18c08c534c51e226bd76d896c4d5d7f300b

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvMDQVj0gb9vbeujYF6iyTcHDJhaX4LY7w3tCeV8ze14iw76xBjgvSshwCwYcxQoaw7qKV1y0pTdxvND9pedfezsuz9I3tCztWAl%2Fsq6Ugjr1SFIOIGpjor0%2B6zWis5XZDQpNwk2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
843d86f9e96d6a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7F4F 		445 B
783 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832544&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&rf=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.pbadslot=%2F22784401475%2Fron01_300x250b_desktop&tk_flint=pbjs_lite_v8.26.0&l_pb_bid_id=33090803964a05a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22784401475%2Fron01_300x250b_desktop&m_ch_mobile=%3F0&slots=1&rand=0.6794393044437832
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
905f99e00243328b9ff9c14712a95acc877e0f67cd696edfd287c14b21268226

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
445
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ Frame 7F4F 		0
213 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Thu, 11 Jan 2024 13:32:41 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
58
server
envoy
vary
origin, Accept-Encoding
trinity.json
apex.go.sonobi.com/ Frame 7F4F 		589 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22392bea655686ffe%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F22784401475%2Fron01_300x250b_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&s=a164c947-8199-4ad8-8fc8-81001ea59c4e&pv=94e2e2a1-a423-466d-aa73-28e7ff6926cd&vp=mobile&lib_name=prebid&lib_v=8.26.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22deseret.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22deseret.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
dc866635a05e8762cdddae2527450326d4a82e074c768d1aa658a25cd723421d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-92
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
331
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7F4F 		445 B
783 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&rf=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.pbadslot=%2F22784401475%2Fron01_300x250b_desktop&tk_flint=pbjs_lite_v8.26.0&l_pb_bid_id=4172a4f19354edf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22784401475%2Fron01_300x250b_desktop&m_ch_mobile=%3F0&slots=1&rand=0.604321131500293
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2742a5b0465d08b2166793d3420bb615774ff274768267bf44316be5c4981d86

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
445
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.deseret.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.deseret.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 11 Jan 2024 13:32:42 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 7F4F 		139 B
700 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
48caede7b9c8d5e8e4349254a9840495ee7f93dfdf588c7adf34061ef4f43b20
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
an-x-request-uuid
82f6ea59-81af-4982-811f-d5499c880bae
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.108; 80.255.7.108; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7F4F 		445 B
502 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&rf=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.pbadslot=%2F22784401475%2Fron01_300x250c_desktop&tk_flint=pbjs_lite_v8.26.0&l_pb_bid_id=46622b928518a18&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22784401475%2Fron01_300x250c_desktop&m_ch_mobile=%3F0&slots=1&rand=0.3421198503086744
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0ffe1094aa6cba32504f6ea98a0d8ace3bc25d720deb3938cce92206609be5dc

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
445
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7F4F 		445 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832544&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&rf=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.pbadslot=%2F22784401475%2Fron01_300x250c_desktop&tk_flint=pbjs_lite_v8.26.0&l_pb_bid_id=48920fbda834bb7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22784401475%2Fron01_300x250c_desktop&m_ch_mobile=%3F0&slots=1&rand=0.09352374469445435
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
24c210386e8b569a89b380b91b4b33c0e8d6bb064cf3ccd308a4ca54ba8fe517

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
445
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame 7F4F 		589 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%225032e388ccc383e%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F22784401475%2Fron01_300x250c_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&s=ca0130d8-697f-4046-a9f4-3347be6b5a6a&pv=94e2e2a1-a423-466d-aa73-28e7ff6926cd&vp=mobile&lib_name=prebid&lib_v=8.26.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22deseret.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22deseret.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
4512a7b3315614a07cb8724f2b7879da1f085838fb8b68be377a1fab9d4e96a9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-113
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
331
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 7F4F 		23 B
401 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.26.0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
8b34a6e3b62823dc4ed7e5c01f5ea550ada1ecfd8832e7b11ee0cea68d7ed534

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 11 Jan 2024 13:32:42 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.deseret.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
pbjs
htlb.casalemedia.com/openrtb/ Frame 7F4F 		37 B
489 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18a76b040ad064cb4e3e956086c3d602fd87471df3713d0efe221e889b57c9

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWjEF%2BowTW2zkNnwAlNbVj43pVBn5FxL%2F0MexxQOXTMh%2BVzuBhHLGMlRUZmxnm35ddLRXo8DhfdwQCzN0XAhufafPuRzsigmpoKRhb8ZglHEmZAin0NvS0nn%2FY%2BfoHreI6fLuRwy"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
843d86fb3cd86a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ads.yieldmo.com/exchange/ Frame 7F4F 		0
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.26.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-2%22%2C%22callback_id%22%3A%22562c847d28635b4%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F22784401475%2Fron01_300x250c_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&bust=1704979962101&dnt=false&description=&tmax=700&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Trump%20barred%20from%20give%20closing%20argument%20in%20NYC%20civil%20fraud%20trial%20-%20Deseret%20News&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.49.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-49-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
unruly_prebid
targeting.unrulymedia.com/ Frame 7F4F 		11 B
204 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
c
prebid.a-mo.net/a/ Frame 7F4F 		0
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Thu, 11 Jan 2024 13:32:42 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
18
server
envoy
vary
origin, Accept-Encoding
services
g2.gumgum.com/publishers/13011/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/publishers/13011/services?dp=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&pu=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&ogu=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&rf=&r=3.88.16&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A16%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.88.16%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240&bf=1b982018bc6d7c159769f89664a6d9bb4d5fcef3&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1704979962110&to=-60&vpii=false&vph=1200&vpw=1600&productIds=1
Requested by
Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.240.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-240-80.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
https://www.deseret.com
date
Thu, 11 Jan 2024 13:32:42 GMT
access-control-allow-credentials
true
server
nginx
timing-allow-origin
*
etag
"0d41d8cd98f00b204e9800998ecf8427e"
ads
securepubads.g.doubleclick.net/gampad/ Frame 7F4F 		25 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2122274307583474&correlator=1551339259769989&eid=31079957%2C31080285&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&iu_parts=22784401475%2Cron01_300x250_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D4b0742be3c1d7fc0%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_Mbs4rw_CKJhjAJvo6h35at8qhUi2Q&gpic=UID%3D00000d3f76510e2f%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_MavKhLTXflWEFLNeuE1r7_8Dk1UXA&abxe=1&dt=1704979962139&lmt=1704979962&adxs=1050&adys=1029&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=3gp6t9r5svdd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&ref=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&top=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&vis=1&psz=300x250&msz=300x250&fws=384&ohw=0&ea=0&ga_vid=1939213249.1704979961&ga_sid=1704979961&ga_hid=1520196801&ga_fc=false&dlt=1704979959178&idt=1473&prev_scp=Domain%3Ddeseret.com&adks=1366438291&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
720eec6292faacec16eb3d540f8270e9e7d662ea66b6763a7a69478dca59c461
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11864
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DFE1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:42 GMT
expires
Fri, 10 Jan 2025 13:32:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7F4F 		25 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2122274307583474&correlator=329050746854351&eid=31079957%2C31080285&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&iu_parts=22784401475%2Cron01_300x250b_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D4b0742be3c1d7fc0%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_Mbs4rw_CKJhjAJvo6h35at8qhUi2Q&gpic=UID%3D00000d3f76510e2f%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_MavKhLTXflWEFLNeuE1r7_8Dk1UXA&abxe=1&dt=1704979962163&lmt=1704979962&adxs=1050&adys=779&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=l75zgh7dwjax&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&ref=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&top=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&ga_vid=1939213249.1704979961&ga_sid=1704979961&ga_hid=1520196801&ga_fc=false&dlt=1704979959178&idt=1473&prev_scp=Domain%3Ddeseret.com&adks=2156606619&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4dc74432b7b5eb8bc638e343a51c5aaf661667a55628e47e7707850c8e90405f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11868
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 7F4F 		25 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2122274307583474&correlator=261655140504305&eid=31079957%2C31080285&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&iu_parts=22784401475%2Cron01_300x250c_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D4b0742be3c1d7fc0%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_Mbs4rw_CKJhjAJvo6h35at8qhUi2Q&gpic=UID%3D00000d3f76510e2f%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_MavKhLTXflWEFLNeuE1r7_8Dk1UXA&abxe=1&dt=1704979962242&lmt=1704979962&adxs=1050&adys=779&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=yfuvwd3tooxh&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&ref=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&top=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&ga_vid=1939213249.1704979961&ga_sid=1704979961&ga_hid=1520196801&ga_fc=false&dlt=1704979959178&idt=1473&prev_scp=Domain%3Ddeseret.com&adks=1568068282&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51f2a46c447874057ce75e50b81402242f305e8ea89dd7c36517cf7afebe23ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11857
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.deseret.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.deseret.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 11 Jan 2024 13:32:42 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7F4F 		445 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&rf=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.pbadslot=%2F22784401475%2Fron01_300x250d_desktop&tk_flint=pbjs_lite_v8.26.0&l_pb_bid_id=6587a6651a6b15d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22784401475%2Fron01_300x250d_desktop&m_ch_mobile=%3F0&slots=1&rand=0.7144302652065475
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c09ad64ffa8068d09aae8382e6b3b345aec086018cc7ce2942c9cfe290df5b45

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
445
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame 7F4F 		589 B
866 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22695628de413cb63%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F22784401475%2Fron01_300x250d_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&s=3000a7ac-c6b9-402a-b1d8-19c1fad0328e&pv=94e2e2a1-a423-466d-aa73-28e7ff6926cd&vp=mobile&lib_name=prebid&lib_v=8.26.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22deseret.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22deseret.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
cd7c41b6632232b82acdb3131e371cb0ad687e4760d675ab226f40e97cef80ed
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-113
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
331
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ Frame 7F4F 		0
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.26.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-3%22%2C%22callback_id%22%3A%2271309094f047e2a%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F22784401475%2Fron01_300x250d_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&bust=1704979962290&dnt=false&description=&tmax=700&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Trump%20barred%20from%20give%20closing%20argument%20in%20NYC%20civil%20fraud%20trial%20-%20Deseret%20News&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.49.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-49-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/ Frame 7F4F 		0
214 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Thu, 11 Jan 2024 13:32:42 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
73
server
envoy
vary
origin, Accept-Encoding
pbjs
htlb.casalemedia.com/openrtb/ Frame 7F4F 		37 B
490 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1b52e421e8fca80579ef1ad10e31f9eb62f16b5e3e5185b42ea75ff1aa4f10

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGhRxCts5uiP%2BP18uR3aNr3Y0aEnTp%2FHupkNlBaVqvCvX%2FgZVXHkM7le9ZsTOpIgDQyd7YuZp6MJUHcdhvvNEyKNl6XjZTS4euQHhkiOr%2BcQe0GkE9wOojEyILvYSs3M2%2BkNWKFB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
843d86fc78496a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 7F4F 		11 B
204 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7F4F 		445 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832544&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&rf=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.pbadslot=%2F22784401475%2Fron01_300x250d_desktop&tk_flint=pbjs_lite_v8.26.0&l_pb_bid_id=794d675ce731766&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22784401475%2Fron01_300x250d_desktop&m_ch_mobile=%3F0&slots=1&rand=0.04899904087191387
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
260f3c2ba68e60ac028972f5749041ed7ff8f6bd2899fe849aa48b23010b9e4e

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
445
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 7F4F 		24 B
402 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.26.0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
1b47172e940bc6307993348843eb9f3457fa525fa8f67882054f6042bde10ae2

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 11 Jan 2024 13:32:42 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.deseret.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ Frame 7F4F 		139 B
700 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
d751f9a0669eaa9975bd4caa721ff3ae89770ff2694e409e073e30795ef329ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
an-x-request-uuid
7c9b58e7-2194-4d97-9f78-a7830f89de1e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.108; 80.255.7.108; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7F4F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=2122274307583474&bg=!AgGlAU7NAAaumcC-jpk7ADQBe5WfOPxqagT_Lyw3XTVVXXXSzqhEPo0T40nq1WJMtr3p00bbsxuxoQZqlRF6bMgX85uXAgAAALRSAAAAAmgBB5kCzUl1AugvP4XXhfqpHYSMyM5bVYWgagrvIyyZjLx12IshardC9gdtaTlwxn-fOIgfm--hLIb67dNPcrDB5cwtr49vz450Fs-5fq-1qfEAkaI4MfW3UuRFbW6SsvxkT676bVL1BC6OZ5w2c3ZtFL6zMB8m0gxW4hik4z_G_gx_5Tbfv5HuodTDaMN_tAMxX-doJTLrT-pAzAfHpkkdx9zDFglazBw9jamZPucvlzKJHr3NzLokAVAanHJFLdCm82oc54y86BRN_F0Uoha_A4n5mO8gTmCfkdlLFt219LS6kpg2oN_4U7MzgqgOJAr4LqQpTW6LU6Edw6z2RzPkcb8DkSffIQ9PveapMijTG6J8VTEE5GzWZSzHO5ygLKkTZ6SA4iJ2HwzJPo5VxtOcnAuO-3RNdadtzmDdehUDlRK3-d_ortRWdX1r-TLPEb7Q1dRJGTkzphcJ8KgQ12m-EKRuPfcoNHOXmDXN86FF7xO5ouecrzuK6mKCH8qdEvWmrB2lNtLeSavkxvvGo_cQUudg2Q-tbVhyp11YTx9KVtEC1I7lADgaM2nhm0ZWEFycVYoOSXWWrAPM-o0NXdnVCEHIByXK7ox7XMgB0Qb8j094TzZd-_SrAiMibIkWz0R_CVobaU4LHUqgI_ZB6d2-HqoLjNNT2prInov5uAdyUlidjhi2hzSgNzDr1MDjPqjvBZx2VyM2t6QG9QjEMhAz09MNY0Dn-5eujfljjmSsmr0dmw1E3b85Ju6MkK_xua3YllYutD7MCp4PyF8Sv6uFebRwH7CFVcD_q5KPQwnHlP7lBi-0rReJbDQR9zdqlU1WaGeuBYSwT_R4qvZ7u5BKlvlticLp5gNHPMhFrr8hx5JING9luK-IpGiA1GUMhxYgHdTe9Y4z2Mns_qWA4EnoLoFxI4MC5mXfz-CkxO_2xjVweQGwKoceg0216FlkLYs8QA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 7F4F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubOyfI9WSMBqCjLQahB2LHRztpKYKPjM8va6M6vt_HGeTZkK2ngcy41eEaBH81lqMqkPMECnNGOVwfhrQWuAjMcVtmKD0hf57gRqwcSGaa3wpobGZ2E1K1Rdw4VS_2ke8OJ-HT0WI26kTXFb2Iy6P0VA&sig=Cg0ArKJSzL-CuBqE0LNmEAE&id=lidar2&mcvt=1004&p=778,1050,1028,1350&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2639951260&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704979959178&rpt=2234&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D655 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:42 GMT
expires
Fri, 10 Jan 2025 13:32:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7F4F 		25 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2122274307583474&correlator=2442534697354666&eid=31079957%2C31080285&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&iu_parts=22784401475%2Cron01_300x250d_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D4b0742be3c1d7fc0%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_Mbs4rw_CKJhjAJvo6h35at8qhUi2Q&gpic=UID%3D00000d3f76510e2f%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_MavKhLTXflWEFLNeuE1r7_8Dk1UXA&abxe=1&dt=1704979962821&lmt=1704979962&adxs=1050&adys=779&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=8f8vxymuqucl&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&ref=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&top=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&ga_vid=1939213249.1704979961&ga_sid=1704979961&ga_hid=1520196801&ga_fc=false&dlt=1704979959178&idt=1473&prev_scp=Domain%3Ddeseret.com&adks=272005427&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4bfcce0a55f53bb1f3e24f7cfd05b3a4ae178b8ccfd4523652071f1615237caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11929
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.deseret.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.deseret.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 11 Jan 2024 13:32:42 GMT
trinity.json
apex.go.sonobi.com/ Frame 7F4F 		589 B
867 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22864737b38f72d11%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F22784401475%2Fron01_300x250e_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&s=94e535d1-0a78-4f69-bfbf-1940c5c67b28&pv=94e2e2a1-a423-466d-aa73-28e7ff6926cd&vp=mobile&lib_name=prebid&lib_v=8.26.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22deseret.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22deseret.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
12fdd6f58f3a38ef326051b7a11f197847880b7a294ae181247a75ac31195b76
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-113
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
332
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7F4F 		445 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&rf=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.pbadslot=%2F22784401475%2Fron01_300x250e_desktop&tk_flint=pbjs_lite_v8.26.0&l_pb_bid_id=88c4a3e9857412&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22784401475%2Fron01_300x250e_desktop&m_ch_mobile=%3F0&slots=1&rand=0.2964078869053828
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0501a7736754c180f9c837b9b827571a8d108ff6ae199fbcc1bf80eaa1298142

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
445
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 7F4F 		25 B
403 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.26.0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
50923aa1c9538e17e1ad38afb7f8b736d415bae8eb4e08cd3691cd7d84e6c1e4

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 11 Jan 2024 13:32:42 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.deseret.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
pbjs
htlb.casalemedia.com/openrtb/ Frame 7F4F 		36 B
491 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d3682c484de2380d37647d58525c03ac6a90983169ef5cf12b8900faccc5c35

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnJwMexmrSK%2BtvBkfI4zIJEoTnn%2FMz2EJWffoe6g7Xj%2FKd9ldHmQEvr8qNglMNF%2FYM%2BZ%2F3fxTuYB0hCxNPRaXDIEcIrlKzoO4nsmjydkhof8pdPQf6JgP5kkWBlAXnXaDZsVCW4M"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
843d86ffd99b6a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 7F4F 		11 B
204 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
c
prebid.a-mo.net/a/ Frame 7F4F 		0
213 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Thu, 11 Jan 2024 13:32:42 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
28
server
envoy
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ Frame 7F4F 		140 B
701 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
d233f75c43cd448ecfc7d3b35986fd1df1c9101a44719772db87c1aabe10151e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
an-x-request-uuid
25a7b4c7-3d22-4443-b165-8c84a49f075d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.108; 80.255.7.108; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7F4F 		445 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832544&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&rf=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.pbadslot=%2F22784401475%2Fron01_300x250e_desktop&tk_flint=pbjs_lite_v8.26.0&l_pb_bid_id=102ddb47cb6dc33f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22784401475%2Fron01_300x250e_desktop&m_ch_mobile=%3F0&slots=1&rand=0.6844904644913594
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1988c84385a43adbac8e318203dc8b42a5a94643af86c6d748b7e838135b2287

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
445
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ads.yieldmo.com/exchange/ Frame 7F4F 		0
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.26.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-4%22%2C%22callback_id%22%3A%22104e6f5540822ff6%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F22784401475%2Fron01_300x250e_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&bust=1704979962857&dnt=false&description=&tmax=700&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Trump%20barred%20from%20give%20closing%20argument%20in%20NYC%20civil%20fraud%20trial%20-%20Deseret%20News&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.49.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-49-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401030101&jk=3357698144144033&bg=!ycqlyoXNAAaumcC-jpk7ADQBe5WfOCCwqWc_Sk7pEMvm8dRRqD69fhtCVdn0IYOyNGch9cRjF3TwzK3cVHAeIQs8MBPwAgAAAJlSAAAABGgBBwoAqfZyL3RcUCHHnNr-duDGWLW9rmaqKWJuGWP0lbwyyhFH7mADYWEhGrznE8wcgWN2ns8s9oJBL4l92udfiqfE5b_yb5Tmz7zC5KCOosOBS-yIXPmzIOoPtdqa8xtsfFOB8Iz4BGtLafmMeuOxd9YSmHgznOGZKG3cNKyHZzlZSBZ6YjIqpsj3fT3t8BNAird77zeu3yxL2YSw-JLEGz6mNZenXSgehTDQeziZAr1oLeNYnY_SV5sHAb2JSK_uhhQlgq5qtwB4r6WJ6ipPwy1rXa_DImgK4dYEs5BksJuNX33HLMFcqDZUcrZW9MRNj7emB8iMcdbCsSSrsyQy5q0NxVRTkhv_RXjdvL9Z4bODdfIJq9m6YtEKX822yFgqZb0j2O-xzL22TvSfHAVkeYP0p_ZVBWxYa7sIKz7OkjlqOEYYDSCNf3v9Vt_9QQicAYncwhwujlRYrtmylzR7LTpR5LtQQaUlozjKbpbozkINtoo_OSOgAxzEnAnl9OG7yPlAQWFRkLbA4sR76wxD2fMmskn5_nlyYgUGeYn3laAam8N0fR4wRPbtlShKJ9IOIqHYoD5zs0XcHurp7bugrk1OGgU8Capy1i-gTrtpfOMSjOLhIaOYJaabdphLUzBv6mW2OVWlQgdqi3KpNJMgbiVvsezzlmDacs-dROTNkgLaHLQlRFTBui8t42vHcHmQQ6NW__eU2eg8yUp-qM5dLUDA1-0iLUWMSjJrR9GyGhZv3uldasBhyl2NX-w3jS3mOzs1FQf7C3I1OjMjxvxWpayvttm20RbI-hIII8aTw1QVZ-P3tDJcqqKGcnBn9xv7oybuXjYMs6eLCMTVy3wsUWIyQWCQpYuLpIC3yNHb3GYJnouXoBhlHKG0Q9oFw7MNoaeOPO6-3b8945JlQfgse5g3X_7L2wz1zdQSJeCa4aX78E8301AC1BG9A7sIzGmTEpfUo2LBxA1tLe06yS3B-vKMYd8XupzUTsSVSAM_Qgg3uWcCAxZ9M1Zo8Q7u3Ti3-J6EcYCon-cTKoqvY7LMK4c7YaZheOozheuK2hg4_jo5GM6_gMxNFbLme4PXSR_cBOKXAExlbOhF0_rLCVZrE0LqtewZIsN9OrVozJSxEtnQRTjmEpYivFo2rwbl64m9k_1MZTINZfA6uu2jZQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.deseret.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.deseret.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 11 Jan 2024 13:32:42 GMT
bid
ap.lijit.com/rtb/ Frame 7F4F 		25 B
403 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.26.0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
62618a4bde8655938da346aa3168ea48507997f4950c593e072e09100a1658b9

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 11 Jan 2024 13:32:42 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.deseret.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7F4F 		445 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&rf=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.pbadslot=%2F22784401475%2Fron01_300x250f_desktop&tk_flint=pbjs_lite_v8.26.0&l_pb_bid_id=109375d373d5f83b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22784401475%2Fron01_300x250f_desktop&m_ch_mobile=%3F0&slots=1&rand=0.9939059388348219
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
843cf70a8f73b9334bebd67ea154e575ffb2c7dc85d57a703bc67ecf865674f0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
445
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 7F4F 		140 B
701 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
9718fd957de7231935c27f6ea7ab94b7993565ce7227eb809a1d6e3dc19acf75
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
an-x-request-uuid
28dfa1dd-9bb3-4db9-81e9-998f0d7ec86a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.108; 80.255.7.108; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 7F4F 		11 B
204 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
prebid
ads.yieldmo.com/exchange/ Frame 7F4F 		0
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.26.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-5%22%2C%22callback_id%22%3A%22115678dfa84b6045%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F22784401475%2Fron01_300x250f_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&bust=1704979962878&dnt=false&description=&tmax=700&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Trump%20barred%20from%20give%20closing%20argument%20in%20NYC%20civil%20fraud%20trial%20-%20Deseret%20News&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.49.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-49-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7F4F 		445 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832544&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&rf=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&tg_i.pbadslot=%2F22784401475%2Fron01_300x250f_desktop&tk_flint=pbjs_lite_v8.26.0&l_pb_bid_id=1198232a2e1b13fd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22784401475%2Fron01_300x250f_desktop&m_ch_mobile=%3F0&slots=1&rand=0.9784903187440686
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e90c6ec3d4f0c3fbc0b90092308ea0dc40d10eb4c59455937927794082128b11

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
445
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 7F4F 		38 B
486 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b947b576d812b8973c7f61c01e772f677f67294af6c528a49f76196d79a939f2

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gc8pezePtCcw1SqpYEjQwjYIRn8BDd3xpKpNGxFVriRaxtHco7idIHF76%2BGQXes92RTo4DaSnNgVKF%2BF14EcwvAAqUIy1vwRT7ETKjPK31HI%2BENG3STZIj2hW9nILTfWmMA4Inu9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
843d87001a3b6a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
c
prebid.a-mo.net/a/ Frame 7F4F 		0
210 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Thu, 11 Jan 2024 13:32:42 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
18
server
envoy
vary
origin, Accept-Encoding
trinity.json
apex.go.sonobi.com/ Frame 7F4F 		590 B
868 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221250208c4d3285f3%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F22784401475%2Fron01_300x250f_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&s=048de134-3249-4b75-b65a-5591a0a77ab6&pv=94e2e2a1-a423-466d-aa73-28e7ff6926cd&vp=mobile&lib_name=prebid&lib_v=8.26.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22deseret.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22deseret.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
33752b82ebac0330a91ebb3dd42b572558f7a7691bb3241eacb10be19387dfb9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:42 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-113
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
333
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
container.html
e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0BD1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:42 GMT
expires
Fri, 10 Jan 2025 13:32:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7AED 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:42 GMT
expires
Fri, 10 Jan 2025 13:32:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
envelope
lexicon.33across.com/v1/ Frame 9A52 		49 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&gdpr=0&src=pbjs&ver=8.6.0&coppa=0
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 Jan 2024 13:32:43 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
usync.html
eus.rubiconproject.com/ Frame 1DF4 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 11 Jan 2024 13:32:43 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
bl-250cc79-98ebe0b5.js
tagan.adlightning.com/deseretdigital/ Frame D655 		77 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-250cc79-98ebe0b5.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ee4feaf7d7d9ebbdc924f9d70e67a34ba1fc00f48051151f66f747d5846ea54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:06:43 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
_wF20aOmHzwNDMjUSSAIr0qQSsAff7iP
x-amz-cf-pop
FRA60-P4
age
77161
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33407
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 15:18:08 GMT
server
AmazonS3
etag
"2d8e8f851c043de1e7d50af54fbb1b1c"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
hiUdy9osJ_9Vy3LSbA19-eifZBjGqNzqxKcT8wCJUAHfP2IYIZfQnQ==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame D655 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:11:08 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
3543695
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
VHRKznMGK6T8G5V-Q9QmTFhgdv4YhxAmx_W0mPTw8X8k99R_yCfDYA==
bl-250cc79-baff5b41.js
tagan.adlightning.com/saambaa-deseret/ Frame D655 		105 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/bl-250cc79-baff5b41.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b1c8eb0f8246cf8da5999b82f45975f0d02cf1be1e114c958278a766ccbd97a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 15:43:40 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
QaMFVZTIJk2EONw0.UQRowAKyI7UhqLR
x-amz-cf-pop
FRA60-P4
age
78544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
44545
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 15:17:51 GMT
server
AmazonS3
etag
"7c1905428bbd96e6347f8d1a30e04198"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
zO_tciNfDav_Ub7S66Ewc8uQ-xHUHxOeTiTl_MqaMOzRX3OkfoBDaA==
b-d6435a4-e8081c48.js
tagan.adlightning.com/saambaa-deseret/ Frame D655 		79 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbec7e88311e23ca6604fdc4dc242d79f68860de276d4bb846b64ff310ec9b18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 23:33:49 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
X5ILD3._lZN2ce9.Buto.oRFyfoksHBJ
x-amz-cf-pop
FRA60-P4
age
2296735
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29477
x-amz-meta-git_commit
d6435a4
last-modified
Fri, 15 Dec 2023 23:33:24 GMT
server
AmazonS3
etag
"e4ab17739c2289a272b486a62960b789"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
QlPSbBaBXnAAPkUmFfg3bR-r_Az8c9hb86VqFqJsrNYsKyPZHF-szQ==
gen_204
pagead2.googlesyndication.com/pagead/ Frame D655 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DTT6Vr3uBAblycgPuVm8W2JkVrCfUP_syUNKCoJgtVYhEb39nrAgIKdTYyFiPP_s2h9h83psAiChWOHu-n-TUNKbVYSbNjhFd2j50tzAlO3R0tBGs
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame D655 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:32:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame D655 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 07:44:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
20914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 07:44:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame D655 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:06:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
51996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:06:07 GMT
l
www.google.com/ads/measurement/ Frame D655 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSG9n8zCtQAQtjWflYnWqqsQF24DNumOCAOG9elF1i3K2GXfHDwol5QoN_w8niaflggtTb8MdosjF8ZoWp1sYEnKPpXRQ
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D655 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:32:43 GMT
container.html
e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E35D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:42 GMT
expires
Fri, 10 Jan 2025 13:32:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bl-250cc79-98ebe0b5.js
tagan.adlightning.com/deseretdigital/ Frame 0BD1 		77 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-250cc79-98ebe0b5.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ee4feaf7d7d9ebbdc924f9d70e67a34ba1fc00f48051151f66f747d5846ea54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:06:43 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
_wF20aOmHzwNDMjUSSAIr0qQSsAff7iP
x-amz-cf-pop
FRA60-P4
age
77161
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33407
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 15:18:08 GMT
server
AmazonS3
etag
"2d8e8f851c043de1e7d50af54fbb1b1c"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
HSGLZ5dH_PLdKsLgXsWabrHTgDO2reAjdfhFQlOiRaBAxZJNzpdFgg==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 0BD1 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:11:08 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
3543695
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
kgQSJm4S08BNf-ir_ikFI_y7lIh1yEqht3sjlh8GVk8vCk3CYw9Nww==
bl-250cc79-baff5b41.js
tagan.adlightning.com/saambaa-deseret/ Frame 0BD1 		105 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/bl-250cc79-baff5b41.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b1c8eb0f8246cf8da5999b82f45975f0d02cf1be1e114c958278a766ccbd97a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 15:43:40 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
QaMFVZTIJk2EONw0.UQRowAKyI7UhqLR
x-amz-cf-pop
FRA60-P4
age
78544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
44545
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 15:17:51 GMT
server
AmazonS3
etag
"7c1905428bbd96e6347f8d1a30e04198"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
nVUAol9Gl-CsFjFvB2tNa9oEiB60uNXIh88WUsMzbKv4HIJInY-nDA==
b-d6435a4-e8081c48.js
tagan.adlightning.com/saambaa-deseret/ Frame 0BD1 		79 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbec7e88311e23ca6604fdc4dc242d79f68860de276d4bb846b64ff310ec9b18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 23:33:49 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
X5ILD3._lZN2ce9.Buto.oRFyfoksHBJ
x-amz-cf-pop
FRA60-P4
age
2296735
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29477
x-amz-meta-git_commit
d6435a4
last-modified
Fri, 15 Dec 2023 23:33:24 GMT
server
AmazonS3
etag
"e4ab17739c2289a272b486a62960b789"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
pu3soh4-Vz25puXEbU8tdtwJOWbYwe1NeRETN3MQh74bhF6C__eqZw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BD1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-An_aop7qcrnXmJxWYqCw3bzIfx6VW2ojAhTT9dKH2ETHKeLZtOO4ND9OTzxgUBYzQt3Xm_HPtXQfwt5oeGPUowA0FoHbg55WA4asPouMh5fayj27k
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0BD1 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:32:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 0BD1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 07:44:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
20915
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 07:44:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 0BD1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:06:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
51996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:06:07 GMT
l
www.google.com/ads/measurement/ Frame 0BD1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5nArn1r6EYcDJJLMbpph76fh5jxkXK5JKnqFKQAU3BHA8n1SyoLl9qW7CHAgJKqKePmUdfIOWzovlExrZFfEj_eXnNA
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0BD1 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:32:43 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 7F4F 		25 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2122274307583474&correlator=3283839943435820&eid=31079957%2C31080285&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&iu_parts=22784401475%2Cron01_300x250e_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D4b0742be3c1d7fc0%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_Mbs4rw_CKJhjAJvo6h35at8qhUi2Q&gpic=UID%3D00000d3f76510e2f%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_MavKhLTXflWEFLNeuE1r7_8Dk1UXA&abxe=1&dt=1704979963681&lmt=1704979963&adxs=1050&adys=779&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=gku8wev8oz0r&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&ref=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&top=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&ga_vid=1939213249.1704979961&ga_sid=1704979961&ga_hid=1520196801&ga_fc=false&dlt=1704979959178&idt=1473&prev_scp=Domain%3Ddeseret.com&adks=4135884502&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80d8bddff3ab656502b1555ab421c61eebaf5549d4389529648f67c46c9dc980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11849
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 7F4F 		25 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2122274307583474&correlator=2063179306715897&eid=31079957%2C31080285&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&iu_parts=22784401475%2Cron01_300x250f_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D4b0742be3c1d7fc0%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_Mbs4rw_CKJhjAJvo6h35at8qhUi2Q&gpic=UID%3D00000d3f76510e2f%3AT%3D1704979957%3ART%3D1704979957%3AS%3DALNI_MavKhLTXflWEFLNeuE1r7_8Dk1UXA&abxe=1&dt=1704979963693&lmt=1704979963&adxs=1050&adys=779&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=fnjjg8iklso9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&ref=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&top=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&ga_vid=1939213249.1704979961&ga_sid=1704979961&ga_hid=1520196801&ga_fc=false&dlt=1704979959178&idt=1473&prev_scp=Domain%3Ddeseret.com&adks=3785658796&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1235797de51c5f9f7f56a5795f1fc6e13d2f5357949ed24857ccb634cd4a747
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11923
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 1DF4 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd6c8a509da4d92785ad9a6ca5f3f876c29df01567c8b7be9f1bbaaffb5b5d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 13:32:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jan 2024 16:50:28 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=11913
Connection
keep-alive
Content-Length
10963
Expires
Thu, 11 Jan 2024 16:51:16 GMT
bl-250cc79-98ebe0b5.js
tagan.adlightning.com/deseretdigital/ Frame 7AED 		77 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-250cc79-98ebe0b5.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ee4feaf7d7d9ebbdc924f9d70e67a34ba1fc00f48051151f66f747d5846ea54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:06:43 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
_wF20aOmHzwNDMjUSSAIr0qQSsAff7iP
x-amz-cf-pop
FRA60-P4
age
77161
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33407
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 15:18:08 GMT
server
AmazonS3
etag
"2d8e8f851c043de1e7d50af54fbb1b1c"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
8Xaun2xKYEFi6vWeYE2Z2wTiN5ba9NlMyh2ObCoUPOiZnoYTOUlJPw==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 7AED 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:11:08 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
3543695
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Fvt3IWwPWdEwzmCXMwJexRcy17ES8zGbgUu9tqG5SYVjwImH1Lzfrw==
bl-250cc79-baff5b41.js
tagan.adlightning.com/saambaa-deseret/ Frame 7AED 		105 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/bl-250cc79-baff5b41.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b1c8eb0f8246cf8da5999b82f45975f0d02cf1be1e114c958278a766ccbd97a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 15:43:40 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
QaMFVZTIJk2EONw0.UQRowAKyI7UhqLR
x-amz-cf-pop
FRA60-P4
age
78544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
44545
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 15:17:51 GMT
server
AmazonS3
etag
"7c1905428bbd96e6347f8d1a30e04198"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
vGuSbvN35k6QDsKsesUThiM-Jq2YhAEUCSr-dSsYb3DB3ylmtuBobA==
b-d6435a4-e8081c48.js
tagan.adlightning.com/saambaa-deseret/ Frame 7AED 		79 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbec7e88311e23ca6604fdc4dc242d79f68860de276d4bb846b64ff310ec9b18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 23:33:49 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
X5ILD3._lZN2ce9.Buto.oRFyfoksHBJ
x-amz-cf-pop
FRA60-P4
age
2296735
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29477
x-amz-meta-git_commit
d6435a4
last-modified
Fri, 15 Dec 2023 23:33:24 GMT
server
AmazonS3
etag
"e4ab17739c2289a272b486a62960b789"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
9rVFOsE2TAb6Oag0pUsKxgO5O6SHurr8G5zTOj70mYb3q5zAqVkXJw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AED 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A42lbHF7Xtv9IMRaF9kljYuwrm6j1A9qXsJuo8ceqmKuaJd774BtHXJR-E4ct1PikePaa4BInmgfStyBi3U5vEEYscHP2Y0EG4B1Ywcd9Gvb1oquw
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 7AED 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:32:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 7AED 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 07:44:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
20916
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 07:44:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 7AED 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:06:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
51996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:06:07 GMT
l
www.google.com/ads/measurement/ Frame 7AED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJd0fy64AKHsxRP5maq5lqAEPn5dLJD9XXrjQaXdlObzzd_lforFG4VB5lnFLydtLIsfxiz9cyBvzUBAwfRClpcYFfdA
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7AED 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:32:43 GMT
bl-250cc79-98ebe0b5.js
tagan.adlightning.com/deseretdigital/ Frame E35D 		77 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-250cc79-98ebe0b5.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ee4feaf7d7d9ebbdc924f9d70e67a34ba1fc00f48051151f66f747d5846ea54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:06:43 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
_wF20aOmHzwNDMjUSSAIr0qQSsAff7iP
x-amz-cf-pop
FRA60-P4
age
77161
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33407
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 15:18:08 GMT
server
AmazonS3
etag
"2d8e8f851c043de1e7d50af54fbb1b1c"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
WnwZ_1DxsAX2rVPCc86WISAL_uLVW0DY5y8EMr_qIHmC-0FcbKY_Qg==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame E35D 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:11:08 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
3543695
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Ypup0npXY102d3juZesJgvuwnQJ-xsZpPUAROr2BgB2_Bx2Q566PPg==
bl-250cc79-baff5b41.js
tagan.adlightning.com/saambaa-deseret/ Frame E35D 		105 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/bl-250cc79-baff5b41.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b1c8eb0f8246cf8da5999b82f45975f0d02cf1be1e114c958278a766ccbd97a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 15:43:40 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
QaMFVZTIJk2EONw0.UQRowAKyI7UhqLR
x-amz-cf-pop
FRA60-P4
age
78544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
44545
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 15:17:51 GMT
server
AmazonS3
etag
"7c1905428bbd96e6347f8d1a30e04198"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
5aJE4kZ7BkL6UzrxQihZ6ksjsXTmvejQEijv_FjO0D9iWH5GfdMeeA==
b-d6435a4-e8081c48.js
tagan.adlightning.com/saambaa-deseret/ Frame E35D 		79 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbec7e88311e23ca6604fdc4dc242d79f68860de276d4bb846b64ff310ec9b18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 23:33:49 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
X5ILD3._lZN2ce9.Buto.oRFyfoksHBJ
x-amz-cf-pop
FRA60-P4
age
2296735
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29477
x-amz-meta-git_commit
d6435a4
last-modified
Fri, 15 Dec 2023 23:33:24 GMT
server
AmazonS3
etag
"e4ab17739c2289a272b486a62960b789"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
yKaPv0VC_Qdt7v4xYT4L-ulYrZX3Kq1Tly-qKOHNy_sdeTmJK1Dtuw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame E35D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DI1rjOUzXOF7WtpmVLFvFMabTRR7zpK-lsWBsUb2Q9wici7SQ6671xjiqvp29R91c21VjfHnGwXuCSV4oUE3A46yXA_wKil_u5epnkMa1qgBPzRt4
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E35D 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:32:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame E35D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 07:44:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
20916
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 07:44:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame E35D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:06:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
51996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:06:07 GMT
l
www.google.com/ads/measurement/ Frame E35D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpmi5Z70DbnT0zVd4eWKEO1xly59cpvOnT3aFrbGRKp670pQ0vhPzfRsFMjC8P22eOkFkYDL3wugzFKQ4S--YnFgfWiw
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E35D 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:32:43 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B976 		624 B
244 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNWVN8FwoHSJheThQxF0OUmDZhP_VbGxU_QfxD2homIq37F1JSldOLxd-RV8dyBl1QG3Q2xC-ee3wxwP0xyPLf5PjJp8DqhxhMIYG3Jq-CBLpE8DxhrKnDWbju2ErouqYzZa28CRDKBPH_HS3jI09AHqWlStwkV9GFvLikADIm2qDQ5MAtg
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D655 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4868666129356&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D655 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4868666129356&version=m202309260101&ct=76&x=1&cor=10363975648467560000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D655 		86 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CyEJVX66Mx4bOXwgK0ZnO7su2Q_wGA8lt3niehJ4YYscD_izjPeELLrVqYb0QJRmTXL7_FbQOMM4RkKvhFsBPYQy0qHqRQmlBrKRz3-l3ZPUGueZfBiQZ7maRSUXZpl8XB0C_TF7RPsZ_--a2fAaLVTSMkj_Hz3g4uWtcF_Y-xeCaXjX4&dbm_d=AKAmf-BzfTNI3xZn5wE47A7hA4KKfcdaFkx5Wz4GKflk9pwv9k4zkRmc3ZnI6AHwJ9F378lpqtf5RLuYhY1fuA2s4hZmt9SFZ140OXQPJyU58mT6FdhIfDjbVdXcpAjc978ybi0CiEkIsSYJaujAgceQIzo9OGiLPJwYhQvMiBIMKoQSr1KJCzf2xCc56JP4hjuGB93afaO9Kg6zhiJWy4yFHxn8g4zlb2H36vkVT9uLRheGdIf411qVswcvgeHf76cuxEFuvxQsyDQlQ0D7wntRGuqq8zgL57U6aT8tMq_qmwRryeOxAdn_d0N0zhlHJTZBw7nNZbS7Bgc7LP-AE93WWhJ5T0mzsoV4ck522xOnzw0w0ZsDgiIl5J3ACZFJ9NYpwuS1TkHEXyDitNvacsqHdY3cZqpkWt-Pk32rgkkUOWBY8kRUqw3yvWYOE10AhRQHDHr9fJhHV4z1OLydZ0OyMFMOj-5cW5m-QkQVJCnWg0Oj58WNpN4Ktezj95j8vF9TrSo0x1kpjIZyOqNfuK2Y2BHr-hh11cIHjIv43xHKTUQ0BAS4NKQAsK4m53VA7mU5oifJ6efsOagGR38DBiS2JEHkiH-xsZdhzYKQONPagNIZHDlEbvOUP_eH0iyBvDKJ1DHPM8URYSp4Oq5pssb58JMEPdOEA_QrbqplVz6MCqEVMwvW9w3YSbGrfDBHEe8aWICq7ZSkdjQDIWH7GJoqeHxnJhfvxST9Hbi02-i2Pkept1hhJRmipw5VnNYltmH3phVd6R-vHPxE7wLmyLQVKH3KotOY2Xr7B8xh0rZX9wyp0MaGw65Z0a7KrsYC5Ifr7N85dIsKNR7cnUC5TEfYgfpjKeI4Ey-HDkckYfT09hjHrvzZsKm89Rp-GKzAy3gSACPf8moyQve0B8QSIWZY7kgdjoV1cV3Wqwe0P3-wKEpQzU4fr8HhcimP8UMPldd05Pby9cTq6bsr2dlEL6IYKduzdBY0DPP2ShnwLYQzf0zCmNezHuNrfofZlzV-aiuy9sPd3pQ1OAHvE-bPASDVRz8Z-CE6i8iHt9Q3RlHMMrqLlYxSYjNHa2j9-h4-8QUjj_6drR0T7wTVE-1Ka7bh3-wy-XEtmu6zRjmOrrR5a11rQdM3Wml-eMQ6XY9ZW2oU2Mkz-qHnc87EJjmO0gIc_eXpcMKeSXlHNrZ5XxEHSMvXYNyElAo28cwvEZB_4d0qs_5WOr0ofG3yJEje80HSD7fwcDxC4hH3gysnBww7XKEwK-vOa5rOd5z0YaXS9B46xl4mw0iMH0oVW9sBAvEQXw_2iztNEZ6VxvCSyU4PLs8AfEr8Za0BYdgssF8tW-sS-6hJpOSsj2Js-IHaHS04LHmWEVOBY4hTEdQvqE3dkOhKVZ9pIci-uJfmUL_ZZ_R2nN9CAZ5Ld7QHCXg3srLrm0T-5Xp8dVfcSoa3fS-zrKU9s_NHakFcs4edMz4rQK1taWPKmbsk70siEJ_hdGEqbFrwExPaIx448WnN6ncqWEAfmI-lfLDfI2rvXrExi6NgkR6u7XxdR6c-oibVo0SRrMrepHPHNdwqkz0dUlpCjxK4FIJKwUvywZa9kN-3FphvQm7EWXHYqdD8_ljdZHF5xBr9M1thOPUwl6YSLuq5u1Jza7vaRNE1urONOUvRd2eIBn8BjkEP8aGT2LG4KICQ6n-r1SWELDCewVIkQI6wtJfTxWJPpU4NuhLTN8zGzqsZ7RAcuxYMl8biovniW9n-UweB1dS5mqwUw3cxLcQrn6TGSmk5YtrP7N0Vms_2gqP4u4AkxIZ3OvCVltI0LuuqLiohm4r8GPdOi0Y3sfh3j3RyJNq_3e2u-n3uGORbP9YGB8F383GJKgPmMxgJZe6upOZz175aTN9Ztcoi2BTT5QRK1GEF97E0Zg9GcyDGiQtpN_tltrUyNTmqcugFju_uHjB7gVGR4vgbNgwhGj7mCvZ0zgctsuH8k2bO9O6l94uYSvZ34dsGf3nxabDk80bQ1byDsfm0-BfiUBjP0HkvoVj1ufaBx9xGsptGu6eDkr4d8ClhmdLskRxfWhP3WLwlIcWtjWC-uVLPpJw19ENGdeY4nf_-AYSAxQJFWrj-VeTFJUmjDXgWZtGEVQcZYe3i1GNYNeiEIqInxN-w-ry9VeLKI9d2OHv3E4UUVkhxOpn5BD3W_Ma3VTq14CLyA19XvWdKmgQJdRfXs76kzNxG6wCoy_exdmGMJG5PMnLgvLQr6U-l_PQicmtD1RaoI5inAZyrnI9hzD47tO-QD61H0RFUO0_QOhwPJSm1Gj7Rsf-ATum775Mo008w6WjGY9wQ7Wypypzx3Aftu-kJi6rSHmcuRssTO4bUPxf9ChKJiTlGjgash6bs0dvdfbAue4ZcxgSp5_bTMIGadjJrK86PUHBjzLBe1THHNqqm--PVs5eQHCpDivKQiGWv__R-S1hqd8ZI_BZmtHpfM60qaLLlTIyZoyU72nygY5CnBMhs8-xPaB6s3z6R79nC9XotuDzuykvxKscdps4H5jUAZOwvEI304ilhBByBaYhDeEgHRCdIcEVF_MkQmTasLYPc5YKX3EnkDs7iiqNmMg2-prfWm4PoxmXcLj4A3o5OJ7nB8a3NFbEK-69GMES6GIVsDaFlWezSYXRIMJ5iqYiO8yw6lYxLD_2xPexVt1AVMIcEOnYAMFhkj2hE2G9wdXZNoME9f0bl9iSJQtHDgUwm00u3A4j6SZHERaubyRWCzjVjvaEJBmmHBVfHB0lOiROyf0XVD7njOzsQxFmG4y7rDDkEQxA8YYrRQW_q8zb8K0v4OYeZLs1J7EqxekGDxvo85fXuRDCCagGoMnYVLL3_ruiVzk2H2T9d84NSqJgw1PfC-N_XsVTR8tARlP_hlQldzrGSTiAEQ2j4yQ6afDS1MXxZxxT9q9X9a0B1yy1qB6Z6eeAkzqqqPuQcqcRX64tmmK4fs9hx4NyO6V4xSx5qvjDDfaNq8RknY6Lcmnm4rz0KIXMBFVBDYnDwdg4DXIKNpYWmjdMVpzxaPxFFFmS7tR1CPKtWP8s0JOoWS8eGXbi3V_KZEzsBXAKViNvAtxZHq1oMw1WNtaegwon1Ch4mXUIs5BAAMrEfqPmGJUy2JYIs7lcBwjkjbCOKd5q7G8_h_vpOVzl-SAARHscDsVxqBn352uYgoWVElcMtmyxqLiFZHJcvRy1azWlFfQYBXBSSis4B5M7Q2eqAzETYq4K44X_YNlc-6jY6o6TXcK6hTNPxyV8HE6EJMEPJKoOFb9q2gMfFX6EduiZhXM_l53sdVvUweWrx-qkhXi7qQAO0FHMsGqAHLk89qaVg706O3VT22rvvDQ57bmAatjM8CVD1FbNyMqdqRnkBhRWn_IM5ZKaTsyFi9AZq0PGjqSFPjZMmazlaKZQ9iuu1qZYk-M9_ODzr-tfpTcUj0VChq5sgMyy_VLR0OU8aR583bF8M7QoAUZ11F5kSlSkzLqc6Mj6-GW4ZfxbcBolVFeTnTXRzNcmTovyn1YOnSv2swRcg7tG5oYGFfubX4nu06OXJHfmjjMteXf9ye0sCCSmTGZkE0NkGbD_ea603wH54pdPv9s_FO45PHL1NaupSnppaRJIbia7ByEv7Pb49_nCZxAOc6eevYo9-zNYJmXFOsemxWNdZLEd9nQCkusIu8yHNjCXgpD_Y3cBzPyZjp-ScD6C0xnxvK1GFIZy8aDqAwDfDc-6MySxGTgyoWsLHc8q7IInGndVmOMqOh2a9rkWigrWJ3F2-GAJaMa7XkAM0WpHeOt38EmUuJJoODLWclbdZY9Gw9sGedniS73ml6mbtwLh23vhhgXLKubnoWP2kvm-utsmCLehW1z8U5TGoagfEZHhky8hqQvjYQVyBSz8F9sBoxxEFvmXhgzSpTuOGc4tEM3rD3jmC14tk6WP0X69HN3Cwzvv7qObHcHSDK91rlBWJqm7_SrTEyEouJmtpzEYKfYGoddDUIpHP32PyL24qsV3sbrHLD6v6YvNeM-TZ66CEI6Y8kCE9aqviVCgKrZMCXJiSvnBcxG-4LsLWp6S-XhizR_ktb951wMoGWoc&cid=CAQSOwAvHhf_Q1IWT2YxKmKau1QAJHuLf_WmHX0iKSlSoQj0X-LntHOsW3HrP-v97fDBnSxo6eR_HOdt8oWvGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.deseret.com&ds=l&xdt=1&iif=1&cor=10363975648467560000&adk=2123886298&idt=120&cac=0&dtd=118
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aff731edea8ed44f2004b31ff21b7a7736ea47527c8711487f4e170940106f7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39983
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 1DF4 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
container.html
e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E362 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:42 GMT
expires
Fri, 10 Jan 2025 13:32:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9009 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:42 GMT
expires
Fri, 10 Jan 2025 13:32:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame B976
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKs2fJsrClfdOtF2AYI-qAY&google_cver=1
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKs2fJsrClfdOtF2AYI-qAY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNWVN8FwoHSJheThQxF0OUmDZhP_VbGxU_QfxD2homIq37F1JSldOLxd-RV8dyBl1QG3Q2xC-ee3wxwP0xyPLf5PjJp8DqhxhMIYG3Jq-CBLpE8DxhrKnDWbju2ErouqYzZa28CRDKBPH_HS3jI09AHqWlStwkV9GFvLikADIm2qDQ5MAtg
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvagS5YeHXoxTbUv5powR5xsZsMTRDjSW8bD1RiVqZ5bFygobOu8TIOU6MWrYzbt4mkdVlgEJ6s%2BcQf4NTxM0HaKuJKd4L2OHlgqovcIBns1BqoVsg6xIPHAohcWKH93VpnSB4OUBEYdnA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843d870f699a6a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKs2fJsrClfdOtF2AYI-qAY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B976
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ-t-V3Fy.E6onXiEaSO-QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKs2fJsrClfdOtF2AYI-qAY&google_cver=1&google_hm=2
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKs2fJsrClfdOtF2AYI-qAY&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNWVN8FwoHSJheThQxF0OUmDZhP_VbGxU_QfxD2homIq37F1JSldOLxd-RV8dyBl1QG3Q2xC-ee3wxwP0xyPLf5PjJp8DqhxhMIYG3Jq-CBLpE8DxhrKnDWbju2ErouqYzZa28CRDKBPH_HS3jI09AHqWlStwkV9GFvLikADIm2qDQ5MAtg
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrXzQgvtTRcMdSGsVgge1Z%2F7dsVGwUHtnBCNA%2BuUpn%2BI%2F9zobs013CtUm3kWrSHZTjBfX%2B6qt7O2hcDwOzLJKnQ1%2FrpdIejaggf9bR4K10AbDZpTkPQ0%2FPDPBYODvHaODGDM7IXug1QveQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843d8712696f6a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKs2fJsrClfdOtF2AYI-qAY&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame B976
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFOyLXNnkLJsGB-GWgeAus4&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFOyLXNnkLJsGB-GWgeAus4%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFOyLXNnkLJsGB-GWgeAus4%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNWVN8FwoHSJheThQxF0OUmDZhP_VbGxU_QfxD2homIq37F1JSldOLxd-RV8dyBl1QG3Q2xC-ee3wxwP0xyPLf5PjJp8DqhxhMIYG3Jq-CBLpE8DxhrKnDWbju2ErouqYzZa28CRDKBPH_HS3jI09AHqWlStwkV9GFvLikADIm2qDQ5MAtg
Protocol
H2
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
an-x-request-uuid
f5f3a521-f5c1-4243-830b-18afc0a0df93
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.108; 80.255.7.108; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:45 GMT
an-x-request-uuid
794370dc-77d4-498a-9737-95c7b19e39c2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFOyLXNnkLJsGB-GWgeAus4%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.108; 80.255.7.108; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B976
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA3ODE1MTMwMzM2MTAyMjQ3MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA3ODE1MTMwMzM2MTAyMjQ3MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNWVN8FwoHSJheThQxF0OUmDZhP_VbGxU_QfxD2homIq37F1JSldOLxd-RV8dyBl1QG3Q2xC-ee3wxwP0xyPLf5PjJp8DqhxhMIYG3Jq-CBLpE8DxhrKnDWbju2ErouqYzZa28CRDKBPH_HS3jI09AHqWlStwkV9GFvLikADIm2qDQ5MAtg
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:45 GMT
an-x-request-uuid
fa830af0-eedf-4473-b3bf-8856c0af16dd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA3ODE1MTMwMzM2MTAyMjQ3MQ%3D%3D
x-proxy-origin
80.255.7.108; 80.255.7.108; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4004 		640 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNWfvzzb3GkDD8EnlW33QiQH_N_oRiCRWWQEbgpp7nENoHNCH-obzTxlqrLnFCB0lWUINUj-SgEZ4KBoKGUZaQFniRUkla5NmcekgUoKWQrqQQGJ4Et2IaMdGYXMqrwgtJko66a7ciTP8MQLozLk091pltgGBSupd4hmdM4xbkGK6h-0wPw
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BD1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8537032340389&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BD1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8537032340389&version=m202309260101&ct=76&x=1&cor=8268734740169431000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0BD1 		86 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsaoHSxk52AvKS6-jDo8PEEm-IWKGjeEmS8KEX_Aef9GxwYRbmwBhcdHNU5FPdOBjeLajJ28sws73wadCGFkHDvBEydL5QyRvVMjZNqtIqPJWsi4yHo53mALFf8vt6hxznEBqdzX2c4RPiinJGvTdc6r3li8v25QfwbkM8_TTtrZUqEuA&dbm_d=AKAmf-Bus0GAblpqW1mWfei_zIysu9jKC4SHF4KFN7tIklnLxN1ibjjsKSnVs09BEGbFw3bgavNiqASpCMw8l3Qyd2xcJukaR4WfmQQ4duizXnHaXaUqLwdJuIr5cwm5Dcf6an43UxBPbj_w8NXiMsxRrzpuYiQaup2yEwFRRZeTR2Y5ZhoHiZmIDoKzWV8p2entbna-clrA-qUqzSCwE8NYGZmwsy6bExYeYhxqxJDaVvy4maTfMfONvWvfMdl2ifiUWw9WJamgnyraUkP6A7Vcv1raFj7G7hGF23Jrhps3xx2ivg3LhefyrZ61CKRbn3j2rgQpfX4NqMDxf9KZZhq91uOcFnFUeUxKxDLHmcpFGbHtNhKZFtB4YtoUzhjgLig9dGs__tZfElWTSv8LpeV6NaQeaKcWWpkdIbtska_jFYyeumxaxqDzXiUdIkAo0e16sIp5xGhourfByzPrCbR-hgU8B-QhtgJ3Csiux2r0KI1FV0RDSoaKCzrYXso4x9C33037jzqxDF7wcMmQMrM31ryiFjr4rq_GMwlpD2ScFHLoX0IaKYqNCvCwR7VwEpX2D0Adnrxiiw3t6ekj0kkzd9rKRhqJXPv_C-Pcq1Fr4vqXJxF6dbpeoBbWSEWjs6Y1Qz9bfmqP5l51SH3ToaYZY08waE4xAU8WUOc94BQ2fa1NJTFf2vRZfSD34DUAW_gJl1qBcTAmMU2b6Fetw2mXRRtJH3cc2twdx3ilDhdNZD9YH3Uiq2aRp4NLTAB9wvw-nWfYN14Qtvz86vruAQa5l1V_u1U1Csqb4Q68gJNVHa27MisoeOI1CJ0Gn5bKMkiqN-JYCy_ohVNXos3OWDff8PSdhYn_QC6dTPcMXjWUF7gHtNAoJGCXwv9VgvU6882PFk-tlZouJ5RNOAjry2Y-lPYNaoSfVCVhzrf-I6EFrtZtglGZqSzW_bRy2W3yvMyXMUeqKaH9VGzX3Ms8cY6mDSc0I1gCtZvF_GVid9F6ud6_ETJVQYLewgStDT1WAfDCCjwJqcNC-RRKCUw48lUBdzw66iDC5Q4IKNM8UBQUJCa9rCqsY1Wp44HRQrA0sXuDPAs98nXTL8rmaoMMkLvT-bFJ0J5crm7RsFE6_jWAursRMtV_NKgyxYasYZvI2SUWX4hx0EBQ9Ul-22yasb2Y0czzcD7443LP5EkfL4FOXV7-6AxZxV8hnmQdTgEEYdAwTDfNce54ZVL-bijBInhZywXXCJCYGGAdUjSf5Uqgj2MuPkySJ57_1T26GaHf_deFEIBhaJtt78fgJQ3pA24Nc0q1397CBEcKnhLq034kf3foHLhJRKGJ42GAl7sponZecmunYj3lOs8PDfX4AGr-2Ae-8XmRsINRetWSDyBzoHHBhcXRKBjBga8N58036RmNXCx-Wt7EzGadjE29RuMwEEUvVTiC025Y9Rxzdzersewy9JuVl6e7SWKHL18-kTfHIDUL0glZ9WE9MMaORpFztzpX8Dlnuha0CNVMyjHr5H9_PfvQLA_zJ29Fwf31SqE5Dblnbg9tdP-VlwZ9zFFfQ4S4puKR4QekXI0uKWBS-0JrPy5FVQJOCr_cjN__Be-7MnJYy9CVLNU_BG8nvnK_kL8eH1Yj14NQTVnlKNiAen0dv4CyssOdkbvmGstldhChOXfmuLbn2s8QlgiP-O_m5NMjMsU59pLMQ1NICdRZ-igrxqOIxBXACw7CB1BB8eBuJAyQKlOKyw4t2hciCLR6dtGJSH0vuW8QR9a1FXhv3_aKeQxFhNC_d6opCPLDveZMp1OGO0gsUBHZdg6BJ4qIO0m_14xabERS1UnX2uE7awF7d6JGueSJyfkjUqilvZ8Vnc_Kl_rKj9qQd5f__MjvJmUKwLMrT_ERsB3wukTogmg0_K8GnKdZwcGbf5mwuUye-X2wOx1COBsCCWOB_jcolErFMnIKttoDkB9L1yKZoaUBajHMnGBqwq0Sau0OEfmMtSqR0vtcc5rXiyrfGWuG4Mj_3MyrNs-oTYhpy5ly1zVVVb_yYNq4658wSfau7mVo9CnneD17euQ8vfI3ZA4Jnm_HWps129FPhdqB4_bweOh2izdRpP-mn_w6ZKzn5IDZm9WV9mscRyY32ECYgR0bwfEBxqy5YEU6qLS1Z7P1TwPO_X2_if4xdD_msdLExRKcMNmQ483EuPlKVqD-bCGIzTmHBKc6voPVGyMfqxGs9YD9oSqd6JbkdN1yRkVwHLLM5rbn8Elg1Z5FxBoGnNiKDgo6egLZy7zJ3LA3LUXS5f2NjGGEKY-fgYeOkQMgfSQtMIDsSPQ5dq2fsQDFipptQC4wcmhDMVGTVvWmYwnpn1lv3LSDGfqPuK5Xkgj7Qfd1xHEZsSzvj5bfuoLawlf1ZcFFdRdqBbJTr9eTgaF5UgmeuBViRuMT867N0Pmy8zN-ouZftLmCKsQ4U21OCK7aJDa-vo6LjZKaDc7kpEkRoONgFq_hqYdGVAyNwq322ZUaqBpkXHuvL34i2TfSl5brcQ4zdTLjrsGwlNlkGiA6PuXZl75ANBuJ8QAGxotAQAay66EZW3xRsX8sENq-2x-e-ujXeY7WAmg2ivjoBLDiQXWpwlrcl-ioMxONwdH0ej1u3ZKaMRHunirLOEfzawF6Un7cbRW54EcYPi-tcdiMdBS0lyrjXADFPCyey2-QBZtSdonTGI5Ast2YoOWgGqxpgDzZdHp33TxbF4l7Eei_Yx8FHtIl49BAQRrnlp8NOHenmmk5oYYaANMRGzkFJs4zIqiL8tf9vqjGmaq7CJFnrcDINWzDsWFVSgEM5dwxWGA6AHbR__px6KTo8RKLFC9K8EB1-5nJAlG7l-FT_fWmRsg-arqV7lCNz0vj1CYvlOLWglcYqqssM-RzKFeACv7c5aBQC4SZlGRDZPMOvfHF0OfTk45APgAni1BO7YJOIz7pvihKiukBoIcaGvHexdClxm7lVNYRjf6hVoWgjz2NJcCftoxiwKY4pkewMKZxKaWY3IaewfF6fAIQz_mbqSNDfiCvvmnxi0yXjz8taMNe-TQtoYH1w6J_Y0qXZ9gHLPb8pcBtsDxk0vQFPLLlBY4Mh82hoBpRMKCoC9RroTTvja93hXWrn1fFY2VCXEdQO-YRbHg99uGymiQ4k9OrvMDMLSJi31sM8Lz1X4Pkjgoj0m_UvJnVqOJnrVEYJXkj80fMPGSI584iCo_ppa2BkGeEDeGL7yc496g4SGhCcnY8mJ_taa0uitlzrEDc-Pjrsk7Vk8MDVp3u_gnPQmfwop4WDb1xmHVp0ppQWMpac-mBQXDrwK7oWbdCTKCnAanwTfgD8Lzhi81fqU2o3uhRcQgJgXG6JlmmSy2oVg9GQPfDIqZ9eAha83QyaZgbIIfRitGcuRvjfvX4shrd8iOaivQ2kCQohbUmhndtSrGgGE6io48XEb__AO_FnTfsTc2jbtqNGKkcW7S1gTqXCjHM-BWeO1ILmR6QbdJ-AID0jAPO6RqPX0-kxLAVF3IgpimwTyfTGjMuWCgcclsxKUiQHXY7AXa_9HgOggPHFuGFK907HgzCxO6_ngRwkChu1EoblBzGVYTEYYRbk2U13nBv1uzHVUG1i0-89blYHzhVrJEZgARdI1c--VFU2DVBM66Jw93dOQ3pbqdZsbZ6jT0greFWU0SHQUKW5295WIbQJzA24hgxYRSxCpQIa4N3RtSU2_1B_f3WAqQ3t92K8KPRv5XW8gZLvB4tmcHSVqQGJ7bREua1_tkWCdITJNNh7YVp66EMhWznR_kWSWkbADRiNLCqorh0djIBt_qSJTeglHCdj7Nb9biK2SU2mBh4hy8fB4Ezp3iM8d12UJfRFlzGqlZrQnvqU6Zzom2ZRYJLvcD8yCkLmeeuTngdzA97Pfaq32X5YtJd8miJn6aZCqfNSlxBsurZ7LQz7Sw5xab40Uxuz5h1ruN2m2GemtaHzJE3Q1e2JxJO1bUAt8XYSTAGlsZtGdsrLHPXj-MP3R21qkriCD21oB7xDG7oJ9JuunyHAkFRvg--EUPwIuV1G7GZaMiXvYwb0eghyY-0ryQKDvmD9iPCNA81nVw&cid=CAQSOwAvHhf_c_HDliwOy7Eofs2G9glQ932yGFCKh6C1aVk3b2WaxtVsozwy_y2ekF0N0Ic9k6ui5TDD9lcLGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.deseret.com&ds=l&xdt=1&iif=1&cor=8268734740169431000&adk=4213976313&idt=115&cac=0&dtd=202
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd7edbb00e154e957bbfc2a825ee603de6bab62215d5fe1580687dbeba3d3d45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39696
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame D655 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:52:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
67186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:52:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame D655 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:52:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
67192
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:52:53 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D655 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuQiMJMX6DiukCysLrZTAQrHhcnYJ2Fjwyv35-KzZPldHA9VQdQTI4xIRPTTsnU3BNIqsnvv_erxUyWgxIaWtt-2Rh2pULf1lVnHcuaU_sn_M5djbO-vmEwniYd7TJkgjrTXlRRf5iAW2GNAPG8-_xs1DyL0wKZYAuzD9wI_dE2abNAFzz0-K6-TLXaEx0yPxyyxQBPXaZV7_DZrvH864qYsgKQsy6dDCzbTtg-dKwAGNkh0Olm3d8K07izspQ_w7Xe_OrXuUy3S_MxeZxVAiXcBh4wfMYdMCLJ0VkRbpzIqZpd2UjMJxwdV2t0mN7PdYtt4KlKshOdUk32yyJekUvO_9cZKOZwczFLyhzXxeWQ2IrCUZmFw7jAWF50Jgm2UK78-_FY6QgxWg0qIRtIOmNJwcVTa0f2nXg_v4ldn_AkNp421ygJSa12nx2bOBHoiIy2V6ETkiVRAij6jmiHOJPicyUE17Pk8ZiC15_dBaFwgiuw-6uxcnW-l0jzTbkqRPNUtO6EGoVSG5H8yRItqzQyXnbEtchBwbohIRqEb3ylXjQKjZIg7Z1R8yC8Sujv9YxXBzVrJwpmR7QzXdh7MozEEKH2DFM-hUGgde89ArFDyZHxvdmtv6YXaXOjcEvbtCvch0nWSxQYd70bejBjbLN0J9V_l5d4yzrsom2BK5pXdmOzBggyAw026yoB_gSSp-i-YId2ddO893AYVjygynqFSwjQbOnPBOB1hmHPoglb_LOYUpd9ZSLeZ-f_adXzy1fY8dQ0Wg4gLdE6l_FXWokahp1KAQiSiZET2xQEYZEvOMr8hdRBqflVSSfhoPBcqLnr7Us6AuDuveh3AQYU3kznbim73tGBoTzWembSy66SoeQgJzvYq6duoOYRDRhcmLZGnBTZbkrvm2HXnDtW57pEGY0qYVk7QtBZdyBafE-hiHUNbCfwCzduTpF79jAQySSSo76wwgRxgrMmGRk7Tjdu1amvf7d_gYqF3HVRldPcOXGyu0xKWY0ZkxMpEwomOr49umSqLzkmXNhGA0mGbfYAtQmEPSQt2g60vju9L13-xAw17Da3FqY8B67t4aRYdfoqOLXB7f2Y9WtCHuUQNAgaGwx5cTvKveUNn66eEG6k7xpf4eQzj1IsqfhoaRl_emfjLTM38r9eGdR8DLBNG5j81KckhcyP_PoVpHcvPQ4lWn2FUUtQJv_Ep8Ao4LyjdXsWnY_J0UxMowK9Wmg1oCS3ro2gS4pMLPAMreTNw8bxvz9HdTNjLLHKSNzIeKkEFuAf5TgwHfdfUADHYrPY2Z5Gj5s__6r0dhI2CfIg4XPoJkCDLOJ0ZbiUYNyYQpQMQ3L6GrPx4lx01TO5T9kj0mp54pGO2NoA34BJYd1CFZ8GHEj94Aakql3IUWp7gnJhRyvLWUXFsHRXmqMa893u2PRXg2Szn84B-uG5Sgb-39ms0cC3VP6_wIAw_euLbmFl95QovNR_VQ&sai=AMfl-YRuaWRS2V7u7NiJa_RQGDfXkjYABEskUH0RYT8DnGMwSrsz1ZWGCJznBwQKO_ZW9HHvp1NUywdpMzycCbbnS1gqKkiJrsT1YqsSiorYhRaSRL1oIbWWgE5hQiLe6HyBgFzLwik28mQUiDWWw4OAkpy0wJOMJcP7UmQCoHAYburJlo5rsWmAVjNix4AeBuaAkTfJCprrpF5fea4K-Td84WuAfLMPGRy31wkrcDeoM20V1nAOEfWusT5TUXjAm0qVID6Q&sig=Cg0ArKJSzKi2tJ4CO5YwEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240108.09926&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 11 Jan 2024 13:32:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame D655 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
171809
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 13:49:16 GMT
8044784235198242242
s0.2mdn.net/simgad/ Frame D655 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8044784235198242242
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c07c4a729c1a85b4d7ab981f9d958266f1adf5e5a1362e194e20ca45ad7e4dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 08:16:48 GMT
date
Wed, 10 Jan 2024 08:16:48 GMT
x-content-type-options
nosniff
age
105357
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59828
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 09:33:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
px.gif
d.adtriba.com/ Frame D655
Redirect Chain
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698503&atb_dpuid=di_dv&gdpr=&gdpr_consent=
  • https://d.adtriba.com/px.gif
42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtriba.com/px.gif
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
35.157.89.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-89-79.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 13:32:46 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Thu, 11 Jan 2024 13:32:46 GMT
Last-Modified
Thu, 11 Jan 2024 13:32:46 GMT
Server
nginx/1.16.1
P3P
CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location
/px.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 01:00:00 GMT
pbcas
ads.yieldmo.com/ Frame 7F08 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.49.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-49-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 11 Jan 2024 13:32:45 GMT
usync.html
eus.rubiconproject.com/ Frame A63E 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 11 Jan 2024 13:32:45 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame E28C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Thu, 11 Jan 2024 13:32:45 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
ixmatch.html
js-sec.indexww.com/um/ Frame 8FAF 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
757
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
843d87139def44fe-TXL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 13:32:46 GMT
expires
Thu, 11 Jan 2024 17:32:46 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 7F4F 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=8b725e5cd3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:46 GMT
server
Kestrel
content-length
70
content-type
image/gif
us.gif
sync.go.sonobi.com/ Frame 7F4F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=82NyhbR3XSNH7Pjg59tfMFD_B2w
49 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=82NyhbR3XSNH7Pjg59tfMFD_B2w
Protocol
H2
Server
2607:f350:3:2569:0:10:0:c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-113
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=82NyhbR3XSNH7Pjg59tfMFD_B2w
Date
Thu, 11 Jan 2024 13:32:46 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
sync
x.bidswitch.net/ Frame 7F4F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=7e84d570-b5f1-4b55-a3fb-620e7bbe6f6a&google_hm=N2U4NGQ1NzAtYjVmMS00YjU1LWEzZmItNjIwZTdiYmU2ZjZh
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIwHGGAlD-k2uwNytzq3rxg&google_cver=1&ssp=sonobi&bsw_param=7e84d570-b5f1-4b55-a3fb-620e7bbe6f6a
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIwHGGAlD-k2uwNytzq3rxg&google_cver=1&ssp=sonobi&bsw_param=7e84d570-b5f1-4b55-a3fb-620e7bbe6f6a
Protocol
H2
Server
18.193.91.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-91-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIwHGGAlD-k2uwNytzq3rxg&google_cver=1&ssp=sonobi&bsw_param=7e84d570-b5f1-4b55-a3fb-620e7bbe6f6a
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
359
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 7F4F
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5134455423267875852
49 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5134455423267875852
Protocol
H2
Server
2607:f350:3:2569:0:10:0:c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-113
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5134455423267875852
Date
Thu, 11 Jan 2024 13:32:46 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/ Frame 7F4F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=Eg8lbhfCY5AZYmrVGk6wVGFHDlZQgXsE39GUDQMQk3E&pi=sonobi&tc=1
49 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=Eg8lbhfCY5AZYmrVGk6wVGFHDlZQgXsE39GUDQMQk3E&pi=sonobi&tc=1
Protocol
H2
Server
2607:f350:3:2569:0:10:0:c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-113
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=Eg8lbhfCY5AZYmrVGk6wVGFHDlZQgXsE39GUDQMQk3E&pi=sonobi&tc=1
pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT, Thu, 11 Jan 2024 13:32:46 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
32360231181374769659ea900c0cfa2.37141390-00002.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/32360231181374769659ea900c0cfa2.37141390-00002.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
557f82247c92222495045ab6e4e63541901223e4692b72bc25364614a820e7f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 14:40:27 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
82340
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
1203952
last-modified
Wed, 10 Jan 2024 14:26:43 GMT
server
AmazonS3
etag
"914b824d5539ff18b40c19f424334ad9"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
uRdmO3P8l8-PcY63apATnUD4jS0tXr_jt-wXTRVwnoovujj6-obmHQ==
sd
us-u.openx.net/w/1.0/ Frame 4004
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELSq_BD6EkWhIr-aoDc0tBA&google_cver=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELSq_BD6EkWhIr-aoDc0tBA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNWfvzzb3GkDD8EnlW33QiQH_N_oRiCRWWQEbgpp7nENoHNCH-obzTxlqrLnFCB0lWUINUj-SgEZ4KBoKGUZaQFniRUkla5NmcekgUoKWQrqQQGJ4Et2IaMdGYXMqrwgtJko66a7ciTP8MQLozLk091pltgGBSupd4hmdM4xbkGK6h-0wPw
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELSq_BD6EkWhIr-aoDc0tBA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 4004 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNWfvzzb3GkDD8EnlW33QiQH_N_oRiCRWWQEbgpp7nENoHNCH-obzTxlqrLnFCB0lWUINUj-SgEZ4KBoKGUZaQFniRUkla5NmcekgUoKWQrqQQGJ4Et2IaMdGYXMqrwgtJko66a7ciTP8MQLozLk091pltgGBSupd4hmdM4xbkGK6h-0wPw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 4004
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEL6wPrKVTieRmACC4uXWkwI&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEL6wPrKVTieRmACC4uXWkwI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNWfvzzb3GkDD8EnlW33QiQH_N_oRiCRWWQEbgpp7nENoHNCH-obzTxlqrLnFCB0lWUINUj-SgEZ4KBoKGUZaQFniRUkla5NmcekgUoKWQrqQQGJ4Et2IaMdGYXMqrwgtJko66a7ciTP8MQLozLk091pltgGBSupd4hmdM4xbkGK6h-0wPw
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 11 Jan 2024 13:32:46 GMT
pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEL6wPrKVTieRmACC4uXWkwI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 4004 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNWfvzzb3GkDD8EnlW33QiQH_N_oRiCRWWQEbgpp7nENoHNCH-obzTxlqrLnFCB0lWUINUj-SgEZ4KBoKGUZaQFniRUkla5NmcekgUoKWQrqQQGJ4Et2IaMdGYXMqrwgtJko66a7ciTP8MQLozLk091pltgGBSupd4hmdM4xbkGK6h-0wPw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 11 Jan 2024 13:32:46 GMT
pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame 89D0 		466 B
239 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNVof6UV42E9Bwr_H8fAuC4xfMwVrFV38fvjtGecylLsukktpGB6xUQm60eQjjMWATStSu3d6JCTuMeRd0RkYJ5ANC8FR-k7o_S-uYAAaM9KfuT82MMCUpA8rs5mgoCQuhGXHd1sK52bkWhiQhuWbMzVbkLItbkotQQgYF959nETJ5Yx9bI
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AED 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9745365214934&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AED 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9745365214934&version=m202309260101&ct=76&x=1&cor=4697551238385508000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7AED 		86 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cuz_dKkw0C38a73vpQDnAuSNzxcg28iCIebd56fj6wudeHsO1EbmHIQ90WhraHLW2unJy8EN90QUBHMGSeeDXaOjlbvcWdDX97iQ7F5ufy2UI2-Hy-Lb1BY1TwhKLYgXA93DkCw8RKJRPOHjD2OH0gVHIZzaniurfWUSrOvwnxz_I_6Ew&dbm_d=AKAmf-DoMWurt47FG7s9kzPDwM1F_6zt6WzLxE9DSrHhCUOd7ytoDB8cudrzCh8bA2YO0dscKMdydAuQuVvVuZS1WX4Acyr-HHxlxI5gmWNVdshtklgVqFTL7ahYKnu4OB1kjEp5DScGRbiIvTM9gQ88dsORuzbsW6q85-kGRiuNcUQdy8Pyf5nbE2XNv84MxbfvW5U1-L0YlgmtMNoeWcDVuAla5Kg1FbrQtEgTbJDv3_qq5eIe8Ihe_FnjwOpGOl7la3uYI3jSR5fQN2ehODo2LjZxYFE207bRf4yZz5N9y2dy3TiunURA7-62LU6-Sf4Y-d08HRiVwEGp6w0UScP0444ouGKT6tRi83f7iaVNLMmor8qdgvK1LsXfMxlcDYQi0pCsuQCjxvMqk9D7Pe-PHakXE6i3l3vTqfDD1Fx6Km9W99BmKIlf8yPfAHrr3s7VRV0HFzfZ8v_vdeAubqQ-jvTI_0uTsBqG8XdpienHPkhdmuCI20rqwdRwfuZGsbOqsGNQCnU1345XSn4k_EUCrxKuw1P7Ks8ujldH4Q7vA0l072InEeXfexy_8pl518Eqh4fFl77DqtamP6QRiAZlZ9jmWhQTJS8nbeZjol3X0l25YFW29mP5-lgRzjiTKvhc40zwjuVPNEhtmbLWvOixtx5AUcOHw1xLf7fmV4tVkGhRATsdBaiUH4gc1An4gPKSWsLpkWgJiBuQl74c89ryHk7sIObl7J3gHRwCNMDg7950WMPsW9xWDmdnalAQjHsgrHDXzksec5Wu1vBWcJzsOxYTGvFTx8p3fRigweyqJFXDxbBm8euzNoiXPVBhk2dR92m8P4nEuoS-YuKJkDp_zYjZVv8aSkmC97AbYkZIO21tZAOPtEEUXRhOiwh9WGGClbfS5NcEv5DLwEE7sgFAtGvibyjHQ7lIvJO8JH2kggTEgvxxcOrb4-1Dl4zoYZ6QqudUh03ArbIUreBAB76_UlhT4pKLN39CQMArzhXbmLtK7EcNVSz7k6lkSfdz88RUETNo58fRayDxW6vR8-LbaaogmqM4R-ATts6nZ-Lky10fI2O-JqNLIv1Q5wvu8DdtK_lNS1GgLEAfhv-k-FrCQD8O5HoARs3iIQ4uER0dsEUy_nrIpE9KbAXVYXNfaRQIWkbooHFqzzgKDnM9uQwbFCn0qIAk_15TOfhTKu-g5f_j-yaW8pdF6hX2nhG6XJIN04nCPTagzWrg_Rz6rqx2hrdyw7FovYZFipBeLNqNJIn_Yx9M3mnjpjR731jFi0hWggnEKurp2P7_Mu__F5phAVckJTogEtqbGLXfAXGis1tjclL4Uyvc20qfiOJkXWj6Fmow-hahKtdO374EaHrKiDYrVzMcQKTLDaMNrf9vj1yHxEwAbvwp_J2PtErN2hHFeULceKtuLN07BpjAfZAAn08_CW18lSF4oyhTurSSP4Y1dJnQDvVyMjTuWsLZaAPifu7I1cNU09SmO1LCBYvog5AycT-O2KtxRDNcTc4JKNVPUUYCwt3FbAaF3czw_i7B3zRhovnKQ9KvNqwfjhWbj8MuE1El-ss3uLLU04Lb0rWHUbL8RGHxBLXdTEeCjgkuvj7hYBVo-Ug_0BtxK6h01U8dk8eud91fTZbkQ-8cH9juL8BMyKIU1zcCE7xCQwEsffRcxbVBtltSL8Pka38775S79m_-uehLWSdiZ1jE04JAeSTe8RQOwrJG855QIFg8vB11OCKLjrk7aVIphZATjrOyPPYPwO9k8cPvkvILJhvz2j2hnFpSPsz0gnYiVluAItb1hq2Qg9klotvC-pg_8XA44PLYcm3pxb5yGIbNXrcJNYB2RPQyqsvf-tVDOunpr11nN5FtwqFfOlA_Ib5h_fFF31ggX4I34i0Bt7r_-VZwacD2AD0o81yNAurZC-3SVNObQpelPCRnMXaEoDyvrCMS4aolSRxrKPLevWqHe9b24z2Aq9EtvpAgXbvqAYhqurt8kiukCLPadYwbHfhJ8Fr8jOxKri4DcIoY1S0kj4IubTl8QKDU4gA_hv2cOVdPCZsKJTCGt7DGv-45X9rOaR3R520XSli4IDPm5iay1BrWle41zPnzxUX736VKe2r1TMIthoCXzvgw9__EYtEX6fu2yA3FFsgusqLqG1OUmZC4uHkibt4kuq9nLoSvGXCXAT548mU3nMUdiqjQC3Rdw0z6Pkv_BhTorhYXAktpckiK25IFOAkCC0sJRv7B7ytbxdcRu09FC3y2PJX4O2YBdfLCUQb33oXaQrHTQYJRsBMCgjdQsv_ZIHG3nhlJfjASQNXv9g0OmaXSiY8DjOIS21dYbFG7EXjRQ4kBGkbFxL8TX8Lm7M-b-bvIjASWvZ_e3UReRpwYRRpMSgnjxGRm_DZ6BpRWu3QWkDW2nUJoyE-YzeKuDJsm2rFkUzgS1p-oT_nY2TAzqu2xDA8n4S6pGv2AZdV5I4Tq_s6FjDjmPwkAUT5gqF9CvaKXHDEYd7SQ65DUTVHLBHyl60ZQl1jwYRwJKc01iUBAGVqqFqLISUo7YfVCDHpcCYrsuAaCWAW30iVouse2rCFb6bsuDiXD9gR-5L2yf4uLBTqOUOj_pavqBRQespm1tMDf_l7pxzvD-QR9Pa8yY73euLGH1IKSpXM63JKE-888POVy4uWNQ3sFKTF0Ll0TSoJq3y3Safc8xHg4qJ-9aLqxZPyYmX_v7iv8SxDNblmrYE_MA4N7wqrAeGio1mTd5Ns6vFYBsIwgQcT_j7CcQ-DHAdbcK2O56tb2mJPsMHILF8Rh_X533O_PhW5g52XuxwLRJEMKEzK0cw0zTDtpF1uYcpFZmyddsFHp5CY8uiLdeS0Tdy0Ob9KYoXwB4P5ZFhj8R4eT_eY09R6ROYPtrEWuw0nMSNYGfLzmcJVg-5RDSQEBWc5A8HTpe3H8RlOt7fUW2uhZY3CF60rNwNKpqK9Kxtb8wI9PWPRBHBpt2yro-KQFrTOQ7FiXGAWzc93OpG7IvOvz9gKLvnKnVtKvxz06rnPUZjosjORD1jQ0PxRhDdDwmROYM-5fSCk8M3z-wj2WyRuOgy0_VL8Q7JWhoUWJ-By78rS6N3x7L6Ofa1wJwJUuWsgIgErhqsRpKUa1vbl7b5Tm_3d2l1L-iKpk7SL1f_1FRtA4KroGh-Q_APCl_AuIDIL-NBxjLs3iYBYhpLDKWdp40A5vi-f3Xktn8zZw6ItvLLGhb1l5vK43kWBYMLf4AiFTE3DhuijWkOhu-QT4-pp56qSShWHzFanlOi122dEzp_SDd80C1nZ6BeHlDeA6p9bU5tIKIC_clqdTS4WCx-WOkAkhKdjzoQWvsm5Y2OSYtkVIMKhMuWL3ukj0o0ptXtxsdYgk_Yi-Kosl1AUT1NeP3rg2DDnYO3Q_3VtIiGqeKRkNi3DG28MqWQU7ueHNX5RWoDocN6d5fizlLckPBmRyD4QeJEEq_UrYGOEuU4v50OtYgkO787wcm4BEl9ZKZG4Bjv7Ytfi-2Dlec80y93BXhTc6ad3WZpTcAwN2iA8fe0XEqBTJvwPlEX3Ccd7KEYH2YWMS8hDtbWzVttU_IZD74K_xt51Em0gwroXPPq6BitNmeX0Er2jAutP_I5Xmq199cdUEFbeiGzCGeXr3NKtI8bws9Rv1_5hePpc9zZ_JSkkKl5Vw83SUr1C1mpNGk3HlRYCw9tlZwpFo65EvAJFUmd1m85vKHtmfU0OiBHGNuW8zuFcyuH-eT_eglFBxJ00nEwn_zFkTvtQgTADO2kTJFYDC7lZXz57Qs8iv1EI_cu3_TAYJdRgaItRxpGnK6OUMhBtlXC5vD1uaxt-_CFzk83ezpTopkzEiN8coVVkg9JoVi-a4Z_e39VJmQU3Hj5ssZncrQsnkq7ZsrYzp7jnW0pRsDuIL0dVYs1PjHXDLP7XlS4_mykOF2J6G--T7-iUcAUjJzZXREglZpHhVzxyE-Y2uxWPmZXb_FMNXJH5C1L9sN96uDsyAHpWwqD2cYZQ20Bjpz84gADdpgRCzYQooiSX-FYcz-xxtG5bfjhdg19OMeN22eVvXQXFBI50rfh1-eojGsrj2Q6U&cid=CAQSOwAvHhf_FUNFcFDnZYZ5qCiY3FlDe7Jo1uUkVkqyEjaMW3f3ODo55IxIqB43IePNsPHTFy8RkhOjvsUtGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.deseret.com&ds=l&xdt=1&iif=1&cor=4697551238385508000&adk=220339396&idt=115&cac=0&dtd=211
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
093fd02725ce81017378404252656e5152e58f032f51d57c37a6b486c9b72715
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39740
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bl-250cc79-98ebe0b5.js
tagan.adlightning.com/deseretdigital/ Frame E362 		77 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-250cc79-98ebe0b5.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ee4feaf7d7d9ebbdc924f9d70e67a34ba1fc00f48051151f66f747d5846ea54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:06:43 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
_wF20aOmHzwNDMjUSSAIr0qQSsAff7iP
x-amz-cf-pop
FRA60-P4
age
77164
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33407
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 15:18:08 GMT
server
AmazonS3
etag
"2d8e8f851c043de1e7d50af54fbb1b1c"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
drzXonW2pCSuDk519-cW5QEpDLoabu-f1wW1J3OtR6Y9CwZUM0_DPQ==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame E362 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:11:08 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
3543698
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
FlxJNuE_GvnYqyskf-9b1NReglzyUw7TwvP3hVQA1XARrAUOAF9Qsw==
bl-250cc79-baff5b41.js
tagan.adlightning.com/saambaa-deseret/ Frame E362 		105 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/bl-250cc79-baff5b41.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b1c8eb0f8246cf8da5999b82f45975f0d02cf1be1e114c958278a766ccbd97a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 15:43:40 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
QaMFVZTIJk2EONw0.UQRowAKyI7UhqLR
x-amz-cf-pop
FRA60-P4
age
78547
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
44545
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 15:17:51 GMT
server
AmazonS3
etag
"7c1905428bbd96e6347f8d1a30e04198"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
DueaeAZOWlItAzepmmNxxPcnB8EbpEWU5Wh2KoAywFq2OtbYv4qglQ==
b-d6435a4-e8081c48.js
tagan.adlightning.com/saambaa-deseret/ Frame E362 		79 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbec7e88311e23ca6604fdc4dc242d79f68860de276d4bb846b64ff310ec9b18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 23:33:49 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
X5ILD3._lZN2ce9.Buto.oRFyfoksHBJ
x-amz-cf-pop
FRA60-P4
age
2296738
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29477
x-amz-meta-git_commit
d6435a4
last-modified
Fri, 15 Dec 2023 23:33:24 GMT
server
AmazonS3
etag
"e4ab17739c2289a272b486a62960b789"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ihOJ7cjCJq2XY4aq2H-Hhehcv86GOpIX_qPr6zMlzN5fRUs5wPkj0w==
gen_204
pagead2.googlesyndication.com/pagead/ Frame E362 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ChL4-voxzCjC9gkR3G-tmk4e9S0RZ312ibNL6zsgmkyZjiXB_yqMGVSXxUGiceGdIC62Lln_7uIpc6NoHiXTH_jO2sYNTFUFUdpBYPd4ODUjTYkgg
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E362 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:32:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame E362 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 07:44:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
20918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 07:44:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame E362 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:06:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
51999
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:06:07 GMT
l
www.google.com/ads/measurement/ Frame E362 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyAZPj7LF3KFxLHOTT7JE6y_vkEUzEINipzCDTsKhFwHC6mXsqdwgsKginae79kVFAw2tuRrJ7Cvf8GFZJVD88DgRx5A
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E362 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:32:46 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame BFBB 		398 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNUIoOinYmo4Vyi0OH1UOucqWFVSGqaQ6uAlVw2eHYUnSL9OBC5KYPcUazAnDlSQOj56FiN6I9K8xkRDjX15tSiMeaLvkbdJzMiVeeW5FPvt0qwlzDdRir0cmw7zO_icsQhfF_jFZebQE-c2-uS7x0zjD_i3pL2LrJECA9zumYzP_hKH-S0
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
202
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame E35D 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5361023174425&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E35D 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5361023174425&version=m202309260101&ct=76&x=1&cor=13858063726780238000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E35D 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D9rkzfMMWYfnhu1nog0TY4iWRauNOoQcuODMXb2PHDDgCK1ZLbajCV-vnPXiYKeFhhVb4GLi9ZM5E30VFmsTXI0pzlYE9hhp0ukJ_NBoBdJpd2jcuhZwu-PaUq0jJ7TwUbRIc01P-Y73W2Xz3TaSXYL64SyQ2DZ4N4I9pV1ADMnGGOAyc&dbm_d=AKAmf-Czj6o4gqBf4TTahaQaQwo-nwUPzALTXicOZq4J_iHUOtDGXPIlIR33LSkz5_0eEgP65YAtEdk1ndlnb0jAEBwPha7Fcj7HHOcRlpV_zoWVN8ZA5PsMVa6h-_TJ7UVvFnYvmNGyHY56b8cqfgNxZHxa9qrO_Qt0DN73yOIUrQ62041-BlP83gcHc-KA8__TE4ePTKrcKgIaB_l2Vyva8bXYcz3latnbDCc0jkyYefkuNvVz4EMAGkEre2FxdyXvmU2Z0jly_4T2S8HXV341xZP-hEnihH610s8W23kjnLeXS5_8MkBC15BSSCUqusYPeYaDkMl7RrUgwpgUXwi9X_h-fmbeNz2NvHqm2ZK55JH69HVKvY5EC14Akz4Fkz-44dAPyTQ_UdrYpyQJyv2bCPTVSvJixmcG9-jUIxsshUam6EEfQWHHwWFgg5Ggiuppyx7w6v6QrJ9TCSRiOlZv7U2dHAP0zPTnAKdvyD8-GP8cZaOV3xjJX0Z85Z80F1kiXRrYV4T34kW6hBxSI2MhXq_O-KsDzaULFDjZQhLlUYoVz45XUdO5v7Snn0n2niOw81zMBtvSHGQB15LtPDTcMyOsojUaRKRSTN5DtnSVt1BpAMYqAxGt8vhdd9TthfH1AffuP0kqwdjvPR6349Ky2vs5SQpXHPHtqjbljx-Z1U-V4rypwh1EYlQNHY-PoOhkP9repi2EGycMO2rcmjc3Wi3Qnr93uvssCzqq-lgOwCe6NfvWQQLYot5_AdhPr8mLjCVE6d3jz-RlhpDe3MkyiCcbOG7a5CybK08HoV-Wv_XfxOZ6QJXuBK8gnIHxASzn38SnwUUGZX834H1Hmihq8kAXmMRfLYAcLq5ifQ4lycrsd4NVGE_Ex8fd_pmpJHvRND5ueWQ7E8YFXAwY-vi-w3WRMDkctlN0fITmgoKS_iYLAYqw6E8xKPD5MbINcSxAhVFsYFSawrp9CnZ6WbxeZtVpu6PtroQ8qmOLyZStnPQL_6zEEOzZG5SVcktBuhKwy4IrPNG7S6iCa01YtEi50ahntFCjKEYUUjK4DZUUleU6CQjVfw-o_eW-clcwbRAnDlh2fgZ5lKAP5-mSykYaHDqeqh73Dn8Hd_uJUKoMoT6ltc7Db0F7uR7HP1DFRB_g-b8WvmRtPSqT6B9KnoVsZHkUA_exG1sUdAdEVFGyFgnIppzZdkyOTZO3EnGgQlfHKtZk--buLkyctijqH5uE2b1LgVLZ2sEnrCE3nyDUzcW1oCR8tAvTT-XXDlKVw62tNLVMVFOnvyKDU94-q1HQf3aBxAQUNEie7-PvdZy-846JuHlAYKXRv5Ntoca80-zPqOImEdRNEL7Co2jbF8gyT16AGu4L308mI690DbmRxHWhGico4wLx5nBHuWd0GgnGgIa-GAXWTriPu30ypNgCOeB2K6iy9BXAbLhHs3-W29FHu23DthG4qE-cEClP7ronKsjB_TI9SHbfXEl79pp7Rv4_SshDudyGSutikCQ0kYpAdyg1NZs9GN5RP-pjdeLmJ4b7STj5xzqA22PVQnN8EgthqZo8uuVLMYNinaTJ5TJbG4VdlDVFNXmyoHh8sbSyBPvmxUz5glNjfsWjY5yvDjpo164yPvwDYroe41xu-1YW1zqKnq05pWggx7dY1JCmeiXT9YZkJ_9eltyppvW4djmRwwB1uziWI6x9xytUUTJav4zhdqtXb2TeHqSDw9hIIejeplw9MgztfdcvXLOSew5J0iy8QWQ1rgxXjuGSlxH1nMfoXrefjzrFLohfWHq7AQRPdyHhyrMv-5nHcj8tMl56-XeEVGVLBN8ceLBARS-yLsMDLe8muY2tTGukt06W2DdTzH3L3RjxIjtf1UTDhq_OgngoH59-PXvo6rhJYjXLb4F4lfzZPrOe5b_jqtfwxr5jBpj9zGUu_jQ0fxAQ6Eh1JDQsh06n7jSisvQdVqUOSiGVctaERro6paKHtWP2BeHWudDQRl_BSr_65axKf-bVjsXOKYxZ8XSWVLCNQNA7XzBWqLo5cqgc1_P7jbiSmaDexBveDSA4DnkBwGsk045tQN5DuDknHloXsfbOo0DP13CJBzullWzG78sO2VuggEMQaquUaR6OMdmQ94sCeqe-lkByoGWHgkMuDryDl2nMEFW_eq8S-419pDjtk08QQEOULnAXsKfcRzSqb2zH1kfFsfOAYJTbzKiIE_nkEpuLbBq0PkbfQ3tlT_nG8trXteK5sbhxMrEmcsaLH4v52Qv7SzIkbyEpwCkuJIOeTbSHvJ7KNOn6G9okyv_tuwKlgo6po9nyVgXFPse7rsS0yNH6060xrQda8-nkQfquOkq0lqTO2Bdo4t4qCCyjtQ07nIYhk-TnzbPXD8ruV-g4YCV2KtWlAnlkAY_FtwkwzUhWAJaW7RDnsaSqp4kyX9CY8_ukzUlWKTC9mkEL0_JV6e8OS-8tHzTljoA5R1ADWzQrpA-KY3vZ8_hTh4N41AZGjlJLsh2A6iYyXRnyVcxb_ku9M12AGZVjZbAJY8OKUcXstTTCNwq8pYVspN3vXazl-5NuY4h3u4WSZ9ys-556uiLnMMor3we89X3eWsI-fjeWtx4j6D_TZd89x5YpkekMZ2p_EExQSbj59UXouYdNpW-VZ0DhMPj0QvdBM8QuAv_npV5TKO8BjVv5n2OocvP9T-ZVvJufGNkelAMjBiYH63KXhaPQHKGZQvUudZ2pqJT1rO22LDjz9sHGU7pgw5FOyUgDKm0yHBc5SLILd0VA2LSAzEXYLmAEDCvjwqcGPmIVZeCckCRrcNWflwBGe4S1bEuK3vHjKT3Hdr9DSIuX0kvG9qOLsi87FcH_MI0UEbchIs7K85GGSb-_f0bNPCEZ2zE2qLG2irscl2PUvk_dcZLVVTb9Xwon-X2-361n3vY1FdZzWpmX2ov-j9KjFaDgKXuR8v66n9FU4n-PVNvUCShQKJeMUBe0PiT7NnVqRdtLTZbDQ7DC04-p-HI_H42I5O7EUhbkYve11lhuzZIB9u1_A3lev2NeIBSZBKtFxrw_B0Nf627XewAj_Z_o6-KNhSskcUTNJWkFFGAd1RBaF2Cyu-LMGVlvSCCUIi-HaWq4JgIEB2echdCWdv8h5qQVI6RwUMooDd-YTFLuG0_6ItCdsZIgUksDJI0LbitwZmUstowditvXfyuJwWxzR_Sm2gbgQJjqEmqN6R40JtiEKkH9mnpbFq7FQZ4ikxG2_7QPAuHRr2fNChcG6fgS05OsPA5T6hiaEXAI-ukyC_jomVyVby3wRVyb7vljldFC8RJz2AAO_IZXak-5C6_qYilTlZ4or0Z4hf9Xe1Eq9tSDo_arEOFGRvv6NIcBLOQUpIaRCI9ALb1IL64_xMm9rY-NgmPO3I3VpvSdh29_FEC6yl9Bd2eSbNb-vctUrSxWfHS27anSHvXFIucg115nfvi4Y6bhol86lrNK9uDa6U7-FSTbJS7FCkQ3_KyinfCDcOUkLnx4pXsg1tsu8J-o7Mfg8nlSZul_4viygj-wkxZXNGN3MU5VYPfY3osO3Qy2ddhpcam7tbPlBNhtOy4KwE5nsG84beiWeqxMGlH6Lpml3iD3Vw79XxctLXKy6O4Gjo-b31nG5Qpy_P0AL2ibWhObgDvEnA4IJWS0VtCo2oh6jfalVfeCFUKGB0bdKxHl1H-KKytErlQQuz4aUG5v4AHfF7QnuinuAaj3K3WAvQ7tFD0pICTbveCkaLhAIrVULyFLN2vBmTofhgaKr3xGRAcBIWXdOUs9OZDz-2KOPxCIKSbj_9I2XnwI7dSOzb6NlvQkBUwYd_qMpGa265ianG3AjYzb4dSuTEvfJFhsRCltWChdUMAvsqAs1zHRBGiO_hmxWjUJDopJ_vMZQ17E6c0JARplYtW3r-hq3g1h8G17hid7b7FsaMM6mlQ9a_TDmnpazesNxKEISgwEjRlprrIY-8Niz1gvZncqxbjnHQ8EOY_gSTau5oNsv8n7X2VXbleGCNwDmUZ3BA1ogcgDRgHsGnIHZhUd0p1gZ65EUm0awvHOIBhZYR5fspbqSFz6DRCbE4as9LE&cid=CAQSOwAvHhf_i8AZAsq3w-X-bDqw4Mt4IGIKzNhzFKydlG0V0QJZkCQ_pdAySsV1WHnoT3407EJ2wOtlSPkjGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.deseret.com&ds=l&xdt=1&iif=1&cor=13858063726780238000&adk=2249476028&idt=184&cac=0&dtd=214
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9bb801cbf67566b7ba3ee069c3ee5dde456e41133e43cd7ea7a7f2632af29b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40210
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bl-250cc79-98ebe0b5.js
tagan.adlightning.com/deseretdigital/ Frame 9009 		77 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-250cc79-98ebe0b5.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ee4feaf7d7d9ebbdc924f9d70e67a34ba1fc00f48051151f66f747d5846ea54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:06:43 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
_wF20aOmHzwNDMjUSSAIr0qQSsAff7iP
x-amz-cf-pop
FRA60-P4
age
77164
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33407
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 15:18:08 GMT
server
AmazonS3
etag
"2d8e8f851c043de1e7d50af54fbb1b1c"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
xemws1zVW4fcNI1YeeeeYjuxdcwT7oyzgd0iskChx5EEWX7q4J97Jg==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 9009 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:11:08 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
3543698
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
yRp5Un_q6NqCJJxEyLbQKE_S18NPvVX_dC-Cj4eR1ciOjuWO6rnhpw==
bl-250cc79-baff5b41.js
tagan.adlightning.com/saambaa-deseret/ Frame 9009 		105 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/bl-250cc79-baff5b41.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b1c8eb0f8246cf8da5999b82f45975f0d02cf1be1e114c958278a766ccbd97a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 15:43:40 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
QaMFVZTIJk2EONw0.UQRowAKyI7UhqLR
x-amz-cf-pop
FRA60-P4
age
78547
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
44545
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 15:17:51 GMT
server
AmazonS3
etag
"7c1905428bbd96e6347f8d1a30e04198"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ECK2TDQpTo-6opztxUumb7B_7b3HnY-i4X7SaLYlaJi3ICdFCcxU6Q==
b-d6435a4-e8081c48.js
tagan.adlightning.com/saambaa-deseret/ Frame 9009 		79 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbec7e88311e23ca6604fdc4dc242d79f68860de276d4bb846b64ff310ec9b18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 23:33:49 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-version-id
X5ILD3._lZN2ce9.Buto.oRFyfoksHBJ
x-amz-cf-pop
FRA60-P4
age
2296738
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29477
x-amz-meta-git_commit
d6435a4
last-modified
Fri, 15 Dec 2023 23:33:24 GMT
server
AmazonS3
etag
"e4ab17739c2289a272b486a62960b789"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
FrCic7uzza6asVNMLAJlbA4FuXKEKju3mZNqlS7VgmYdDXyBV-SgCg==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9009 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cem7V0muHSDA1S7eicDmpfBcjt9-MKt2CLZIPt5BK8jhYkDyvHorrzRcgUHQQ0kL_ClYYty4bxoAqu-qNqFFQbRspRUZzEwoX14IO7fsu6IycOLsU
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 9009 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:32:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 9009 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 07:44:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
20918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 07:44:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 9009 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:06:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
51999
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:06:07 GMT
l
www.google.com/ads/measurement/ Frame 9009 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQrLwq2V5YKi7MYU0hll8U5qzR0FSVnxQCqlJTlFd9rqTKfPOITNNC64I3SaVJsXBhZ14rSFV0VE-QS3ieYeCyyQQhTuA
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9009 		205 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
148914fac032598dfa94957aee1addc57bff67ba08e902552d4aa42ae7fdf64e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 12:55:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
2240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63128
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 13:55:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B1D5 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
15556
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D655 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58221aabd5838e2b9b5582e18638bdd2845ae0ca4bf91c0e18b0c5fcea912ee7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame A63E 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd6c8a509da4d92785ad9a6ca5f3f876c29df01567c8b7be9f1bbaaffb5b5d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 13:32:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jan 2024 16:50:28 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=11910
Connection
keep-alive
Content-Length
10963
Expires
Thu, 11 Jan 2024 16:51:16 GMT
8044784235198242242
s0.2mdn.net/simgad/ Frame 0BD1 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8044784235198242242
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c07c4a729c1a85b4d7ab981f9d958266f1adf5e5a1362e194e20ca45ad7e4dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 08:16:48 GMT
date
Wed, 10 Jan 2024 08:16:48 GMT
x-content-type-options
nosniff
age
105358
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59828
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 09:33:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 0BD1 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:52:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
67187
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:52:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 0BD1 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:52:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
67193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:52:53 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0BD1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstrM7ouT1tT28T3OFeTKNkHJ2kPUqbzsQnenATRMQOoQz7yzMXyC8NIltppnnL_HG7Fkk9qJrL_e21JxWBlWTmMRdxtnKVT_Zis6bmsw5gNJ5zwB6a8wpGcsFzZ3mmBCnMizvGxDNrcGfqKUX4X7dxhYMPAvn9rICDiLqrKgVQvd6wC5p1dQ_PyGmCi3qNZlNnMg22-ysSGyYBTm5swkSfFtPfQp2VyA6qj6icZ5lqbfCsVPP97SShh9WjAA0BCYvUOsZXf7IJMQVsKx64sdhafvCcM3DKbdAGoJRUufv01RAXMvOt3NlnLIhRam7uvkeWkYAnmZE0-MmIF_e2ZgBYE8YEd_y_XmmuZNyxLJwvk8t5l4obZPuB1gqbLK_LM4Bp-lfItxQT1EpHbvH7sxfKi_SAj9G-lPwmr5hxpLZZTdBCtGcao8UO9VvVdcCjrusCMQRC5oJhWFRx4VbQjF0y8vR_lMZxA15jVEk1m7wfrY74vis52F0wpg-E4l6-6tCUCPh8CTJQ-3E60FV6hRKFRuRk8RhtB9AV73P4TIWqBpxIvX_OtQ5NozfWr0OzHknKQmwCES937wHUd-QSZEKnMVPusOzqkSBsX3sV6V2vUmMupYUrsPbq-CvM2iXbY0InYHxZf22U-5fS9LXx2WNHGUsvEK4M59Zb23tw_OYt7xLWb_WvNh57dBJuw9tia1AF7Ye45aU0GT9JXfcSfw_nsdHiQXqN1WHRE0yF963mD67ggAKiPwqPluufY27maCZQon2aFfO1vxbfM2H7TrX1g6RLaZtLVCYaErQ23Vjk2S_NCZOGuTrG-m8e640B9DnWBKGbvnG16lk7CYt4HD-UxyZLzM1EnPjdwykPdA3UP-Uz4zhakg-__PYTrWfYUXfcfoNhbBdwva4yjtdW6KYfG0kQi58UshITxijncYr3LVxhod8Y_kExeaTmH22la7GESklj2gqxg4vH5kEEOidC6ZmjbVo5D3Yf3-hxOy4OrU3kRPaWL0kzh4p9FzWE7Z0CVY4PQXEhrhy_J4q5Ip80PhQ_0rV5jw1nZtQNeEFciZdQjlJp3qaLVvFElfmH-AYg_9gQVXpgL6FFH7Al513du8zHsDR1gPSFsJqyTPoTH7amz6ESufK4Ic4Muc1bTUOYjsV9xDwjuz3EReeqZLVLCID8PAVEryGRa7luCsw-majViT9MxJpyO7Vo5ND-bZyHlRnfC1h_j4tiU7ezTzlVyIeNb4lNuToCyw4uiGOTMKT6bxcdtQoP1Ceqe4pQFNz2O479J5LJp3YDB4ZHM1h12LmO-CmDQcTy4IwjRm5lYorLJAIvIRQ0EvgxULuKpKrVgjHoUGd8uOCQFG9tk09DP8a4927yc3YDWwTTGu0Gtv50Lhwx32LymF2dcnf5x_aQXqaCwLy9vXtbtPQjiHGdq4EM0HOuZp5fEQ5CJJuUhe02yEfProhV2dKAd11qN4Rci1lUn&sai=AMfl-YSKJNR5Zo3R0__IFsky6Yg7fkP3QcOXE8gmTxmDgnkj6Cv-LY6ErCk5Qk9_diygIXzK8zKxLoJx5XqNj_vfNZ_dJHguyB0yc9sH7Cy95oMQdXUPPZM57mHlj9KdGNCCeNBOIlqa9vDuiupWz-9iOrMJMJkGOkpKhzXXDjz8vxIFEeWcUkh2llleOYKQrL_J68pJGOdGfWKHU9zPM61tlrkKJjx6y_TVwLitPXKtrAEwCQqiA0fgL1WSRJxq1SvEEKlu&sig=Cg0ArKJSzKKlKpQDK9vpEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240108.67055&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 11 Jan 2024 13:32:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
px.gif
d.adtriba.com/ Frame 0BD1
Redirect Chain
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698503&atb_dpuid=di_dv&gdpr=&gdpr_consent=
  • https://d.adtriba.com/px.gif
42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtriba.com/px.gif
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
35.157.89.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-89-79.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 13:32:46 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Thu, 11 Jan 2024 13:32:46 GMT
Last-Modified
Thu, 11 Jan 2024 13:32:46 GMT
Server
nginx/1.16.1
P3P
CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location
/px.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 01:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0BD1 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
171810
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 13:49:16 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D655 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuQiMJMX6DiukCysLrZTAQrHhcnYJ2Fjwyv35-KzZPldHA9VQdQTI4xIRPTTsnU3BNIqsnvv_erxUyWgxIaWtt-2Rh2pULf1lVnHcuaU_sn_M5djbO-vmEwniYd7TJkgjrTXlRRf5iAW2GNAPG8-_xs1DyL0wKZYAuzD9wI_dE2abNAFzz0-K6-TLXaEx0yPxyyxQBPXaZV7_DZrvH864qYsgKQsy6dDCzbTtg-dKwAGNkh0Olm3d8K07izspQ_w7Xe_OrXuUy3S_MxeZxVAiXcBh4wfMYdMCLJ0VkRbpzIqZpd2UjMJxwdV2t0mN7PdYtt4KlKshOdUk32yyJekUvO_9cZKOZwczFLyhzXxeWQ2IrCUZmFw7jAWF50Jgm2UK78-_FY6QgxWg0qIRtIOmNJwcVTa0f2nXg_v4ldn_AkNp421ygJSa12nx2bOBHoiIy2V6ETkiVRAij6jmiHOJPicyUE17Pk8ZiC15_dBaFwgiuw-6uxcnW-l0jzTbkqRPNUtO6EGoVSG5H8yRItqzQyXnbEtchBwbohIRqEb3ylXjQKjZIg7Z1R8yC8Sujv9YxXBzVrJwpmR7QzXdh7MozEEKH2DFM-hUGgde89ArFDyZHxvdmtv6YXaXOjcEvbtCvch0nWSxQYd70bejBjbLN0J9V_l5d4yzrsom2BK5pXdmOzBggyAw026yoB_gSSp-i-YId2ddO893AYVjygynqFSwjQbOnPBOB1hmHPoglb_LOYUpd9ZSLeZ-f_adXzy1fY8dQ0Wg4gLdE6l_FXWokahp1KAQiSiZET2xQEYZEvOMr8hdRBqflVSSfhoPBcqLnr7Us6AuDuveh3AQYU3kznbim73tGBoTzWembSy66SoeQgJzvYq6duoOYRDRhcmLZGnBTZbkrvm2HXnDtW57pEGY0qYVk7QtBZdyBafE-hiHUNbCfwCzduTpF79jAQySSSo76wwgRxgrMmGRk7Tjdu1amvf7d_gYqF3HVRldPcOXGyu0xKWY0ZkxMpEwomOr49umSqLzkmXNhGA0mGbfYAtQmEPSQt2g60vju9L13-xAw17Da3FqY8B67t4aRYdfoqOLXB7f2Y9WtCHuUQNAgaGwx5cTvKveUNn66eEG6k7xpf4eQzj1IsqfhoaRl_emfjLTM38r9eGdR8DLBNG5j81KckhcyP_PoVpHcvPQ4lWn2FUUtQJv_Ep8Ao4LyjdXsWnY_J0UxMowK9Wmg1oCS3ro2gS4pMLPAMreTNw8bxvz9HdTNjLLHKSNzIeKkEFuAf5TgwHfdfUADHYrPY2Z5Gj5s__6r0dhI2CfIg4XPoJkCDLOJ0ZbiUYNyYQpQMQ3L6GrPx4lx01TO5T9kj0mp54pGO2NoA34BJYd1CFZ8GHEj94Aakql3IUWp7gnJhRyvLWUXFsHRXmqMa893u2PRXg2Szn84B-uG5Sgb-39ms0cC3VP6_wIAw_euLbmFl95QovNR_VQ&sai=AMfl-YRuaWRS2V7u7NiJa_RQGDfXkjYABEskUH0RYT8DnGMwSrsz1ZWGCJznBwQKO_ZW9HHvp1NUywdpMzycCbbnS1gqKkiJrsT1YqsSiorYhRaSRL1oIbWWgE5hQiLe6HyBgFzLwik28mQUiDWWw4OAkpy0wJOMJcP7UmQCoHAYburJlo5rsWmAVjNix4AeBuaAkTfJCprrpF5fea4K-Td84WuAfLMPGRy31wkrcDeoM20V1nAOEfWusT5TUXjAm0qVID6Q&sig=Cg0ArKJSzKi2tJ4CO5YwEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=738&vt=11&dtpt=736&dett=2&cstd=0&cisv=r20240108.09926&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
partner
sync.search.spotxchange.com/ Frame 89D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOPeyX-iF9Xlzc0O6ZPhxUg&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame 89D0 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame 89D0 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNVof6UV42E9Bwr_H8fAuC4xfMwVrFV38fvjtGecylLsukktpGB6xUQm60eQjjMWATStSu3d6JCTuMeRd0RkYJ5ANC8FR-k7o_S-uYAAaM9KfuT82MMCUpA8rs5mgoCQuhGXHd1sK52bkWhiQhuWbMzVbkLItbkotQQgYF959nETJ5Yx9bI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YNRPD2MVFD&gtm=45je4180v9100733662z871931159&_p=1704979956551&gcs=G100&gcd=11p1p1l1l5&dma_cps=sypham&dma=1&gdid=dYWJhMj&cid=474329189.1704979958&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1704979957&sct=1&seg=0&dl=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&dt=Trump%20barred%20from%20give%20closing%20argument%20in%20NYC%20civil%20fraud%20trial%20-%20Deseret%20News&en=10%25%20scroll&ep.content_id=23797535&ep.content_type=article&ep.author_name=Emma%20Pitts&ep.published_date=2024-01-10%2020%3A06&ep.last_time_updated=2024-01-10%2020%3A06&ep.tags=www.deseret.com%3Awww.deseret.com%3Alatest%3Afront-page%3Apolice-courts%3Apolitics%3Au-s-world%3Anews-feed-national%3Autah&epn.story_word_count=531&ep.hidden_tags=&ep.hour_of_publish=20&ep.hour_of_update=20&ep.site_language=en&ep.page_theme=light&ep.author_id=00000186-0a35-decc-af97-8b3f05800001&ep.acquistion_date=2024-01-11&ep.userid=2fa2e402-bf72-4da3-8d88-9fb8a368d0c1&ep.site_version=release-2023.12.20&ep.hit_timestamp=1704979955&ep.primary_category=Politics&_et=3154&tfd=11428
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YNRPD2MVFD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame BFBB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKhaQzwMihnHbMniE13OIcQ&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKhaQzwMihnHbMniE13OIcQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNUIoOinYmo4Vyi0OH1UOucqWFVSGqaQ6uAlVw2eHYUnSL9OBC5KYPcUazAnDlSQOj56FiN6I9K8xkRDjX15tSiMeaLvkbdJzMiVeeW5FPvt0qwlzDdRir0cmw7zO_icsQhfF_jFZebQE-c2-uS7x0zjD_i3pL2LrJECA9zumYzP_hKH-S0
Protocol
HTTP/1.1
Server
217.182.178.233 , France, ASN16276 (OVH, FR),
Reverse DNS
ip233.ip-217-182-178.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:46 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKhaQzwMihnHbMniE13OIcQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame BFBB 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNUIoOinYmo4Vyi0OH1UOucqWFVSGqaQ6uAlVw2eHYUnSL9OBC5KYPcUazAnDlSQOj56FiN6I9K8xkRDjX15tSiMeaLvkbdJzMiVeeW5FPvt0qwlzDdRir0cmw7zO_icsQhfF_jFZebQE-c2-uS7x0zjD_i3pL2LrJECA9zumYzP_hKH-S0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.233 , France, ASN16276 (OVH, FR),
Reverse DNS
ip233.ip-217-182-178.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:46 GMT
transfer-encoding
chunked
content-type
image/gif
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 01B8 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
15556
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0BD1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstrM7ouT1tT28T3OFeTKNkHJ2kPUqbzsQnenATRMQOoQz7yzMXyC8NIltppnnL_HG7Fkk9qJrL_e21JxWBlWTmMRdxtnKVT_Zis6bmsw5gNJ5zwB6a8wpGcsFzZ3mmBCnMizvGxDNrcGfqKUX4X7dxhYMPAvn9rICDiLqrKgVQvd6wC5p1dQ_PyGmCi3qNZlNnMg22-ysSGyYBTm5swkSfFtPfQp2VyA6qj6icZ5lqbfCsVPP97SShh9WjAA0BCYvUOsZXf7IJMQVsKx64sdhafvCcM3DKbdAGoJRUufv01RAXMvOt3NlnLIhRam7uvkeWkYAnmZE0-MmIF_e2ZgBYE8YEd_y_XmmuZNyxLJwvk8t5l4obZPuB1gqbLK_LM4Bp-lfItxQT1EpHbvH7sxfKi_SAj9G-lPwmr5hxpLZZTdBCtGcao8UO9VvVdcCjrusCMQRC5oJhWFRx4VbQjF0y8vR_lMZxA15jVEk1m7wfrY74vis52F0wpg-E4l6-6tCUCPh8CTJQ-3E60FV6hRKFRuRk8RhtB9AV73P4TIWqBpxIvX_OtQ5NozfWr0OzHknKQmwCES937wHUd-QSZEKnMVPusOzqkSBsX3sV6V2vUmMupYUrsPbq-CvM2iXbY0InYHxZf22U-5fS9LXx2WNHGUsvEK4M59Zb23tw_OYt7xLWb_WvNh57dBJuw9tia1AF7Ye45aU0GT9JXfcSfw_nsdHiQXqN1WHRE0yF963mD67ggAKiPwqPluufY27maCZQon2aFfO1vxbfM2H7TrX1g6RLaZtLVCYaErQ23Vjk2S_NCZOGuTrG-m8e640B9DnWBKGbvnG16lk7CYt4HD-UxyZLzM1EnPjdwykPdA3UP-Uz4zhakg-__PYTrWfYUXfcfoNhbBdwva4yjtdW6KYfG0kQi58UshITxijncYr3LVxhod8Y_kExeaTmH22la7GESklj2gqxg4vH5kEEOidC6ZmjbVo5D3Yf3-hxOy4OrU3kRPaWL0kzh4p9FzWE7Z0CVY4PQXEhrhy_J4q5Ip80PhQ_0rV5jw1nZtQNeEFciZdQjlJp3qaLVvFElfmH-AYg_9gQVXpgL6FFH7Al513du8zHsDR1gPSFsJqyTPoTH7amz6ESufK4Ic4Muc1bTUOYjsV9xDwjuz3EReeqZLVLCID8PAVEryGRa7luCsw-majViT9MxJpyO7Vo5ND-bZyHlRnfC1h_j4tiU7ezTzlVyIeNb4lNuToCyw4uiGOTMKT6bxcdtQoP1Ceqe4pQFNz2O479J5LJp3YDB4ZHM1h12LmO-CmDQcTy4IwjRm5lYorLJAIvIRQ0EvgxULuKpKrVgjHoUGd8uOCQFG9tk09DP8a4927yc3YDWwTTGu0Gtv50Lhwx32LymF2dcnf5x_aQXqaCwLy9vXtbtPQjiHGdq4EM0HOuZp5fEQ5CJJuUhe02yEfProhV2dKAd11qN4Rci1lUn&sai=AMfl-YSKJNR5Zo3R0__IFsky6Yg7fkP3QcOXE8gmTxmDgnkj6Cv-LY6ErCk5Qk9_diygIXzK8zKxLoJx5XqNj_vfNZ_dJHguyB0yc9sH7Cy95oMQdXUPPZM57mHlj9KdGNCCeNBOIlqa9vDuiupWz-9iOrMJMJkGOkpKhzXXDjz8vxIFEeWcUkh2llleOYKQrL_J68pJGOdGfWKHU9zPM61tlrkKJjx6y_TVwLitPXKtrAEwCQqiA0fgL1WSRJxq1SvEEKlu&sig=Cg0ArKJSzKKlKpQDK9vpEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=77&vt=11&dtpt=75&dett=2&cstd=0&cisv=r20240108.67055&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
_track
www.deseret.com/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.deseret.com/_track
Requested by
Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.196.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-196-90.mrs52.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 11 Jan 2024 13:32:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-decorator-operation
brightspot-cms-verify.deseret.svc.cluster.local:80/*
via
1.1 0a2c7c875f8793c5e59592c87bbf97ea.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
MRS52-P6
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
x-amz-cf-id
11gZBZiPHDziFQ7WHgcN0LRnBfngW2lHUF8-CXBW50cbjXbL3S0PWg==
usermatch
ssum-sec.casalemedia.com/ Frame 5A57 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21c63fdb7fe5edf1e0f2a2962fb1b653ca6a54b8dd12e14a2c9f17bd0602dafc

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
843d87185ff9aca9-TXL
content-encoding
br
content-type
text/html
date
Thu, 11 Jan 2024 13:32:46 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZN%2F58BVPfWsYKAvfOA6EbJI8HGVFTOKaxOcrJ59Bz8FLLYXSMstp7uWK7KgXR2U5OoiuF%2FkKaQ49rBHV%2FrTjx6TCjl2MfdyioqbEECYJCinIjD0U0XVDA33C3jg2Z0PYTKm9X5LvLwocg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
8044784235198242242
s0.2mdn.net/simgad/ Frame 7AED 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8044784235198242242
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c07c4a729c1a85b4d7ab981f9d958266f1adf5e5a1362e194e20ca45ad7e4dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 08:16:48 GMT
date
Wed, 10 Jan 2024 08:16:48 GMT
x-content-type-options
nosniff
age
105358
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59828
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 09:33:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 7AED 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:52:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
67187
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:52:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 7AED 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:52:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
67193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:52:53 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7AED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubQgkQh1-NyrOXngwJofyYnjJ5nNS4Z52Z2zKQ8xXYK6SWE40se2Vh7tDiDw6RrA4cV3Z3pSmO8b5ESk80BRkW9VTF8gXD0IgJEKxI42I28Ov7ZHEoQXZokcOUH20HtNg0-Ockc-7CWlI-nDBgweJMOkoqwDkTOkaeZrCDuD6v07E7YtNINH2g_syQct-eECCVQ1PBChdsr2XZVYZpJ5vWvJ0PtNjK5uMahZNBR117loak1AxSQU58mLFnQVWTyeFUDNW0m3mNZxCRyEH3Nv-exRreuRwx-oLY--NrFtmcIwD8woLIqg171VqDAO1ffNU0oiTc-mxOS4hbitf4XMR1s05AHF6u3f0IbZds5-TC6IqfelZg430WRdum2ixb3QEuG4vcZLcjAqS-SX2hJPooMshXvnLHDk1kIT_1DcEwTwIufiPOLJTWlKZp0OjZEefVJy6B00t4JMra1OYM9WGvll7qN0eJxMdkAZjxziWaPPeOsDHMk1d6U3tmA2_XPSP2WH4xZJhZNlgKbhy9jVEeLBGgktokeHZX2R3-g3nkouyCjZrfgo7C5evky7WdAl9ejPpR2bbq88jnjALZ2CvNVcuog13bkRQqvZGqpRkGegc_XpxFXgexrWwLI-JnT35Poapd1WCxLoiHzpUMCcUyRw0eFYMPWJzenKjWPvLdvXANgoK7NS5hREvwEnAsWB2wmgrPKseBRYW6YMILluMHzzL6Ct8WEICRjUpBzWeP2XzTrIJhMo2CFvsbs8W4h8jl-1GOzDYIRCxo6oOCI039UZFLZCX43wLJujeNyHIyctyRsjXjJnz8O7u-C5yp6hT0CS8NV9iNauWMQXxeKNikGgu7pb4wYNr4RNxjIHSsjENPcxLWNOON7_FBFEh9WC7LTIIRlajgGoEqZ3Z1EPvl7qC2Cyrk0CskhNCexls7XWx0wVT0oep9sYv4esbrs8LV6WLdmRr-l2cSubdfVudhiP_br0XyYyLwnMNOvgSRCj2frzmLTOs7iKPvXeb9Tcb0M5x837sdMT6JHaTc8PF0Yz2qwnKOyiPFnd6c1Eme7Lsh3VNY2rB79mo6MqmZrtRNpqrr5LnN0qvivyHlzyrDulo5Ek-dj7YGK5PNyT7c0GjKqbp_7WduluZXMBHgZrbm4V1vLeohsbf7OYg4Hmiawnqp0R1J6QqkaGE6UX31qYm0FQHWbM7pFZQOQNPzL2UY-jGPt3K3Xz6V3qY08l2cR1X8uL8xd5G1ZS1wE3zizUyyz1ES9oxKigdr5xdg8pxNG7wJ1KfdicluF0FXUTgLahjC7-0Xub5nRtVtHkXmCqGbvpJRskTC9SpeiGuKMvDruPauGOhgci92mUThnvtl7w2s4iDrlqzQbXMSuHjYCKAMD8SRphOcvu25hOOQEOnfts2LUIyFlBp1yOFBeDSMjsfih7YGF__IBCmDiuCLHoI8ncnuBpb55IoiIN50DGGwMAjA&sai=AMfl-YT1FNEW54l2S9VWD3IBogOvflUhOD-Hq4nLzYphrTRbjXKh9AE9-Re7k1j4RfNECD_bKz0MHtQK7872eRZ8tgpDO7hQZmNvj2b302hmOYIdgrDCbnED0wMTWTSDR_2vKzd6adJCGUwcfSHiW9Vw-QB41VA2Kb0cZQcJ8jcdz53tntxpc8Ogsf-1aUpPOZhyjXRZkmIv7p2La8EkVGO8HC8G-x1N-IBohuGe5o3SUtOvzi6vaCAqeJpkgEl6f0-9QvxA&sig=Cg0ArKJSzBEnp4wrNhkJEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240108.93183&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 11 Jan 2024 13:32:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
px.gif
d.adtriba.com/ Frame 7AED
Redirect Chain
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698503&atb_dpuid=di_dv&gdpr=&gdpr_consent=
  • https://d.adtriba.com/px.gif
42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtriba.com/px.gif
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
35.157.89.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-89-79.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 13:32:47 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Thu, 11 Jan 2024 13:32:46 GMT
Last-Modified
Thu, 11 Jan 2024 13:32:46 GMT
Server
nginx/1.16.1
P3P
CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location
/px.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 01:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 7AED 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
171810
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 13:49:16 GMT
8044784235198242242
s0.2mdn.net/simgad/ Frame E35D 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8044784235198242242
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c07c4a729c1a85b4d7ab981f9d958266f1adf5e5a1362e194e20ca45ad7e4dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 08:16:48 GMT
date
Wed, 10 Jan 2024 08:16:48 GMT
x-content-type-options
nosniff
age
105359
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59828
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 09:33:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame E35D 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:52:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
67188
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:52:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame E35D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:52:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
67194
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:52:53 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E35D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstV60bNmdNJlLK86rms4Z_8K7V5ZIWSICEIUh-3ICrh1WLtOWcvuwzDBGEfppWl12Kzwhi7JPrkzAyKFei3ghj-hhY1_c-M91C-KuUb-09QTWbEZtA9SH8Ck3jTTDnrgRKtLMQuOpAaF3LzmGVEiVAZsgGB7IiG1xP6PdiKikJaqHLO1qLwEyiXj-ddqM052P38aDEmM48DCYCwAHmnCofxIbeFGfh-Wl4zFepUZJ5YLrP9a7fBjqCTqhBfogYIGisOW0MIT-b8VmltGR58lLNSR99jNYwGnt6IRyTBnnuzBfmOxpb22TztMfs7nUjTrRovusgZdXSdhn2Dicn1D3UOCqF61j1NWsvf8a0SjI1f6irWP4sMpyVsfJh3bEpCwUD2Q9iv1o7fD03wNPJoMa8yz6vsBkSoav-Qtb8RNQyE7Mwdi8Sby_odKLQQxT31-iJttTk72FnTCZG959_8RYyCrN4p8q6hkP-CoLyA3jA0FybieBywQ_lAyTVViAZXh5dL8gYfctBAr2_Rrf-YyNUHLrWFKF0rtyhNY32aqNg2mlEpvzNl4qNh2Ym16jYC4IYpF5R06KWuCnrOiviaFVCY0cjHgwwg_UbSd7C7L8ll_I8h3DbSMIwlwHHrnCyaua-NZwaSZ_W-S0YkOgtjsj2mnlAQ1Mn0dER9rwW3FJszFUBXPPCVJE1QZFTcTJxnXbRuo5zy5OHl1OCSCBXwW_fBOrOXKtKShSKxD5-WJdsgIzNL8s5g7GFCW6Ej2NlG6QVXTgAqFYIPxuG7RS4iLt_ZBm3QjF9BHFjBsyi1x3xqjHUSVw1_U4P8iQwUw9yQ-rVsBU05heZwFBVCiPoKhtQTXmUJjQJ9QlUBrfylSIzaiOO1JVQ3ZN1cFGF_Epxq3cQCq9iQToe0m2Pryzap404YzSoy5kRIkkG0Y-ICfZKcc5sjRZhzRLnP3Rl39ajsINpx2xSvJRuaM2S0B1li0MQTntcnkFikjLF1v2_T_5fV4hfccE3i-vjGdrGnsKlqJfGmvDCI-vLbQstXMyAQGjqxRU5_qFo1rNc-gjufL3ixdiFuPYJJDyvr96lwik3duL5vXh-3K1Cqf3jd2HuPEUcI0U9YThfzwJSgmteNFHuJPvi8o_seBSwCvooc95Kt-64cIQFhQlBSt9n6ukQeDhbsdH4lRHIRnWcfHpFXIHBQTM9Xw-MSaol4fUBRg7L1z-NAxDaJh0rDjAxn3U85yFa7qbjT_lqBlgWUGtzyBtLNE585C1gm-NYCPkBujMu2fbM9ej81bp91KOnPP019YuL96gT21DBRcS28E8cZpjjuOPa4eHwaoObt7kZw_bB4AJtpEctRwKxYprEFjMXFtoFTp1T8UHdjnkw7BBxJHIdtmyuKxyZ3RT07ubcFhU8yVdBV795AE2_LN0_6_9_QbophFS78HiPjTM0JbowwhL1cOEAO9sG4RR68sZhq_ff46QTrPx0R&sai=AMfl-YRyzOyY3VYJsmoa9N3P71XhPKdxC-WA4h7uRekt5jwJwY-tTyNTa8GNbtLAp3mS-SrbaWWfLVwnDRR4NRzMaR0PsX2oaCy20JkE1Lg-iKCe-GjBEgIkPrBnQ8eIBZ7DsFBwEa7NXGc4bK3UL8L7CqAaN7c6lrbjMhWYXg0ahNihdTp9au4S2f-SQmljUhmBKm20l_fREtUyleqnVvSsufb-4Z4e-peJtx364XRU5iebQFa0xQz6PRuC8NMiQ-Lp209D&sig=Cg0ArKJSzB0Iysb8Ko49EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240108.92107&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 11 Jan 2024 13:32:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
px.gif
d.adtriba.com/ Frame E35D
Redirect Chain
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698503&atb_dpuid=di_dv&gdpr=&gdpr_consent=
  • https://d.adtriba.com/px.gif
42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtriba.com/px.gif
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
35.157.89.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-89-79.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 13:32:47 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Thu, 11 Jan 2024 13:32:47 GMT
Last-Modified
Thu, 11 Jan 2024 13:32:47 GMT
Server
nginx/1.16.1
P3P
CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location
/px.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 01:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame E35D 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
171811
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 13:49:16 GMT
truncated
/ Frame 0BD1 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
244d14860feb6151e162573386b08360a377d5060254ec62a823f35b61f10a17

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
casale
match.adsrvr.org/track/cmf/ Frame 5A57 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:47 GMT
server
Kestrel
content-length
70
content-type
image/gif
501709.gif
idsync.rlcdn.com/ Frame 5A57
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZ-t-V3Fy.E6onXiEaSO-QAA%263361&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZ-t-V3Fy.E6onXiEaSO-QAA%263361&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=a1ad907eaccb4d1da8e615e3fd005338
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8010591416803421536
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a1ad907e-accb-4d1d-a8e6-15e3fd005338
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=dc199543-d2cc-4d7a-ae99-bc04965e7d44%3A1704979968.8926263&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Ddc199543-d2cc-4d7a-ae99-bc04965...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455423267875852&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Ddc199543-d2cc-4d7a-ae...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=dc199543-d2cc-4d7a-ae99-bc04965e7d44%3A1704979968.8926263&_=1704979968.895723
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=dc199543-d2cc-4d7a-ae99-bc04965e7d44%3A1704979968.8926263&_=1704979968.895723
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:49 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Thu, 11 Jan 2024 13:32:49 GMT
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA56-C2
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=dc199543-d2cc-4d7a-ae99-bc04965e7d44%3A1704979968.8926263&_=1704979968.895723
content-length
445
x-amz-cf-id
sbEES9BepzushA6ylNCBF4xGqFow1mNVs3Zo7v12zM8dh5e8VDYNeA==
usermatchredir
ssum-sec.casalemedia.com/ Frame 5A57
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_cver=1
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AivQsRVtV1jl85hdqXJyU8HzK24BWPJQWzRrgpSNnA67gTRJxmsdyWJjTHuPJ0nxNmgoevllY63CQeae7NkjfL04Ak%2Fckb5eQRtl2JNtNVBmKUXDDszJWTU55UZhVZJ6lvthpvOZ13Gj3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843d871e5a836a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5A57
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 13:32:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1KF4XAB63KNN890FJM2K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 13:32:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5PQNV47VW8CFRF779NXT
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5A57
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720704768&external_user_id=3147a909-c7ce-4f38-a409-c19d0dce6191
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720704768&external_user_id=3147a909-c7ce-4f38-a409-c19d0dce6191
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rKlYiUB%2BzXc2dstMqv5x4rSdI1oFvlKcvFnn3VHbPrlEvdwleWigcqRWzf%2FittWq%2FwfDDJslxMS%2FMHQlGLV67jTnkwwWoPyN2W%2FPMbMSqsx8ZXUr6tGJ7TCnDAtOx6oO%2FTizrONf8Apu3w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843d87220db06a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 11 Jan 2024 13:32:48 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720704768&external_user_id=3147a909-c7ce-4f38-a409-c19d0dce6191
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
user-registering
ads.stickyadstv.com/ Frame 5A57 		43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:192:1::173 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 13:32:48 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1704979968378043-430
demconf.jpg
dpm.demdex.net/ Frame 5A57
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZZ-t-V3Fy.E6onXiEaSO-QAA%263361?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZZ-t-V3Fy.E6onXiEaSO-QAA%263361
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZZ-t-V3Fy.E6onXiEaSO-QAA%263361
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
52.208.197.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-197-4.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-045ff60d9.edge-irl1.demdex.com 3 ms
pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
FPWGKk6aRYo=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v054-0ceeb53b5.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
D3jkqlcOQzU=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZZ-t-V3Fy.E6onXiEaSO-QAA%263361
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum-sec.casalemedia.com/ Frame 5A57
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=82NyhbR3XSNH7Pjg59tfMFD_B2w
43 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=82NyhbR3XSNH7Pjg59tfMFD_B2w
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWU6s91j10dWoAtDODjCTJrlqeMG%2FzoTCYHgCXV49rQpBo28fpToKdbvdZTvrsjMvg3VgZiQrfzbptdGi1pOA8rt3y4p1i5t6c2VEotzBNTDMZmyz7LX5jmKx19L7Ku94UtXCQnlWuNPPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843d87220da76a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=82NyhbR3XSNH7Pjg59tfMFD_B2w
Date
Thu, 11 Jan 2024 13:32:48 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame 5A57 		43 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZZ-t-V3Fy.E6onXiEaSO-QAA%263361
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:48 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
20973
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
843d87207a7a44fe-TXL
content-length
43
expires
Fri, 12 Jan 2024 13:32:48 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F6C1 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
15557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7AED 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92044b33c729f1c353019f977112007e977d5461be793261a1499f034c4ec066

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 7AED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubQgkQh1-NyrOXngwJofyYnjJ5nNS4Z52Z2zKQ8xXYK6SWE40se2Vh7tDiDw6RrA4cV3Z3pSmO8b5ESk80BRkW9VTF8gXD0IgJEKxI42I28Ov7ZHEoQXZokcOUH20HtNg0-Ockc-7CWlI-nDBgweJMOkoqwDkTOkaeZrCDuD6v07E7YtNINH2g_syQct-eECCVQ1PBChdsr2XZVYZpJ5vWvJ0PtNjK5uMahZNBR117loak1AxSQU58mLFnQVWTyeFUDNW0m3mNZxCRyEH3Nv-exRreuRwx-oLY--NrFtmcIwD8woLIqg171VqDAO1ffNU0oiTc-mxOS4hbitf4XMR1s05AHF6u3f0IbZds5-TC6IqfelZg430WRdum2ixb3QEuG4vcZLcjAqS-SX2hJPooMshXvnLHDk1kIT_1DcEwTwIufiPOLJTWlKZp0OjZEefVJy6B00t4JMra1OYM9WGvll7qN0eJxMdkAZjxziWaPPeOsDHMk1d6U3tmA2_XPSP2WH4xZJhZNlgKbhy9jVEeLBGgktokeHZX2R3-g3nkouyCjZrfgo7C5evky7WdAl9ejPpR2bbq88jnjALZ2CvNVcuog13bkRQqvZGqpRkGegc_XpxFXgexrWwLI-JnT35Poapd1WCxLoiHzpUMCcUyRw0eFYMPWJzenKjWPvLdvXANgoK7NS5hREvwEnAsWB2wmgrPKseBRYW6YMILluMHzzL6Ct8WEICRjUpBzWeP2XzTrIJhMo2CFvsbs8W4h8jl-1GOzDYIRCxo6oOCI039UZFLZCX43wLJujeNyHIyctyRsjXjJnz8O7u-C5yp6hT0CS8NV9iNauWMQXxeKNikGgu7pb4wYNr4RNxjIHSsjENPcxLWNOON7_FBFEh9WC7LTIIRlajgGoEqZ3Z1EPvl7qC2Cyrk0CskhNCexls7XWx0wVT0oep9sYv4esbrs8LV6WLdmRr-l2cSubdfVudhiP_br0XyYyLwnMNOvgSRCj2frzmLTOs7iKPvXeb9Tcb0M5x837sdMT6JHaTc8PF0Yz2qwnKOyiPFnd6c1Eme7Lsh3VNY2rB79mo6MqmZrtRNpqrr5LnN0qvivyHlzyrDulo5Ek-dj7YGK5PNyT7c0GjKqbp_7WduluZXMBHgZrbm4V1vLeohsbf7OYg4Hmiawnqp0R1J6QqkaGE6UX31qYm0FQHWbM7pFZQOQNPzL2UY-jGPt3K3Xz6V3qY08l2cR1X8uL8xd5G1ZS1wE3zizUyyz1ES9oxKigdr5xdg8pxNG7wJ1KfdicluF0FXUTgLahjC7-0Xub5nRtVtHkXmCqGbvpJRskTC9SpeiGuKMvDruPauGOhgci92mUThnvtl7w2s4iDrlqzQbXMSuHjYCKAMD8SRphOcvu25hOOQEOnfts2LUIyFlBp1yOFBeDSMjsfih7YGF__IBCmDiuCLHoI8ncnuBpb55IoiIN50DGGwMAjA&sai=AMfl-YT1FNEW54l2S9VWD3IBogOvflUhOD-Hq4nLzYphrTRbjXKh9AE9-Re7k1j4RfNECD_bKz0MHtQK7872eRZ8tgpDO7hQZmNvj2b302hmOYIdgrDCbnED0wMTWTSDR_2vKzd6adJCGUwcfSHiW9Vw-QB41VA2Kb0cZQcJ8jcdz53tntxpc8Ogsf-1aUpPOZhyjXRZkmIv7p2La8EkVGO8HC8G-x1N-IBohuGe5o3SUtOvzi6vaCAqeJpkgEl6f0-9QvxA&sig=Cg0ArKJSzBEnp4wrNhkJEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=536&vt=11&dtpt=534&dett=2&cstd=0&cisv=r20240108.93183&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1D40 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
169928
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 14:20:39 GMT
expires
Wed, 08 Jan 2025 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
i.match
s.tribalfusion.com/z/ Frame B1D5
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENEXVcTLHRmfv7OAmXhjipQ&google_cver=1&google_push=AXcoOmQ59kguYWQU94-xIEDffwedHgsbuNo8ZP48W-qX-EzU5QZoBbEzs_v1t-QE-PoPKDxrUAAQr_61byTApSiMOXmLjWmV5y-H&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENEXVcTLHRmfv7OAmXhjipQ&google_cver=1&google_push=AXcoOmQ59kguYWQU94-xIEDffwedHgsbuNo8ZP48W-qX-EzU5QZoBbEzs_v1t-QE-PoPKDxrUAAQr_61byTApSiMOXmLjWmV5y-...
43 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENEXVcTLHRmfv7OAmXhjipQ&google_cver=1&google_push=AXcoOmQ59kguYWQU94-xIEDffwedHgsbuNo8ZP48W-qX-EzU5QZoBbEzs_v1t-QE-PoPKDxrUAAQr_61byTApSiMOXmLjWmV5y-H&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ59kguYWQU94-xIEDffwedHgsbuNo8ZP48W-qX-EzU5QZoBbEzs_v1t-QE-PoPKDxrUAAQr_61byTApSiMOXmLjWmV5y-H%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
843d87207ac89ba4-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:47 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
507
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENEXVcTLHRmfv7OAmXhjipQ&google_cver=1&google_push=AXcoOmQ59kguYWQU94-xIEDffwedHgsbuNo8ZP48W-qX-EzU5QZoBbEzs_v1t-QE-PoPKDxrUAAQr_61byTApSiMOXmLjWmV5y-H&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ59kguYWQU94-xIEDffwedHgsbuNo8ZP48W-qX-EzU5QZoBbEzs_v1t-QE-PoPKDxrUAAQr_61byTApSiMOXmLjWmV5y-H%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
843d871da80d9ba4-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B1D5
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMqsDO9Ix66E1foAqwAT3cc&google_cver=1&google_push=AXcoOmSlwFOPkxSTGw7iNOoD_afZwHvzjIGnaQ_BTzgsRSHw071o73o05QxHJN_KJyz0abB4L55fn-mHTlCNaPdH-qqO8fE...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMqsDO9Ix66E1foAqwAT3cc&google_cver=1&google_push=AXcoOmSlwFOPkxSTGw7iNOoD_afZwHvzjIGnaQ_BTzgsRSHw071o73o05QxHJN_KJyz0abB4L55fn-mHTlCNaPdH-qqO8...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSlwFOPkxSTGw7iNOoD_afZwHvzjIGnaQ_BTzgsRSHw071o73o05QxHJN_KJyz0abB4L55fn-mHTlCNaPdH-qqO8fEceMG9
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSlwFOPkxSTGw7iNOoD_afZwHvzjIGnaQ_BTzgsRSHw071o73o05QxHJN_KJyz0abB4L55fn-mHTlCNaPdH-qqO8fEceMG9
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSlwFOPkxSTGw7iNOoD_afZwHvzjIGnaQ_BTzgsRSHw071o73o05QxHJN_KJyz0abB4L55fn-mHTlCNaPdH-qqO8fEceMG9
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame B1D5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIQtaOBciiNf0zHVztw9jtA&google_cver=1&google_push=AXcoOmQ9DduDUwcpVLwwt6q1LXeCtQbH2-VG3uTX1vez-kvfhkyonTdFoDRvxk4Uy_VZiNrBdl2eL6WL...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIQtaOBciiNf0zHVztw9jtA&google_cver=1&google_push=AXcoOmQ9DduDUwcpVLwwt6q1LXeCtQbH2-VG3uTX1vez-kvfhkyonTdFoDRvxk4Uy_VZiNrBdl2...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmQ9DduDUwcpVLwwt6q1LXeCtQbH2-VG3uTX1vez-kvfhkyonTdFoDRvxk4Uy_VZiNrBdl2eL6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmQ9DduDUwcpVLwwt6q1LXeCtQbH2-VG3uTX1vez-kvfhkyonTdFoDRvxk4Uy_VZiNrBdl2eL6WL1OTC1Cv9rD_EbqAltv4
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmQ9DduDUwcpVLwwt6q1LXeCtQbH2-VG3uTX1vez-kvfhkyonTdFoDRvxk4Uy_VZiNrBdl2eL6WL1OTC1Cv9rD_EbqAltv4
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame B1D5 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEDg2mKcC0JuJhAQiCMHk-R8&google_cver=1&google_push=AXcoOmQYq9o-n0LdTGncGGLc2-Fynk1glToaFALcGs-SROuhGQbt75qKjTm5A41qEnNxPiS5yfM9E4ITvG6Uav5r3lYBz4tJD1Qi
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:47 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame B1D5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ4UWcTFm6mn0-RBWMZCHno&google_cver=1&google_push=AXcoOmSIzLlgi5eal4yIfzIjIhY_JK1lPinCFbt9QXX3W-iwqxxho4gyBZ-22IXeJC8HvKT8Y3R...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmSIzLlgi5eal4yIfzIjIhY_JK1lPinCFbt9QXX3W-iwqxxho4gyBZ-22IXeJC8HvKT8Y3RcdKM7iG45vK11ej24wMSyA6Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmSIzLlgi5eal4yIfzIjIhY_JK1lPinCFbt9QXX3W-iwqxxho4gyBZ-22IXeJC8HvKT8Y3RcdKM7iG45vK11ej24wMSyA6Q
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmSIzLlgi5eal4yIfzIjIhY_JK1lPinCFbt9QXX3W-iwqxxho4gyBZ-22IXeJC8HvKT8Y3RcdKM7iG45vK11ej24wMSyA6Q
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame B1D5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmRGUL0KbLE9moeDGMkaPwc8uQe8HNBT4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmRGUL0KbLE9moeDGMkaPwc8uQe8HNBT4qrr62buE48AGiNrk42Rm0Dbw-2XStMBTMg4kwoweYbKqo8EFKVOoCSRAiNxF8s
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQ1vHUNeroERQPMn1hV0gJSgwWN%2Bh0LPBWGPoA0YQciuSXe0Yn5QHa33ufERL1JLdVFUkJfsOgZQm68kWOYAmfp6POZL%2BjVLiN30UK9H3Mtj4zePIeqHhLrYBQz3ZPAhxEzpir3gFgQ5lA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmRGUL0KbLE9moeDGMkaPwc8uQe8HNBT4qrr62buE48AGiNrk42Rm0Dbw-2XStMBTMg4kwoweYbKqo8EFKVOoCSRAiNxF8s
cache-control
no-cache
cf-ray
843d871d0f316a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame B1D5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JMvv7kEKE77It6MZSJH078ksyFb-NtMKGtXD3UZ9uEW7bAhEu7M4BfNFuHaQbo7A
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7530 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
15557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E35D 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a598c2fda78e0b6018bc16cee7e1db0a6a41a4594bddd19c927d60daec73f7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame E35D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstV60bNmdNJlLK86rms4Z_8K7V5ZIWSICEIUh-3ICrh1WLtOWcvuwzDBGEfppWl12Kzwhi7JPrkzAyKFei3ghj-hhY1_c-M91C-KuUb-09QTWbEZtA9SH8Ck3jTTDnrgRKtLMQuOpAaF3LzmGVEiVAZsgGB7IiG1xP6PdiKikJaqHLO1qLwEyiXj-ddqM052P38aDEmM48DCYCwAHmnCofxIbeFGfh-Wl4zFepUZJ5YLrP9a7fBjqCTqhBfogYIGisOW0MIT-b8VmltGR58lLNSR99jNYwGnt6IRyTBnnuzBfmOxpb22TztMfs7nUjTrRovusgZdXSdhn2Dicn1D3UOCqF61j1NWsvf8a0SjI1f6irWP4sMpyVsfJh3bEpCwUD2Q9iv1o7fD03wNPJoMa8yz6vsBkSoav-Qtb8RNQyE7Mwdi8Sby_odKLQQxT31-iJttTk72FnTCZG959_8RYyCrN4p8q6hkP-CoLyA3jA0FybieBywQ_lAyTVViAZXh5dL8gYfctBAr2_Rrf-YyNUHLrWFKF0rtyhNY32aqNg2mlEpvzNl4qNh2Ym16jYC4IYpF5R06KWuCnrOiviaFVCY0cjHgwwg_UbSd7C7L8ll_I8h3DbSMIwlwHHrnCyaua-NZwaSZ_W-S0YkOgtjsj2mnlAQ1Mn0dER9rwW3FJszFUBXPPCVJE1QZFTcTJxnXbRuo5zy5OHl1OCSCBXwW_fBOrOXKtKShSKxD5-WJdsgIzNL8s5g7GFCW6Ej2NlG6QVXTgAqFYIPxuG7RS4iLt_ZBm3QjF9BHFjBsyi1x3xqjHUSVw1_U4P8iQwUw9yQ-rVsBU05heZwFBVCiPoKhtQTXmUJjQJ9QlUBrfylSIzaiOO1JVQ3ZN1cFGF_Epxq3cQCq9iQToe0m2Pryzap404YzSoy5kRIkkG0Y-ICfZKcc5sjRZhzRLnP3Rl39ajsINpx2xSvJRuaM2S0B1li0MQTntcnkFikjLF1v2_T_5fV4hfccE3i-vjGdrGnsKlqJfGmvDCI-vLbQstXMyAQGjqxRU5_qFo1rNc-gjufL3ixdiFuPYJJDyvr96lwik3duL5vXh-3K1Cqf3jd2HuPEUcI0U9YThfzwJSgmteNFHuJPvi8o_seBSwCvooc95Kt-64cIQFhQlBSt9n6ukQeDhbsdH4lRHIRnWcfHpFXIHBQTM9Xw-MSaol4fUBRg7L1z-NAxDaJh0rDjAxn3U85yFa7qbjT_lqBlgWUGtzyBtLNE585C1gm-NYCPkBujMu2fbM9ej81bp91KOnPP019YuL96gT21DBRcS28E8cZpjjuOPa4eHwaoObt7kZw_bB4AJtpEctRwKxYprEFjMXFtoFTp1T8UHdjnkw7BBxJHIdtmyuKxyZ3RT07ubcFhU8yVdBV795AE2_LN0_6_9_QbophFS78HiPjTM0JbowwhL1cOEAO9sG4RR68sZhq_ff46QTrPx0R&sai=AMfl-YRyzOyY3VYJsmoa9N3P71XhPKdxC-WA4h7uRekt5jwJwY-tTyNTa8GNbtLAp3mS-SrbaWWfLVwnDRR4NRzMaR0PsX2oaCy20JkE1Lg-iKCe-GjBEgIkPrBnQ8eIBZ7DsFBwEa7NXGc4bK3UL8L7CqAaN7c6lrbjMhWYXg0ahNihdTp9au4S2f-SQmljUhmBKm20l_fREtUyleqnVvSsufb-4Z4e-peJtx364XRU5iebQFa0xQz6PRuC8NMiQ-Lp209D&sig=Cg0ArKJSzB0Iysb8Ko49EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=593&vt=11&dtpt=591&dett=2&cstd=0&cisv=r20240108.92107&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 25DB 		0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNVJEd2IJlsm3Mu8PQyyAr19W4o2vVaYfKQkA-cBb6exfLrQKlgrYHTvZeQ0qyD5o-JrCkU1vJtqFSVWXxG41XUqKukbhoWp8250qdHvi_yftTWkwVCSm_vfjySZhPMxbkMOeEDB0kUgd1WWnQ_AfoZxyTmWTw5_X-2lAl-b4gzcDwJxapE
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame E362 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9424591480132&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E362 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9424591480132&version=m202309260101&ct=76&x=1&cor=2721596336157349000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E362 		86 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AaBXjGVNkveiFy6AGtDiBz_SBe9TY9DdFKfxDWnsFvRLtTsF2Ic8xnsScjTcAtuWdkFarItgXx6ol5TtmN-7yXwFRwHd-oIATcN2WTRw34VAsFEAE-Da7__xT0f_N1F9D-qEV_RjAdsFrsBkcksg-J4hj-QrWKeiQFfymtdRHEWe5f7L4&dbm_d=AKAmf-DJACadxXglnxSE1H5gVozGblOyXr1jzxyZgdLMt-wDlBMqXtJwL0qXZvuUWgcyfXU290eZE9NiicW9a82jx56wPPveAXFJVExgn5sJp05niPZbDJMeEWMdIgdJzlvkef-_Dv491Pm9yNMkdQpEwd3UpBYMX5OyjiwhAtzKf7MbOsIMYBrDAErheTOSjqSk7AwRkBuHN7qAvre8qBADXaVWxBEwS9cNMElfSJyr7-DK9_BW8ijZdbBI8DI2CFxzwduzbo1ih2KU69IGVktGVe9c6tHe7A8gQ91aKM1DSBoWaDWb1jniw_K8ogpP-MgoB4hmtFVRLPhTzS7aQ8g8VGX0eJxRk_GTGT0YN_mh37N32ySj8E_ugI_wOnpQXFS6aJbC-TzLrT2WBH1hcg3-hI6cAPxi0pRp8W_y_3-QexxdezeZWZVWCMjXRuzIT2ORGH6DRKLUgjxlJnhStG0Em-Fe49ymw4XwipQMd_9vGJ-zn_KNvWmHslH3gILj-NerPc_2cwgtgj2JVkfmN6RUhVCDPrHP7xge5Yij5Z0XTHDF5K5bbJgNu0W7gDrpHHFzWn7EyoLVnKu_GSXTak1U6wsAP0acb8azYEdePgj90G2qIrjf0hpIHnZA0nxHkhSgfp5zTOeeTPrReTTOWK6gvlclxwyI9RqrxLIv9TIu33PEcTNz31NuY8M3gSDaIWXoCf56U4zI6U3gLomCHANe7fZSLV5xElt3eJ4IxioqNfWpGkdB_14fRNmY5tBaZ-EdDQE2eIxXo8P-oEvyAwJY5OwwqlDmqltFYpNC8YEV7yzoUtzXYmpXaowLJEC8G2zp0Gmum92_mWOK86h6oIfrN7Zldp_u1lCJ27n2FFp4haLrpWUkNlBHUZMUiIl4nNMc1YIC25QIkyAsXmoRgfbagDyVh_2dUG48O4Gv94BZn1FLFhiH-MGka-zK8y52Os-Sp3SLDPUaGfL00VmQIUceTdcrMMZxQoBcDGGekmpt7fkTWLQrvUKRd-K2LgWOnnG0ucfAsCjAjBGwMMmPXglUv-ApAfrtXSlZxgWGjTlswtEkqntovUHV9m_7uiTJsgK6GA98RJ7tLtio3w98XQNNb3AXxw5liZlHts0qiN1J2c9lfKPZ3wEpa3Sm9wgcRH0SyrvrTBAKPRn3TV1lgAYjIn4M7e3JtdoxaP-1pzAiXIraOa-kmwJ25x_K19QRQul4j8HA-8pALTmpae19XKha1TMtLNXPE5j4R-Q3J0AEVkXr10P8q7utdxiDiAwtd6zBC21PaeudhkWnvz3neDiQ6vkm---P_YV-k7Gh5A9KyRMaxHkps7JWF8N_bi3yInL2rPiKxQX13IQCypElDlwTwTD7bxYdUH1LdQaiVKFJdG7WLJ3aO3QFv9CdehuS4GE80mxMyB2mqxOCV8S0RU9tnaZM9-iBoMtF9rie5OOzsm-R-X0_ettOqjvudGplUTKjTw3cjtCQWzws6TDQoNRJEoPKBhbx4xwIlpA8R9gqXaDgZrc2ODT562T-2bWNawTc5tgzqnQIY8sUmSnKSn4k4prn3deYqpJ_D0bvdhy6hwF1KZa4XH6vOCjn0XAPMWxQ78S1s9fMOmcxME9MZXMKzedLZB_p3kbYLEwMIHK-q_uq1-Th2hbaV4fMOdu2d5EKavPXk3m95XfFuIlxAXDp_5t6G2AXzTVMcrbtZo0VD69ts1b5NXkZd0MdswBNTLC3IkidkYPF51rgadsDfGyVUFOxMHwCA9fJJziL7dLic6rYTpzpwGUSEykmgjNME_Go9ibiTOoDM7sPZhotM5su_UX2p_dYz4oHUKTPGw6t7KY1DScmw8A8Tvub8X8gLbkMwj_cmLHdg1NLwz2dz_6FjBpIaIeEMd1QVUzoeN-BzlfJiVgPhucrMSkuEvy-pgdxlha5eM_VvA8IhcAJjo3m8vlfmpM-SjmWrgsi4g_5JpGLE9dz1VLkHzOwfoRbpFXRksNQZ66vMpWfjrv77-3F9IXuvfsJISS3mhS68bKpZFaKQ7WreSmN9guVUTWsu8Xi_UQkR1S_9-ULJEUK_nHQgGCI7zQWfqCi6lCfzZIZDUzOguHkVUQ4fAv__sGtp4_W-cwNPH8uhYD9Fh4Di0D3jZ1meW2EMxPbgyO-6rspNL1d2OwaUoX4wq4XWotS1cORxG5NNhQCG-buVufmHOBz07nh6To-hhZXtBZJkiZSVdSOoLSB7mziT1pzP3omXMk_I1AORlM7sjGu19OM0fanPuvT_-wFWSV_bCKUjDnu1Nm6Hmg3Z_F5ifG9Z8yCxNpz9zIohkNW0A43cTuKwtP71ZRt8CulktY9OcBHSMGQumZrfUZG6o5mWknvci75eSJBj7yuUDCN4rlOZRc5q0Zb5ahKA45H_2JEYBCIXgAr6pdSdHfQ1Q5SGd8bM19ragr6DALlRb7VLKZNog_d8_ID4DMhwVbxNsdyq3zZEvGQyEOE4OFS2kACOE_e_-TtG2c0IOKiTo7-jns1wIIkZ29NqkBgKuPGtr1BlgLXgPNTTUa3nkD523dQwza_4rQVJjvwbjDyGjf9Eey0Jb4PD_w8aALAl51NwnD3blyPdCR_EQ3vMkCJYPKx__zcbDYNbhj1ZL4N3aX7MlIjwlpq4sE1NKCjo86cPvHMJnx7bAeks7y4MYXtjCYpdbfjtTC_7BaHvvcrZrS0QJS3m1sNcXs1e58pfaTIHv7il0hDYUCCUoAcQPz8Sl4Yqdvw1c6YqR72UDX5mlb6dCPQvVrcXYOrmwe6ZR97roAFJQRBBQBb2K-tXgUiIVfCL3VgQqkpbzblFJAQyH01G1CoQE8Xxvci6cbs-HSOSwu-gdGd6jwEbuchuuNBcRkvmE9EDmL-hfvTZYQaz6YmpzY2vLyDlelHKoQKhRvcGKDeF-8R9sWnQ4m4XIV4CxISnonQUx6uW_AEirCJMAonX26rZYT_3VpSNX5aXgZbDU5wa1Ts4aKg6JNPhg32wP4ydKda_2azvK8vXgvzWkFiTC_hAZRmLqIRv9bvIPlTqP9M_xSQeIG9rLBr0HZB0LQERSXk67jEIO0a2yh_y7isnN4MJU7o0rwhEhy7IUIMgaeOy1KHrGstxtTGFunzJerTTMSC3EEVxaHDY6U64vTw_ommFwuxXopIwjytt8kGh3JWfVJEQZvQjQTfBXaNChWqQ3VCfAbXF4j3pVif6VIKQh5yLmosQqh0Tksoyk3_hcCMxixTRWyLLqGdH2KlMtyGyWlixoZwpDwwLNBkx3pEFDdmWM1JzU1EwdB-KMWUVGdnZ80DO1NwYan_jwE7k_Pmt-dW6Kd2gxczbhfKmRnjKgzsR070lbNFEQHsUrUS4y5x-2hs0PE95o6E0tR2mrS1xJiQSu424GvbRiZD9wJ806oQscXCgoI09XrYGLkUMlnRufWd_igDpdNsbErtA3oZD27kmLr1zceZooJfsKJyT0lwXOkYtipwDV-uuGMlvvl_cimY2qZWH_4ZeOnlaueHhuHOqtW6yfdQkvHNeUBSv51ZMOo6pQ-md8giHTjp16MQ9nvh0CDq1sW4fjhEjmYFq_s672PvujZTjz7wV-4B1xsbJ_0cKYuVlOTg47BFkOsPz4PPxbe4LN6s0MX7_vT4ip0ETOInah5TyvRg_F_j0Ser4e7Cn-OBPeBIgG7bdKnqmqFymElB0DalhIIlfD5H8aPJw89FCUwsWaLtLVM8Z8JVEGMZtIAoHVFGCUdPasEndb1BZkBYEOcrAAajfadL9sY4eaRdxZEi0-VN1CxPUosyXrdOFyYBGG4mNRQHamQNC9x1CPWwCyWQsyZGyP8TzqIm21K5zZ2zUUr5GheysYn6KcvQtt7S4D0UIO_67z6X3qSqszGZTmvMo8erZynecxHySrljHbWJZMTOj5qPbxZnRpu6BTVyEz9XahLhwBc47uFpxqHrk4yoqJd5wBscEbXlDoLK05uHR3TkSlVg2hXO3EiLkos8anxdiG72J3S3O_SWp7hLKY6zBlomRQJpPJyfZwKqM2eA2sADih8cbddBRxFFNdzQAo7Q4GRd5ZOVBVd5xvPRT2lbujQTwnM&cid=CAQSOwAvHhf_-6KSfXM5C7juTUUqqFqKRw1SKfY8YsjQOny0lRrViV0zVVzqSfacQtA2VRcsgNM6VfO2XIPYGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.deseret.com&ds=l&xdt=1&iif=1&cor=2721596336157349000&adk=2137584857&idt=156&cac=0&dtd=242
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db1a1fd6abb5ccf8313c46f34a1e6ad3bcf72cb0a1323a70fe11d8318f5e32b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39813
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=klGSJ7kVemkmgute&instance=214733147&version=7.29.5-Z&age=240111&ldt=QUARTILE&key=DXzBc7p4&seq=1&order=9&vIndex=0&absoluteTime=12791.1&relativeTime=9356.9&sm_id=3303689&visiblestatecd=I&soundcd=OFF&quartile=1&pposition=float&floattype=s
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.68.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-68-173.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:48 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame 46FB 		0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY5r-5gAIwAQ&v=APEucNXYs1h8iNiiJnEj_GOdVuXkjbiIr7s5BVl2do3KUraOfrUi-5A9OLrzL9bZTKbNhls9lrXjJEVAwZkbYwn8x0cMGreTkcTvJLi9GtbOCpEB2rfsTn9T0jpe9VfJv-5LHMJMbnZNjLTUeequvXgBkQiXeGhYau73hoJ0er4brprZQpuVfzE
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 13:32:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9009 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2116542304468&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9009 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2116542304468&version=m202309260101&ct=76&x=1&cor=2200999967778855000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9009 		86 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C9DhtmYH0U9yVgPutiFW2HtMKpJMFX_A_MI1cBlO5VwKSy7jM345V6F9xhUbKDvVgjuo9cDe9MKcoIi5Nx2ALd-i61xp4i7ria9BrWj0sDDe_-cuFZmQnHsJDC7nBWToRSeLWkLpNF8hNMtc6Vn4BdxQ9b_NmkwhtaR_ETRbBba5BzZzk&dbm_d=AKAmf-AFSE6sSgEQmvYFoaIe3YYnO0Q8KjQZiJ4SeVFyZJwI_HIez97mXWQCc89zv4rWnD4bAfGZKiPFmASK88gxtOEUiH1SeJP2eSWSn0N-7bKxmDVvKfa_EMKCwbVYMEj3UQa5WWsMDL3MNI8EAHU2zottPItjndzhq_UPiH_8z_ZiGx2ISV5x5DZt2Wk_rg9Y75jUFGh9WKoM1MWEHpY3LrfCGanQES9Tf5C3XbRIO6_Goo2MqR5t2-8elhqiwJhl6b4d_sbmNlWEwRpJAzbr8RQeWfB5Wy6EjbkS8HSoENsKhdpH-eoZJ3bA49_SvvOyKqKGEFnWWDLTw-RGofAUb5IyPut_bwL9sjdnxJ7hH3EYBT_v3fxs3Mh2RGPFiqVR6IuAWQs5XJi6HavMFD38K0sTH7k6tgOMrmvs3SI0ofZRPTR70F7a39v7O-0Ch_egbxDgVmMHdIjXxVXXxCdhUmpCpPvbkurw68lZKh0azCQ_vFHm02DPG-Ibwa4vwGrsI-XCveEkOwGs0nssiBGmhTqhNO-Gz3EqpeJGCv000gmO8EwVcHZf0GWOJ52eaRAyqOFuze7Ce7CQpRg1ozNw9aEXGRD14VoJEuhNjn7rG7NK9U1_N4JA9XWuRT_4vSNffR3aczHZ5QqsZV_qWJc4BHuWn3RMXP0v1dh9UyTrLYBA9hQJIzZxDEiaijrkvT0YUq-Ds6fWLHJmEChBCb2F89xr9g-7pvKvxiKSmzk1J-cf1-OFf41iAnQprjv6sRhgxKfGfuG6MjGOylCvURE3no5MUY8ZzXe7RfYwaGspfj_hcRxgC_9vY0bpNedKy8-oD26zB_-dQoxf2nmf79geVQJNQDQUDwGOhao-ojxIuY5svCES5LcuDJgCGb8hk4K-lDAbc2eMx8xWKFzEzf1Ye-DM_91id86Cn9FtWaEO_s_0YIIYN7KgUr6AeJ3cXJSWk107EVfWHHIFwBV2I9hy1tdh1QmK_ecGoomkgcHsJhQc03IK1sD_LhEd2KLFzsxVrefqM72Fr1mZxTqtj1Qi49jdGadLy96p1ApNt1XL4dCvqtGNhrwR7-96iikDHVqADebPmiYLqhQwceUnbHaKOCcYgR4GpAdvPVTEfiTQHzEo5djL-BsEY5MMD0oO-tffd5RhepvbxzeUjYdRaUjOM6ciLYJR-mOswtSC-lHcDvVIxWJQKaSvkMyonp0EKFUmHqgbipHkCiiaO6puVLo8Tiobp2P0sEB5nh2c3RBuNUU854ch7ZfuDImIYpukhhTZvi-3QKwhONHwtvxVueVhhpp7hSkjFTpGLXbXXs78L4UlEcNnZbQd_bZKBIPPiQOJB_I8B4Z4ibJ0_4RdF2dWPmRr77sdaiCFiSPSsm7kxtkDj5jDJxXEG-czLMUWcB4m0kjbRId3MILQZIc0WUWMzc4PMktcg2yHlXCzjrN9UkegxbqMxgtxEbfJJYZCApdUtnA5P-GqAqPNYGyKMG0CbdppWCe9E7bT0ReEzfGNCIXndJp2fLwB9s-8V8t6iEmS8brbHal9RI00jaZg-KCYOONGK_J1PugSSgy7Q3uhbwXsnVP6N8pP72GusJtUE_5jtlxMCvr0y4JvWcwBJMT8t3-isYSHxVMVAF_xlv-l4d8nwYGXZWc4tC-HjHJtnjqe-V7J6bJV48CBEAjuDrgGAB9pcHjbKzELlUEOBrWZWZmXXZIZW3xd-hAa25iusGjGBWyd2QFjwN4GxZbooDDlmi7_0KZ6y06x9G0x6p8FvnYUkMWfOANCHWwAv626E1PMfkdGtTmjeKu2lmMTTHlXeOCgX4KjYEFBDKRX0MB59igHTaHE5YDJR_SJuED8Gdd2uBh2VaMhbiGIpwTZczmDqvB1k8E9rIlqW3E_xqNHa0r6dGNTgm564Ohou6WOF6c_YXaod2uRw4FRbNoBbO4P7PAYajX2c_vNiYWX2P9CCF0-fkJh5V-MuH1xLf_DgZnSrbQEu_rNnCPFZqxNYvhWAqMxqAa_P4pxNZO0u7e4pAxQbTLwVPm3wBE8rg4mFQIUIKL9Suqvu1L9F3E7iTIYID63sjrDshqKTYJer-Q5r7Q-Q9C0h21MdnyU7rnrNacb3MZAJM0MqsjoqzGLEKWKfSZbU6xtvb6dyYhePde8B4D6GQKG9zDI_i43qdTWYj1INYc7An8Q3ULzeAGKsO4i0C5TdtjPuzNStJoGMqMc9BfsBe0llLgawFtVL3B-mhwGDQePnfBVHqFghdf0OU5O1n5BpZ7Gk6f7545cHWvrBTgqKDl22naoZTaO8-hMYlT2c7jtyrc5G63lWkWL0hhHgVP8mnC9V83I9Qz_wKQAubC2JquBPKE2L3ocS6UjV1YThcvjnXNkQyAhXtgrqGYuC8vINRTA-RdbT7bPbzBkDMGtZbfa1RHtxN5Hs300b7XUsQ7GWLUH_aVZ7ca8Z9u5OPoB54IWZd2tKQshqsFruxEuAnMwjFRmWKJyKt4SpHJDznghNPm1kMWJV9TvEm9eGUOuJ9y_389SfWxBHGHB23unSgr6OpKlnQ9Y74FE584UvJr8Ha9XeIQrhcDNwocuPi1m-kNld1F4eTXg2O0i4UBfBunT6DvYPAMTdnRi1GsgO8yxoxDUGj3zzXeNfjoNhvvLa7s-1EjLQbwB8gd7fckPxE2eztFNuH4QYtXKXN0egSYU4nMvcL8YafAUlVUegL8cFRghyGgxkkhCf2pmKKH7gyPTvtNNYwagpmhtNeevREEnuSMf5Iy_2CkxQl9BpBo9NjcO_0CgOMXYCp98Iid04I6PPcFRXwF_Bv8tzw_rIh-a7y4YjpNFlC1CAK0ShilFWdpjN3ORsxpU6MFFjcurusb9QjuzQKQvRhZsSMeLbtQksdUy6jXbq_tFgQHmhlQSA-BPQDdNv9OmiZyH91B3HpEH_ecNkRngbhFvYv3YH4x6Pk_tWt2muzls7yj_4f2FIr6XyGbrutNSEbmWMOn8lgiI98YW5i8DPLoMOurFu3f8XPRYdrfhJctD-RfiuX9uvM8P3NDqR3E_gSOC_sJp3Ofz3OoSFQwIYbcKFU8FDh104yWM_slD-kglMb58CJm-V0GZD7wUm67fRK6kWsuD1D9GCEdT_R1H9kDBeR1RwELL5NpB5z4CTVi9F2BdwQ6VTFy6GeNlX1aKTT1xAufh8r9_s2PPILDFHAKM0nfNGXAl5uOOjE2Iv5X1uuuDPQQuD52y9VNaHISWhVw2J8C4ds0Gvemwhc22UcNC_9MKOR183Kt6hR-hm8dMTFfPug2OhDVKMSzaE2MH_Xh-R3CIVNUtKYGV7th8X6jE3SReM3AnJP6CWRG_6VEfF4auOnE4Fr45gMHF4TYPQqPSz7izZC4wVfhhOenv1pEF11GpMbdTakznJwDT3F9anC26j4ZEg2yvfCp_A6M33n3u_R08xyvfmMQxFmOdW57GzWhhIp-ympkT8UTlftnOyErJwWnYrCOx4UEFwDMzgZAEx0bXsnuFZH-D0DP1TFWgTgOJHC5xKsEaJU3V6v0TCKdtUBtV2_RlLM5EZycxSe3nOvSMmoYpb0OyZQYmoTh5ElIgRHjJsPUeiFQ3X0vBUQDHhOBA3wNlXZxvIrwuX9CXy_TSvSUL4EJ5CjFRzD9vubaEOrMKSDd7ItH8iT_2pMdQ_Hmwneppc2dhTuh7z_SUGFqz_zcKCmXIEE9F0SUsvRp0E6eN_1aUWGXpMh_Lzpo4WKgZOlK5YO-rlEF3Rk76AxeqhshyxWL1hrEj9gKsJzUapie0a4Kku0KLbcSGsjZmN3Ec460WHXshauchyahYS8kFUZ_LnLI3EPLzofeit535jREf5oswcyj3sLcopBXZP0IjnxIYxVEKPIE-84vLwVteArAD6LAgx5LvfcUQblG5NinJN5jwe9GChujffu96H4EDrDDTg8X7jhQYOsgFSefgmnss5OsYrXtm1z_Ul5363BquSLqC3OaPJbDDFEhzv99fp5CBTxIRkCdoXbNn5e7Ei5qZgw4hPtEuQqR0bb5Ey2m5jlS4JzYx501wPWbPxOQ62eXFeGkntDrGpG4tEAf_zYNo8sA&cid=CAQSOwAvHhf_6I7vJVRnogEQTgiE_YXQyGnpCRgo2owuAO7JizFfmHsJZJ_7HE_Ql84ybUN7q-q-C9qvDrs1GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.deseret.com&ds=l&xdt=1&iif=1&cor=2200999967778855000&adk=2352010338&idt=115&cac=0&dtd=205
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e485c7dbbc25e969e85d37706feb9ea7b35de758e08112d577eec9f334e9864
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39909
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D655 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssR8NU74A8cbLY_sgs8T6YKpgLcfOnufVmh7ZNkjFpvam8DqqMi5HgBDxZHXJCspyN4fzn8rRRNXs3vED9ZqNOkBHSgO8suPGLkrNtQjVoRCu0eaPMd-f4Q-NBtd3vD0nn800zEfeGVmp16r63dnvOY5tLp&sai=AMfl-YTFjpih29QGFnpTL3gkYdWGjmE-75ggxktirgUCUYcSxnNUHb2QbWFxshPHFqBXEf6aOm10GxTHeyczi-Cve1aTnf6q9P6yKeufS5VTejX0clRiSyS28mrUxyg&sig=Cg0ArKJSzMxJPXB7SWXzEAE&cid=CAQSOwAvHhf_Q1IWT2YxKmKau1QAJHuLf_WmHX0iKSlSoQj0X-LntHOsW3HrP-v97fDBnSxo6eR_HOdt8oWvGAE&id=lidar2&mcvt=1646&p=778,1050,1028,1350&mtos=1646,1646,1646,1646,1646&tos=1646,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1366438291&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704979962806&rpt=3736&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 9356 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
169929
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 14:20:39 GMT
expires
Wed, 08 Jan 2025 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
i.match
a.tribalfusion.com/ Frame 01B8 		43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESENEXVcTLHRmfv7OAmXhjipQ&google_cver=1&google_push=AXcoOmQbwAvMhVoFbxc97RywMGr5iKSLfk4a1ekF-KKwG46HfR1yMthAmLmAW67fyl7NXy4jiTz3AJWdfS10b5wgsB4OtvzEjRgD&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQbwAvMhVoFbxc97RywMGr5iKSLfk4a1ekF-KKwG46HfR1yMthAmLmAW67fyl7NXy4jiTz3AJWdfS10b5wgsB4OtvzEjRgD%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
843d87223cc49ba4-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 01B8
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMqsDO9Ix66E1foAqwAT3cc&google_cver=1&google_push=AXcoOmSIvv8pIkhAnXZ73bXXOFyR-_kK6q3SVBicmLwJHJqJTSCYIqBk-2SHwAQuP70QPz9YULRY1wDWAH1Ts5i8fbKlC3P...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSIvv8pIkhAnXZ73bXXOFyR-_kK6q3SVBicmLwJHJqJTSCYIqBk-2SHwAQuP70QPz9YULRY1wDWAH1Ts5i8fbKlC3PJKzWe
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSIvv8pIkhAnXZ73bXXOFyR-_kK6q3SVBicmLwJHJqJTSCYIqBk-2SHwAQuP70QPz9YULRY1wDWAH1Ts5i8fbKlC3PJKzWe
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSIvv8pIkhAnXZ73bXXOFyR-_kK6q3SVBicmLwJHJqJTSCYIqBk-2SHwAQuP70QPz9YULRY1wDWAH1Ts5i8fbKlC3PJKzWe
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 01B8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIQtaOBciiNf0zHVztw9jtA&google_cver=1&google_push=AXcoOmQdpopkfQ1J64aaTNC1fWcMpd2qhh5-LzWdC4Q_vLIL87_p0Pv9KoFxr1-dUQcSsYdMKzdGKYeI...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmQdpopkfQ1J64aaTNC1fWcMpd2qhh5-LzWdC4Q_vLIL87_p0Pv9KoFxr1-dUQcSsYdMKzdGKY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmQdpopkfQ1J64aaTNC1fWcMpd2qhh5-LzWdC4Q_vLIL87_p0Pv9KoFxr1-dUQcSsYdMKzdGKYeIOc583T5E1kJSyUHkGPFZJw
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmQdpopkfQ1J64aaTNC1fWcMpd2qhh5-LzWdC4Q_vLIL87_p0Pv9KoFxr1-dUQcSsYdMKzdGKYeIOc583T5E1kJSyUHkGPFZJw
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 01B8 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEDg2mKcC0JuJhAQiCMHk-R8&google_cver=1&google_push=AXcoOmQYB8T_SJc6vCPahXLI1SNHyx9nE9Ki6tY85Ql3wvSrJefUfQa0hvrnAmbSlugg742Xs4jGzAJHF6b8nzYT7kW3o7dB36ab
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 01B8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ4UWcTFm6mn0-RBWMZCHno&google_cver=1&google_push=AXcoOmSI3RUyPQbiUUj5aXgfYvFR-whH3zc8mW4c24uTSnmHgLFkdadWxtSsMMh3RbnkGBI92tz...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmSI3RUyPQbiUUj5aXgfYvFR-whH3zc8mW4c24uTSnmHgLFkdadWxtSsMMh3RbnkGBI92tzQLn5HNew-72Ep17Ci_hWTMwhJFg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmSI3RUyPQbiUUj5aXgfYvFR-whH3zc8mW4c24uTSnmHgLFkdadWxtSsMMh3RbnkGBI92tzQLn5HNew-72Ep17Ci_hWTMwhJFg
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmSI3RUyPQbiUUj5aXgfYvFR-whH3zc8mW4c24uTSnmHgLFkdadWxtSsMMh3RbnkGBI92tzQLn5HNew-72Ep17Ci_hWTMwhJFg
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 01B8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmT0GgHJh2r7i5ukwuWi2N8MRZ2_3PI1I...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmT0GgHJh2r7i5ukwuWi2N8MRZ2_3PI1IIhy6y5QR4OcdZY9P_hNmaSaPJnl5wtfhQrkVl-DBpQwQDM6c4xQYrthsUFBIT-f
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FZ1d0hx0MS9Qy3hq4OAYDCg9t14h13g7jqVQGzW0AzoW5UXiDpbbxYpBJboHCxpU0v1o3PUBFpKxJxP4Rv0zITcVnphIc%2B7IewOr7Hyk0vSCt8kxMg0yYkT6RRQzu692sXhpO2fKX0jiA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmT0GgHJh2r7i5ukwuWi2N8MRZ2_3PI1IIhy6y5QR4OcdZY9P_hNmaSaPJnl5wtfhQrkVl-DBpQwQDM6c4xQYrthsUFBIT-f
cache-control
no-cache
cf-ray
843d87223e326a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 01B8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JbY2BShbQ0hNl_hSesyT8P3SthwSI4EBlbMxsMq9A4jSS4ksMMs9MTvhh9ZOV-vQ
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 8180 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
169929
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 14:20:39 GMT
expires
Wed, 08 Jan 2025 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
i.match
a.tribalfusion.com/ Frame F6C1 		43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESENEXVcTLHRmfv7OAmXhjipQ&google_cver=1&google_push=AXcoOmTzsUAwSB5nudrtF16UQ7raxaAWpPblvbX1XwYXAoR58wPaCeT3hCCrL3Zh2weSPwQ69cgnX56-9a8OmQ7DQZoERvpfThxFIw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTzsUAwSB5nudrtF16UQ7raxaAWpPblvbX1XwYXAoR58wPaCeT3hCCrL3Zh2weSPwQ69cgnX56-9a8OmQ7DQZoERvpfThxFIw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
843d87228c759a24-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F6C1
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMqsDO9Ix66E1foAqwAT3cc&google_cver=1&google_push=AXcoOmS6dPBLlTquxTjmd0qt_K7oRq3tj65g0PsJ5LBDDCtDaDDVw22_HjlOrcOfguPEB6QyPnqr32p01VLOu0GiasBiM3-...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS6dPBLlTquxTjmd0qt_K7oRq3tj65g0PsJ5LBDDCtDaDDVw22_HjlOrcOfguPEB6QyPnqr32p01VLOu0GiasBiM3-kj2vLTw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS6dPBLlTquxTjmd0qt_K7oRq3tj65g0PsJ5LBDDCtDaDDVw22_HjlOrcOfguPEB6QyPnqr32p01VLOu0GiasBiM3-kj2vLTw
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS6dPBLlTquxTjmd0qt_K7oRq3tj65g0PsJ5LBDDCtDaDDVw22_HjlOrcOfguPEB6QyPnqr32p01VLOu0GiasBiM3-kj2vLTw
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame F6C1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIQtaOBciiNf0zHVztw9jtA&google_cver=1&google_push=AXcoOmTBWHW1e2Qar41nt9TuwO6p11j8hkUYnan3cngzSLM7K596BQfBLIq9p2K76MUw0-BWlmkvvac0...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmTBWHW1e2Qar41nt9TuwO6p11j8hkUYnan3cngzSLM7K596BQfBLIq9p2K76MUw0-BWlmkvva...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmTBWHW1e2Qar41nt9TuwO6p11j8hkUYnan3cngzSLM7K596BQfBLIq9p2K76MUw0-BWlmkvvac05wtNzSFqu9hKg2V6u24n
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmTBWHW1e2Qar41nt9TuwO6p11j8hkUYnan3cngzSLM7K596BQfBLIq9p2K76MUw0-BWlmkvvac05wtNzSFqu9hKg2V6u24n
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame F6C1 		43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEDg2mKcC0JuJhAQiCMHk-R8&google_cver=1&google_push=AXcoOmRwNHUey1hEmopQ8QOHN9uTaUGeGrrBlsRBVvkktu5KRBbfvcl0JGiaGWj5jM4sxp5Mfb2YwW3zqjGqzEugSpI3YPIgNn1FPg
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame F6C1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ4UWcTFm6mn0-RBWMZCHno&google_cver=1&google_push=AXcoOmR_6zATd2R8XdYZtiJtZ97NVjpKlAFQ-gRSqQEv8o8GwBuMChTR7EwFy8c-GbMxCC3xsiE...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmR_6zATd2R8XdYZtiJtZ97NVjpKlAFQ-gRSqQEv8o8GwBuMChTR7EwFy8c-GbMxCC3xsiE5hNl2F2VxXKO8368Pv4bZ0Dl09g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmR_6zATd2R8XdYZtiJtZ97NVjpKlAFQ-gRSqQEv8o8GwBuMChTR7EwFy8c-GbMxCC3xsiE5hNl2F2VxXKO8368Pv4bZ0Dl09g
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmR_6zATd2R8XdYZtiJtZ97NVjpKlAFQ-gRSqQEv8o8GwBuMChTR7EwFy8c-GbMxCC3xsiE5hNl2F2VxXKO8368Pv4bZ0Dl09g
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
pixel
cm.g.doubleclick.net/ Frame F6C1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmT2eXO7Ky8hrGeNpUhxkRaWiZXdRQMf6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmT2eXO7Ky8hrGeNpUhxkRaWiZXdRQMf6u5iXOaAa-oApVQSD0gy5ip97SBNyxvydXR5ZemfL447t4X-fI78p1Ampt0cSFyZ-w
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xezGo3EqBSKtZe3JnRsb2YeDTgBdap%2FgSQdipChKf44Qmfgr7MtOnlk52xTkfWtLm2hwiH%2BoxOSt2JqA4ikC59vDRg5ywsPiUK71LLZVwjMoZgg13vecLSsgIKsZHYzCmLKHAeulMmuvIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmT2eXO7Ky8hrGeNpUhxkRaWiZXdRQMf6u5iXOaAa-oApVQSD0gy5ip97SBNyxvydXR5ZemfL447t4X-fI78p1Ampt0cSFyZ-w
cache-control
no-cache
cf-ray
843d87228f4f6a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame F6C1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IEm87B_SNQUqoQjA4mncz4qZtmuL1rTC_cDupZze9FU5rFf-TEZiURO9VjN-Okxw
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
place
saambaa-deseret-tagan.adlightning.com/ Frame D655 		0
447 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://saambaa-deseret-tagan.adlightning.com/place?p=1&d=eyJzaXRlSWQiOiJzYWFtYmFhLWRlc2VyZXQiLCJ1cmwiOiJodHRwczovL3d3dy5kZXNlcmV0LmNvbSIsImFkVW5pdCI6Ii8yMjc4NDQwMTQ3NS9yb24wMV8zMDB4MjUwX2Rlc2t0b3BfMCIsImFkU2VydmVyRGV0YWlscyI6eyJhZHZlcnRpc2VySWQiOiI1MzY4ODgwMzYxIiwiY2FtcGFpZ25JZCI6IjMyNzQxNDczNDUiLCJjcmVhdGl2ZUlkIjoiMTM4NDU2MjYzMjk3IiwibGluZWl0ZW1JZCI6IjY0MjI1NDE4MTIiLCJhZFNlcnZlciI6ImRmcCJ9LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MCwid3YiOiIxLjAuMCtkNjQzNWE0IiwiYnYiOiJibC0yNTBjYzc5LWJhZmY1YjQxO2ItZDY0MzVhNC1lODA4MWM0OCIsIm1ldGEiOnsiYmxvY2tlZEluZm8iOnsicmVmcmVzaGVkQ291bnQiOjAsImJsb2NrZWRDb3VudCI6MCwiaGVhdnlBZEJsb2NrZWRDb3VudCI6MCwiaGVhdnlBZFJlZnJlc2hlZENvdW50IjowLCJBRExIZWF2eUFkQmxvY2tlZENvdW50IjowLCJBRExIZWF2eUFkUmVmcmVzaGVkQ291bnQiOjAsImVtcHR5U2xvdENvdW50IjowLCJlbXB0eVNsb3RSZWZyZXNoZWRDb3VudCI6MCwiVlZTbG90Q291bnQiOjAsIlZWU2xvdFJlZnJlc2hlZENvdW50IjowfSwiYWRSZXNvdXJjZXMiOnsiYWRJbWFnZXMiOlsiPGltZyBzcmM9XCJodHRwczovL3MwLjJtZG4ubmV0L3NpbWdhZC84MDQ0Nzg0MjM1MTk4MjQyMjQyXCIgYWx0PVwiQWR2ZXJ0aXNlbWVudFwiIGJvcmRlcj1cIjBcIiB3aWR0aD1cIjMwMFwiIGhlaWdodD1cIjI1MFwiIHN0eWxlPVwiZGlzcGxheTpibG9ja1wiPiJdfSwicGxSYXRpbyI6MC4wMX0sInRhZ01hcmt1cCI6IjxodG1sPjxoZWFkPlxuICAgIDxtZXRhIGNoYXJzZXQ9XCJVVEYtOFwiPlxuICAgIDx0aXRsZT5TYWZlRnJhbWUgQ29udGFpbmVyPC90aXRsZT5cbiAgICA8bWV0YSBkYXRhLWpjPVwiODJcIiBkYXRhLWpjLXZlcnNpb249XCJyMjAyNDAxMDhcIj48bWV0YSBkYXRhLWpjPVwiNzhcIiBkYXRhLWpjLXZlcnNpb249XCJyMjAyNDAxMDhcIj48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBhc3luYz1cIlwiIHNyYz1cIi8vdHBjLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9zb2Rhci9RMTJ6Z01tVC5qc1wiPjwvc2NyaXB0PjxzY3JpcHQgZGF0YS1qYz1cIjg2XCIgc3JjPVwiaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvanMvcjIwMjQwMTA4L3IyMDExMDkxNC9lbGVtZW50cy9odG1sL29tcmhwLmpzXCIgZGF0YS1qYy12ZXJzaW9uPVwicjIwMjQwMTA4XCI%2BPC9zY3JpcHQ%2BPHNjcmlwdD5cbihmdW5jdGlvbigpey8qXG5cbiBDb3B5cmlnaHQgVGhlIENsb3N1cmUgTGlicmFyeSBBdXRob3JzLlxuIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wXG4qL1xudmFyIGY9dGhpc3x8c2VsZixoPWZ1bmN0aW9uKGEpe3JldHVybiBhfTt2YXIgbj1mdW5jdGlvbihhLGIpe3RoaXMuaD1hPT09bCYmYnx8XCJcIjt0aGlzLmc9bX0scD1mdW5jdGlvbihhKXtyZXR1cm4gYSBpbnN0YW5jZW9mIG4mJmEuY29uc3RydWN0b3I9PT1uJiZhLmc9PT1tP2EuaDpcInR5cGVfZXJyb3I6Q29uc3RcIn0sbT17fSxsPXt9O3ZhciByPXZvaWQgMDsvKlxuXG4gU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjBcbiovXG52YXIgdCxhYT1mdW5jdGlvbigpe2lmKHZvaWQgMD09PXQpe3ZhciBhPW51bGwsYj1mLnRydXN0ZWRUeXBlcztpZihiJiZiLmNyZWF0ZVBvbGljeSl7dHJ5e2E9Yi5jcmVhdGVQb2xpY3koXCJnb29nI2h0bWxcIix7Y3JlYXRlSFRNTDpoLGNyZWF0ZVNjcmlwdDpoLGNyZWF0ZVNjcmlwdFVSTDpofSl9Y2F0Y2goYyl7Zi5jb25zb2xlJiZmLmNvbnNvbGUuZXJyb3IoYy5tZXNzYWdlKX10PWF9ZWxzZSB0PWF9cmV0dXJuIHR9O3ZhciBjYT1mdW5jdGlvbihhKXt0aGlzLmc9YmE9PT1iYT9hOlwiXCJ9O2NhLnByb3RvdHlwZS50b1N0cmluZz1mdW5jdGlvbigpe3JldHVybiB0aGlzLmcrXCJcIn07dmFyIGJhPXt9LGRhPWZ1bmN0aW9uKGEpe3ZhciBiPWFhKCk7YT1iP2IuY3JlYXRlU2NyaXB0VVJMKGEpOmE7cmV0dXJuIG5ldyBjYShhKX07dmFyIGVhPXt9LHU9ZnVuY3Rpb24oYSxiKXt0aGlzLmc9Yj09PWVhP2E6XCJcIn07dS5wcm90b3R5cGUudG9TdHJpbmc9ZnVuY3Rpb24oKXtyZXR1cm4gdGhpcy5nLnRvU3RyaW5nKCl9O3ZhciBoYT1mdW5jdGlvbigpe3ZhciBhPXYsYj17bWVzc2FnZTpmYSh2KX07dmFyIGM9dm9pZCAwPT09Yz97fTpjO3RoaXMuZXJyb3I9YTt0aGlzLmNvbnRleHQ9Yi5jb250ZXh0O3RoaXMubXNnPWIubWVzc2FnZXx8XCJcIjt0aGlzLmlkPWIuaWR8fFwianNlcnJvclwiO3RoaXMubWV0YT1jfTt2YXIgdz1mdW5jdGlvbihhKXt3W1wiIFwiXShhKTtyZXR1cm4gYX07d1tcIiBcIl09ZnVuY3Rpb24oKXt9O3ZhciBpYT1SZWdFeHAoXCJeKD86KFteOi8%2FIy5dKyk6KT8oPzovLyg%2FOihbXlxcXFxcXFxcLz8jXSopQCk%2FKFteXFxcXFxcXFwvPyNdKj8pKD86OihbMC05XSspKT8oPz1bXFxcXFxcXFwvPyNdfCQpKT8oW14%2FI10rKT8oPzpcXFxcPyhbXiNdKikpPyg%2FOiMoW1xcXFxzXFxcXFNdKikpPyRcIik7dmFyIGphPWZ1bmN0aW9uKGEsYil7aWYoYSlmb3IodmFyIGMgaW4gYSlPYmplY3QucHJvdG90eXBlLmhhc093blByb3BlcnR5LmNhbGwoYSxjKSYmYihhW2NdLGMsYSl9O3ZhciBrYT1SZWdFeHAoXCJeaHR0cHM%2FOi8vKFxcXFx3fC0pK1xcXFwuY2RuXFxcXC5hbXBwcm9qZWN0XFxcXC4obmV0fG9yZykoXFxcXD98L3wkKVwiKSxtYT1mdW5jdGlvbigpe3ZhciBhPWxhO3RoaXMuZz14O3RoaXMuaD1hfSxuYT1mdW5jdGlvbihhLGIpe3RoaXMudXJsPWE7dGhpcy5qPSEhYjt0aGlzLmRlcHRoPW51bGx9O2Z1bmN0aW9uIG9hKGEpe2YuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzfHwoZi5nb29nbGVfaW1hZ2VfcmVxdWVzdHM9W10pO3ZhciBiPWYuZG9jdW1lbnQ7Yj12b2lkIDA9PT1iP2RvY3VtZW50OmI7Yj1iLmNyZWF0ZUVsZW1lbnQoXCJpbWdcIik7Yi5zcmM9YTtmLmdvb2dsZV9pbWFnZV9yZXF1ZXN0cy5wdXNoKGIpfTt2YXIgeT1mdW5jdGlvbigpe3RoaXMuaT1cIiZcIjt0aGlzLmg9e307dGhpcy5vPTA7dGhpcy5nPVtdfSx6PWZ1bmN0aW9uKGEsYil7dmFyIGM9e307Y1thXT1iO3JldHVybltjXX0scWE9ZnVuY3Rpb24oYSxiLGMsZCxlKXt2YXIgaz1bXTtqYShhLGZ1bmN0aW9uKGcsQSl7KGc9cGEoZyxiLGMsZCxlKSkmJmsucHVzaChBK1wiPVwiK2cpfSk7cmV0dXJuIGsuam9pbihiKX0scGE9ZnVuY3Rpb24oYSxiLGMsZCxlKXtpZihudWxsPT1hKXJldHVyblwiXCI7Yj1ifHxcIiZcIjtjPWN8fFwiLCRcIjtcInN0cmluZ1wiPT10eXBlb2YgYyYmKGM9Yy5zcGxpdChcIlwiKSk7aWYoYSBpbnN0YW5jZW9mIEFycmF5KXtpZihkPWR8fDAsZDxjLmxlbmd0aCl7Zm9yKHZhciBrPVtdLGc9MDtnPGEubGVuZ3RoO2crKylrLnB1c2gocGEoYVtnXSxiLGMsZCsxLGUpKTtyZXR1cm4gay5qb2luKGNbZF0pfX1lbHNlIGlmKFwib2JqZWN0XCI9PXR5cGVvZiBhKXJldHVybiBlPWV8fDAsMj5lP2VuY29kZVVSSUNvbXBvbmVudChxYShhLGIsYyxkLGUrMSkpOlwiLi4uXCI7cmV0dXJuIGVuY29kZVVSSUNvbXBvbmVudChTdHJpbmcoYSkpfSxzYT1mdW5jdGlvbihhKXt2YXIgYj1cImh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2dlbl8yMDQ%2FaWQ9anNlcnJvciZcIixjPXJhKGEpLTI3O2lmKDA%2BYylyZXR1cm5cIlwiO2EuZy5zb3J0KGZ1bmN0aW9uKHphLEFhKXtyZXR1cm4gemEtQWF9KTtmb3IodmFyIGQ9bnVsbCxlPVwiXCIsaz0wO2s8YS5nLmxlbmd0aDtrKyspZm9yKHZhciBnPWEuZ1trXSxBPWEuaFtnXSxPPTA7TzxBLmxlbmd0aDtPKyspe2lmKCFjKXtkPW51bGw9PWQ%2FZzpkO2JyZWFrfXZhciBxPXFhKEFbT10sYS5pLFwiLCRcIik7aWYocSl7cT1lK3E7aWYoYz49cS5sZW5ndGgpe2MtPXEubGVuZ3RoO2IrPXE7ZT1hLmk7YnJlYWt9ZD1udWxsPT1kP2c6ZH19YT1cIlwiO251bGwhPWQmJihhPWUrXCJ0cm49XCIrZCk7cmV0dXJuIGIrYX0scmE9ZnVuY3Rpb24oYSl7dmFyIGI9MSxjO2ZvcihjIGluIGEuaCliPWMubGVuZ3RoPmI%2FYy5sZW5ndGg6YjtyZXR1cm4gMzk5Ny1iLWEuaS5sZW5ndGgtMX07dmFyIHRhPWZ1bmN0aW9uKGEpe2lmKC4wMT5NYXRoLnJhbmRvbSgpKXRyeXtpZihhIGluc3RhbmNlb2YgeSl2YXIgYj1hO2Vsc2UgYj1uZXcgeSxqYShhLGZ1bmN0aW9uKGQsZSl7dmFyIGs9YixnPWsubysrO2Q9eihlLGQpO2suZy5wdXNoKGcpO2suaFtnXT1kfSk7dmFyIGM9c2EoYik7YyYmb2EoYyl9Y2F0Y2goZCl7fX07dmFyIGZhPWZ1bmN0aW9uKGEpe3ZhciBiPWEudG9TdHJpbmcoKTthLm5hbWUmJi0xPT1iLmluZGV4T2YoYS5uYW1lKSYmKGIrPVwiOiBcIithLm5hbWUpO2EubWVzc2FnZSYmLTE9PWIuaW5kZXhPZihhLm1lc3NhZ2UpJiYoYis9XCI6IFwiK2EubWVzc2FnZSk7aWYoYS5zdGFjayl7YT1hLnN0YWNrO3ZhciBjPWI7dHJ5ey0xPT1hLmluZGV4T2YoYykmJihhPWMrXCJcXG5cIithKTtmb3IodmFyIGQ7YSE9ZDspZD1hLGE9YS5yZXBsYWNlKFJlZ0V4cChcIigoaHR0cHM%2FOi8uLiovKVteLzpdKjpcXFxcZCsoPzoufFxcbikqKVxcXFwyXCIpLFwiJDFcIik7Yj1hLnJlcGxhY2UoUmVnRXhwKFwiXFxuICpcIixcImdcIiksXCJcXG5cIil9Y2F0Y2goZSl7Yj1jfX1yZXR1cm4gYn07KHt9KVszXT1kYShwKG5ldyBuKGwsXCJodHRwczovL3MwLjJtZG4ubmV0L2Fkcy9yaWNobWVkaWEvc3R1ZGlvL211L3RlbXBsYXRlcy9oaWZpL2hpZmkuanNcIikpKTsoe30pWzNdPWRhKHAobmV3IG4obCxcImh0dHBzOi8vczAuMm1kbi5uZXQvYWRzL3JpY2htZWRpYS9zdHVkaW9fY2FuYXJ5L211L3RlbXBsYXRlcy9oaWZpL2hpZmlfY2FuYXJ5LmpzXCIpKSk7dmFyIHVhPS9eKFteO10rKTsoXFxkKyk7KFtcXHNcXFNdKikkLzt2YXIgdmE9L14oW2EtejAtOV0oW2EtejAtOS1dezAsNjF9W2EtejAtOV0pP1xcLnNhZmVmcmFtZVxcLmdvb2dsZXN5bmRpY2F0aW9uXFwuY29tfHRwY1xcLmdvb2dsZXN5bmRpY2F0aW9uXFwuY29tfHNlY3VyZWZyYW1lXFwuZG91YmxlY2xpY2tcXC5uZXR8W2EtejAtOV0oW2EtejAtOS1dezAsNjF9W2EtejAtOV0pP1xcLnNhZmVmcmFtZVxcLnVzZXJjb250ZW50XFwuZ29vZykkLyx3YT0vXihwYWdlYWQyXFwuZ29vZ2xlc3luZGljYXRpb25cXC5jb218Z29vZ2xlYWRzXFwuZ1xcLmRvdWJsZWNsaWNrXFwubmV0KSQvO3ZhciB4YT1mdW5jdGlvbihhKXtyZXR1cm4gZnVuY3Rpb24oYil7dmFyIGM9YS5ob3N0bmFtZSxkPXZhLnRlc3QoYyl8fHdhLnRlc3QoYyk7Yz1bY107dmFyIGU9cjtyPXZvaWQgMDtpZighZCl7aWYoZSl0aHJvdyBFcnJvcihlKCkpO2lmKGMmJjA8Yy5sZW5ndGgpdGhyb3cgRXJyb3IoXCJbXCIrYy5tYXAoU3RyaW5nKS5qb2luKFwiLFwiKStcIl1cIik7dGhyb3cgRXJyb3IoU3RyaW5nKGQpKTt9Yj0oZD1hYSgpKT9kLmNyZWF0ZUhUTUwoYik6YjtyZXR1cm4gbmV3IHUoYixlYSl9fShsb2NhdGlvbik7aWYod2luZG93Lm5hbWUpdHJ5e3ZhciBCLHlhPXdpbmRvdy5uYW1lLEM9dWEuZXhlYyh5YSk7aWYobnVsbD09PUMpdGhyb3cgRXJyb3IoXCJDYW5ub3QgcGFyc2Ugc2VyaWFsaXplZCBkYXRhLiBcIit5YS5zdWJzdHJpbmcoMCw1MCkpO3ZhciBEPStDWzJdLEU9Q1szXTtpZihEPkUubGVuZ3RoKXRocm93IEVycm9yKFwiUGFyc2VkIGNvbnRlbnQgc2l6ZSBkb2Vzbid0IG1hdGNoLiBcIitEK1wiOlwiK0UubGVuZ3RoKTtCPXttOkNbMV0sY29udGVudDpFLnN1YnN0cigwLEQpLGw6RS5zdWJzdHIoRCl9O3ZhciBGPUpTT04ucGFyc2UoQi5sKTt3aW5kb3cubmFtZT1cIlwiO3ZhciBCYT1CLmNvbnRlbnQ7Ri5nb29nX3NhZmVmcmFtZV9obHQmJihmLmdvb2dfc2FmZWZyYW1lX2hsdD1GLmdvb2dfc2FmZWZyYW1lX2hsdCk7Ri5fY29udGV4dCYmKGYuQU1QX0NPTlRFWFRfREFUQT1GLl9jb250ZXh0KTtmLnNmXz17djpCLm0sY2ZnOkZ9O2RvY3VtZW50Lm9wZW4oXCJ0ZXh0L2h0bWxcIixcInJlcGxhY2VcIi&i=1-13&t=adltag_lr991qpl_4QUKRmqYqWg&r=656a82a1bdf95b3a7aa6d5417ca6000&c=saambaa-deseret&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
M.ok5eJYPe37d_ptPM7ewObNs3KwVG7K
date
Thu, 11 Jan 2024 11:44:52 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
23820
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Wed, 02 Aug 2023 16:01:21 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
NVJ3VFErquDqD2QrkOTpB3WCOe0mtKNWoKJSL3Dro3BwupqLht4JFQ==
place
saambaa-deseret-tagan.adlightning.com/ Frame D655 		0
446 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://saambaa-deseret-tagan.adlightning.com/place?p=1&d=k7dmFyIEc9eGEoQmEpO2RvY3VtZW50LndyaXRlKEcgaW5zdGFuY2VvZiB1JiZHLmNvbnN0cnVjdG9yPT09dT9HLmc6XCJ0eXBlX2Vycm9yOlNhZmVIdG1sXCIpO2RvY3VtZW50LmNsb3NlKCk7Zi5zZl8mJih3aW5kb3cubmFtZT1cIlwiKX1jYXRjaChhKXt2YXIgdj1hLEg7dHJ5e3ZhciBJPW5ldyB5O0kuZy5wdXNoKDEpO0kuaFsxXT16KFwiY29udGV4dFwiLDUwNyk7di5lcnJvciYmdi5tZXRhJiZ2LmlkfHwodj1uZXcgaGEpO2lmKHYubXNnKXt2YXIgQ2E9di5tc2cuc3Vic3RyaW5nKDAsNTEyKTtJLmcucHVzaCgyKTtJLmhbMl09eihcIm1zZ1wiLENhKX12YXIgRGE9W3YubWV0YXx8e31dO0kuZy5wdXNoKDMpO0kuaFszXT1EYTt2YXIgSj1mLEs9W10sTCxNPW51bGwsTjtkb3tOPUo7dmFyIFA7dHJ5e3ZhciBRO2lmKFE9ISFOJiZudWxsIT1OLmxvY2F0aW9uLmhyZWYpYjp7dHJ5e3coTi5mb28pO1E9ITA7YnJlYWsgYn1jYXRjaChiKXt9UT0hMX1QPVF9Y2F0Y2goYil7UD0hMX1QPyhMPU4ubG9jYXRpb24uaHJlZixNPU4uZG9jdW1lbnQmJk4uZG9jdW1lbnQucmVmZXJyZXJ8fG51bGwpOihMPU0sTT1udWxsKTtLLnB1c2gobmV3IG5hKEx8fFwiXCIpKTt0cnl7Sj1OLnBhcmVudH1jYXRjaChiKXtKPW51bGx9fXdoaWxlKEomJk4hPUopO2Zvcih2YXIgUj0wLEVhPUsubGVuZ3RoLTE7Ujw9RWE7KytSKUtbUl0uZGVwdGg9RWEtUjtOPWY7aWYoTi5sb2NhdGlvbiYmTi5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnMmJk4ubG9jYXRpb24uYW5jZXN0b3JPcmlnaW5zLmxlbmd0aD09Sy5sZW5ndGgtMSlmb3IodmFyIFM9MTtTPEsubGVuZ3RoOysrUyl7dmFyIFQ9S1tTXTtULnVybHx8KFQudXJsPU4ubG9jYXRpb24uYW5jZXN0b3JPcmlnaW5zW1MtMV18fFwiXCIsVC5qPSEwKX1mb3IodmFyIHg9bmV3IG5hKGYubG9jYXRpb24uaHJlZiwhMSksRmE9bnVsbCxVPUsubGVuZ3RoLTEsVj1VOzA8PVY7LS1WKXt2YXIgVz1LW1ZdOyFGYSYma2EudGVzdChXLnVybCkmJihGYT1XKTtpZihXLnVybCYmIVcuail7eD1XO2JyZWFrfX12YXIgbGE9bnVsbCxHYT1LLmxlbmd0aCYmS1tVXS51cmw7MCE9eC5kZXB0aCYmR2EmJihsYT1LW1VdKTtIPW5ldyBtYTtpZihILmgpe3ZhciBIYT1ILmgudXJsfHxcIlwiO0kuZy5wdXNoKDQpO0kuaFs0XT16KFwidG9wXCIsSGEpfXZhciBJYT17dXJsOkguZy51cmx8fFwiXCJ9LFg7aWYoSC5nLnVybCl7dmFyIFk7WT1ILmcudXJsLm1hdGNoKGlhKTt2YXIgSmE9WVsxXSxLYT1ZWzNdLExhPVlbNF0sWj1cIlwiO0phJiYoWis9SmErXCI6XCIpO0thJiYoWis9XCIvL1wiLForPUthLExhJiYoWis9XCI6XCIrTGEpKTtYPVp9ZWxzZSBYPVwiXCI7dmFyIE1hPVtJYSx7dXJsOlh9XTtJLmcucHVzaCg1KTtJLmhbNV09TWE7dGEoSSl9Y2F0Y2goYil7dHJ5e3RhKHtjb250ZXh0OlwiZWNtc2VyclwiLHJjdHg6NTA3LG1zZzpmYShiKSx1cmw6SCYmSC5nLnVybH0pfWNhdGNoKGMpe319fTt9KS5jYWxsKHRoaXMpO1xuICAgIDwvc2NyaXB0PjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly90YWdhbi5hZGxpZ2h0bmluZy5jb20vZGVzZXJldGRpZ2l0YWwvYmwtMjUwY2M3OS05OGViZTBiNS5qc1wiIHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj48L3NjcmlwdD48c2NyaXB0IHNyYz1cImh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL2Rlc2VyZXRkaWdpdGFsL2ItZTA5ZjEwZi02YmEyZGM1MS5qc1wiIHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj48L3NjcmlwdD48c2NyaXB0PnZhciBkPWRlY29kZVVSSUNvbXBvbmVudChcIiU3QiUyMnNpdGVJZCUyMiUzQSUyMmRlc2VyZXRkaWdpdGFsJTIyJTJDJTIyd3YlMjIlM0ElMjIxLjAuMCUyQmUwOWYxMGYlMjIlMkMlMjJibHYlMjIlM0ElMjJibC0yNTBjYzc5LTk4ZWJlMGI1JTIyJTJDJTIyYnYlMjIlM0ElMjJiLWUwOWYxMGYtNmJhMmRjNTElMjIlMkMlMjJ0b3BEb21haW4lMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5kZXNlcmV0LmNvbSUyMiUyQyUyMmN1cnJlbnRUYWdJZCUyMiUzQSUyMmFkbHRhZ19scjk5MXF2cl9JYmtOMTczRWlGbyUyMiUyQyUyMmF1JTIyJTNBJTIyJTJGMjI3ODQ0MDE0NzUlMkZyb24wMV8zMDB4MjUwX2Rlc2t0b3BfMCUyMiUyQyUyMnNsb3RFbGVtZW50SWQlMjIlM0ElMjJkaXYtZ3B0LWFkLXNhYW1iYWEzMDB4MjUweDEtMCUyMiUyQyUyMnJlZnJlc2hlc1JlbWFpbmluZyUyMiUzQTIlMkMlMjJibG9ja2VkQ291bnQlMjIlM0EwJTJDJTIyaGVhdnlBZFJlZnJlc2hlc1JlbWFpbmluZyUyMiUzQTIlMkMlMjJoZWF2eUFkQmxvY2tlZENvdW50JTIyJTNBMCUyQyUyMmFkU2VydmVyRGV0YWlscyUyMiUzQSU3QiUyMmFkdmVydGlzZXJJZCUyMiUzQSUyMjUzNjg4ODAzNjElMjIlMkMlMjJjYW1wYWlnbklkJTIyJTNBJTIyMzI3NDE0NzM0NSUyMiUyQyUyMmNyZWF0aXZlSWQlMjIlM0ElMjIxMzg0NTYyNjMyOTclMjIlMkMlMjJsaW5laXRlbUlkJTIyJTNBJTIyNjQyMjU0MTgxMiUyMiUyQyUyMmFkU2VydmVyJTIyJTNBJTIyZGZwJTIyJTdEJTJDJTIydyUyMiUzQTMwMCUyQyUyMmglMjIlM0EyNTAlMkMlMjJzYWZlRnJhbWVLZXklMjIlM0ElMjIzNjMwMzk5MCUyMiU3RFwiKTt3aW5kb3dbXCIyODI5ODM3NV9kZXNlcmV0ZGlnaXRhbFwiXT17fTt3aW5kb3dbXCIyODI5ODM3NV9kZXNlcmV0ZGlnaXRhbFwiXS50YWdEZXRhaWxzPUpTT04ucGFyc2UoZCk7d2luZG93LmJsb2NrZXIgJiYgYmxvY2tlcihcIjI4Mjk4Mzc1X2Rlc2VyZXRkaWdpdGFsXCIsIFwiPCEtLUFETF9XUkFQUEVELS0%2BXCIsIGZhbHNlLCB3aW5kb3csIHt9KTs8L3NjcmlwdD48c2NyaXB0IHNyYz1cImh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL3NhYW1iYWEtZGVzZXJldC9ibC0yNTBjYzc5LWJhZmY1YjQxLmpzXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly90YWdhbi5hZGxpZ2h0bmluZy5jb20vc2FhbWJhYS1kZXNlcmV0L2ItZDY0MzVhNC1lODA4MWM0OC5qc1wiIHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj48L3NjcmlwdD48c2NyaXB0PnZhciBkPWRlY29kZVVSSUNvbXBvbmVudChcIiU3QiUyMnNpdGVJZCUyMiUzQSUyMnNhYW1iYWEtZGVzZXJldCUyMiUyQyUyMnd2JTIyJTNBJTIyMS4wLjAlMkJkNjQzNWE0JTIyJTJDJTIyYmx2JTIyJTNBJTIyYmwtMjUwY2M3OS1iYWZmNWI0MSUyMiUyQyUyMmJ2JTIyJTNBJTIyYi1kNjQzNWE0LWU4MDgxYzQ4JTIyJTJDJTIydG9wRG9tYWluJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3d3cuZGVzZXJldC5jb20lMjIlMkMlMjJjdXJyZW50VGFnSWQlMjIlM0ElMjJhZGx0YWdfbHI5OTFxcGxfNFFVS1JtcVlxV2clMjIlMkMlMjJhdSUyMiUzQSUyMiUyRjIyNzg0NDAxNDc1JTJGcm9uMDFfMzAweDI1MF9kZXNrdG9wXzAlMjIlMkMlMjJzbG90RWxlbWVudElkJTIyJTNBJTIyZGl2LWdwdC1hZC1zYWFtYmFhMzAweDI1MHgxLTAlMjIlMkMlMjJyZWZyZXNoZXNSZW1haW5pbmclMjIlM0EyJTJDJTIyYmxvY2tlZENvdW50JTIyJTNBMCUyQyUyMmhlYXZ5QWRSZWZyZXNoZXNSZW1haW5pbmclMjIlM0EyJTJDJTIyaGVhdnlBZEJsb2NrZWRDb3VudCUyMiUzQTAlMkMlMjJlbXB0eVNsb3RSZWZyZXNoUmVtYWluaW5nJTIyJTNBMiUyQyUyMmVtcHR5U2xvdENvdW50JTIyJTNBMCUyQyUyMlZWU2xvdFJlZnJlc2hSZW1haW5pbmclMjIlM0EyJTJDJTIyVlZTbG90Q291bnQlMjIlM0EwJTJDJTIyQURMSGVhdnlBZFJlZnJlc2hlc1JlbWFpbmluZyUyMiUzQTIlMkMlMjJBRExIZWF2eUFkQmxvY2tlZENvdW50JTIyJTNBMCUyQyUyMmFkU2VydmVyRGV0YWlscyUyMiUzQSU3QiUyMmFkdmVydGlzZXJJZCUyMiUzQSUyMjUzNjg4ODAzNjElMjIlMkMlMjJjYW1wYWlnbklkJTIyJTNBJTIyMzI3NDE0NzM0NSUyMiUyQyUyMmNyZWF0aXZlSWQlMjIlM0ElMjIxMzg0NTYyNjMyOTclMjIlMkMlMjJsaW5laXRlbUlkJTIyJTNBJTIyNjQyMjU0MTgxMiUyMiUyQyUyMmFkU2VydmVyJTIyJTNBJTIyZGZwJTIyJTdEJTJDJTIydyUyMiUzQTMwMCUyQyUyMmglMjIlM0EyNTAlMkMlMjJzYWZlRnJhbWVLZXklMjIlM0ElMjI3NTgxNDU3OSUyMiU3RFwiKTt3aW5kb3dbXCI5Nzc3NjI0OV9zYWFtYmFhLWRlc2VyZXRcIl09e307d2luZG93W1wiOTc3NzYyNDlfc2FhbWJhYS1kZXNlcmV0XCJdLnRhZ0RldGFpbHM9SlNPTi5wYXJzZShkKTt3aW5kb3cuYmxvY2tlciAmJiBibG9ja2VyKFwiOTc3NzYyNDlfc2FhbWJhYS1kZXNlcmV0XCIsIFwiPCEtLUFETF9XUkFQUEVELS0%2BXCIsIGZhbHNlLCB3aW5kb3csIHt9KTs8L3NjcmlwdD48c2NyaXB0PnZhciBqc2NWZXJzaW9uID0gJ3IyMDI0MDEwOSc7PC9zY3JpcHQ%2BPHNjcmlwdD52YXIgZ29vZ2xlX2Nhc209W107PC9zY3JpcHQ%2BPG1ldGEgaHR0cC1lcXVpdj1cIm9yaWdpbi10cmlhbFwiIGNvbnRlbnQ9XCJBM3ZLVDl5eFJQam1YTjNEcElpejU4ZjVKeWtjV0hqVW8vVzdodm10amdoOWpQcFFnZW05VmJBRGlOb3ZHOE5rTzZtUm1rNzBLZXg4L0tVcUFZV1ZXQUVBQUFDTGV5SnZjbWxuYVc0aU9pSm9kSFJ3Y3pvdkwyZHZiMmRzWlhONWJtUnBZMkYwYVc5dUxtTnZiVG8wTkRNaUxDSm1aV0YwZFhKbElqb2lVSEpwZG1GamVWTmhibVJpYjNoQlpITkJVRWx6SWl3aVpYaHdhWEo1SWpveE5qazFNVFkzT1RrNUxDSnBjMU4xWW1SdmJXRnBiaUk2ZEhKMVpTd2lhWE5VYUdseVpGQmhjblI1SWpwMGNuVmxmUT09XCI%2BPG1ldGEgaHR0cC1lcXVpdj1cIm9yaWdpbi10cmlhbFwiIGNvbnRlbnQ9XCJBN0NRWGdsWnpUclRoakdUQkVuMXJXVHhIT0V0a1dpdnd6Z2VhK05qeWFyZHJ3bGllU2pWdXlHNDRQa1lnSVBHczhROXN2RDhzRjNZZWRuMEJCQmpYQWtBQUFDRmV5SnZjbWxuYVc0aU9pSm9kSFJ3Y3pvdkwyUnZkV0pzWldOc2FXTnJMbTVsZERvME5ETWlMQ0ptWldGMGRYSmxJam9pVUhKcGRtRmplVk5oYm1SaWIzaEJaSE5CVUVseklpd2laWGh3YVhKNUlqb3hOamsxTVRZM09UazVMQ0pwYzFOMVltUnZiV0ZwYmlJNmRISjFaU3dpYVhOVWFHbHlaRkJoY25SNUlqcDBjblZsZlE9PVwiPjwvaGVhZD48Ym9keSBsZWZ0bWFyZ2luPVwiMFwiIHRvcG1hcmdpbj1cIjBcIiBtYXJnaW53aWR0aD1cIjBcIiBtYXJnaW5oZWlnaHQ9XCIwXCIgY2xhc3M9XCJqYXJcIj48ZGl2IGNsYXNzPVwiR29vZ2xlQWN0aXZlVmlld0lubmVyQ29udGFpbmVyXCIgc3R5bGU9XCJsZWZ0OjBweDt0b3A6MHB4O3dpZHRoOjEwMCU7aGVpZ2h0OjEwMCU7cG9zaXRpb246Zml4ZWQ7cG9pbnRlci1ldmVudHM6bm9uZTt6LWluZGV4Oi05OTk5O1wiPjwvZGl2PjxkaXYgc3R5bGU9XCJkaXNwbGF5OmlubGluZVwiIGNsYXNzPVwiR29vZ2xlQWN0aXZlVmlld0VsZW1lbnRcIiBkYXRhLWdvb2dsZS1hdi1jeG49XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3Bjcy9hY3RpdmV2aWV3P3hhaT1BS0FPanNzUjhOVTc0QThjYkxZX3NnczhUNllLcGdMY2ZPbnVmVm1oN1pOa2pGcHZhbThEcXFNaTVIZ0JEeFpIWEpDc3B5TjRmem44clJSTlhzM3ZFRDlacU5Pa0JIU2dPOHN1UEdMa3JOdFFqVm9SQ3UwZWFQTWQtZjRRLU5CdGQzdkQwbm44MDB6RWZlR1ZtcDE2cjYzZG52T1k1dExwJmFtcDtzYWk9QU1mbC1ZVEZqcGloMjlRR0ZucFRMM2drWWRXR2ptRS03NWdneGt0aXJnVUNVWWNTeG5OVUhiMlFiV0Z4c2hQSEZxQlhFZjZhT20xMEd4VEhleWN6aS1DdmUxYVRuZjZxOVA2eUtldWZTNVZUZWpYMGNsUmlTeVMyOG1yVXh5ZyZhbXA7c2lnPUNnMEFyS0pTek14SlBYQjdTV1h6RUFFJmFtcDtjaWQ9Q0FRU093QXZIaGZfUTFJV1QyWXhLbUthdTFRQUpIdUxmX1dtSFgwaUtTbFNvUWowWC1MbnRIT3NXM0hyUC12OTdmREJuU3hvNmVSX0hPZHQ4b1d2R0FFXCIgZGF0YS1nb29nbGUtYXYtYWRrPVwiMTM2NjQzODI5MVwiIGRhdGEtZ29vZ2xlLWF2LW1ldGFkYXRhPVwibGE9MCZhbXA7eGRpPTAmYW1wO1wiIGRhdGEtZ29vZ2xlLWF2LXVmcy1pbnRlZ3JhdG9yLW1ldGFkYXRhPVwiQ3BNQkNsdHRiMlJsYkY5d1pYSnpiMjVmWTI5MWJuUnllVjlqYjJSbFgwUkZYM0JsY25OdmJsOXlaV2RwYjI1&i=2-13&t=adltag_lr991qpl_4QUKRmqYqWg&r=656a82a1bdf95b3a7aa6d5417ca6000&c=saambaa-deseret&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
M.ok5eJYPe37d_ptPM7ewObNs3KwVG7K
date
Thu, 11 Jan 2024 11:44:52 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
23820
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Wed, 02 Aug 2023 16:01:21 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
TLAz_U6BxpU7r2aOvJIk2hHIMIwayOf7ThUzTRAWCta6e_sp7EPthg==
place
saambaa-deseret-tagan.adlightning.com/ Frame D655 		0
447 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://saambaa-deseret-tagan.adlightning.com/place?p=1&d=ZlkyOWtaVjgwWlRabU56STJORGN5TmpnMk5UWTVObVV5WkRVM05qVTNNemMwTmpZMk1UWmpOalUyWlM1cWMyOXVFaHBEU21wVUxUWmxOVEZaVFVSR1ZUTkpkWGRuWkZWME9FZHJaeGdCSWhZSTVCRVFpNTRCSUl1ZUFTZ0NNQUk0QVYzTnpNdy1FdUFEQ3RVRGFIUjBjSE02THk5d1lXZGxZV1F5TG1kdmIyZHNaWE41Ym1ScFkyRjBhVzl1TG1OdmJTOXdZM012WVdOMGFYWmxkbWxsZHo5NFlXazlRVXRCVDJwemMxSTRUbFUzTkVFNFkySk1XVjl6WjNNNFZEWlpTM0JuVEdObVQyNTFabFp0YURkYVRtdHFSbkIyWVcwNFJIRnhUV2sxU0dkQ1JIaGFTRmhLUTNOd2VVNDBabnB1T0hKU1VrNVljek4yUlVRNVduRk9UMnRDU0ZOblR6aHpkVkJIVEd0eVRuUlJhbFp2VWtOMU1HVmhVRTFrTFdZMFVTMU9RblJrTTNaRU1HNXVPREF3ZWtWbVpVZFdiWEF4Tm5JMk0yUnVkazlaTlhSTWNDWnpZV2s5UVUxbWJDMVpWRVpxY0dsb01qbFJSMFp1Y0ZSTU0yZHJXV1JYUjJwdFJTMDNOV2RuZUd0MGFYSm5WVU5WV1dOVGVHNU9WVWhpTWxGaVYwWjRjMmhRU0VaeFFsaEZaalpoVDIweE1FZDRWRWhsZVdONmFTMURkbVV4WVZSdVpqWnhPVkEyZVV0bGRXWlROVlpVWldwWU1HTnNVbWxUZVZNeU9HMXlWWGg1WnlaemFXYzlRMmN3UVhKTFNsTjZUWGhLVUZoQ04xTlhXSHBGUVVVbVkybGtQVU5CVVZOUGQwRjJTR2htWDFFeFNWZFVNbGw0UzIxTFlYVXhVVUZLU0hWTVpsOVhiVWhZTUdsTFUyeFRiMUZxTUZndFRHNTBTRTl6VnpOSWNsQXRkamszWmtSQ2JsTjRielpsVWw5SVQyUjBPRzlYZGtkQlJSSUFHZ0FnQVNnQVwiIGRhdGEtZ29vZ2xlLWF2LW92ZXJyaWRlPVwiLTFcIiBkYXRhLWdvb2dsZS1hdi1kbT1cIjJcIiBkYXRhLWdvb2dsZS1hdi1haWQ9XCIwXCIgZGF0YS1nb29nbGUtYXYtbmFpZD1cIjFcIiBkYXRhLWdvb2dsZS1hdi1zbGlmdD1cIlwiIGRhdGEtZ29vZ2xlLWF2LWNwbWF2PVwiXCIgZGF0YS1nb29nbGUtYXYtYnRyPVwiXCIgZGF0YS1nb29nbGUtYXYtaXRwbD1cIjIwXCIgZGF0YS1nb29nbGUtYXYtcnM9XCI0XCIgZGF0YS1nb29nbGUtYXYtZmxhZ3M9XCJbJnF1b3Q7eCUyNzg0NDAnOWVmb3RtKCZhbXA7NzUzMzc0JTJiZWp2Zi8lMjc4NDQ%2BJzl3dXZiJCZhbXA7NTY1MzM%2BIT18dnFjKSEyNzM3OTQmYW1wOzxxcXZiLyU8MTczNTAyMCE9bmVodWAvITM2ND01MDUxITlhYmt7YSgkMTYwMjEwOjMmYW1wOzxjYm90ZisqMDE1MDAzNDolMmJlanZmLyU3MjsxNzYxMyE9ZWZkd2EqJzc2NDYzOzIxJD9lYmtwYiQmYW1wOzAzNjY3MTc%2BKj5iZ2lwZishMz03MTIzNjMlOWFpaHdjKSE3MjAyPDIxNyc5ZWZvdG0oJmFtcDsyMDA2MTs0OCZhbXA7PmBkb3BiLyU8MTcwNzIwMCE9OCgmYW1wOzIwMDU1NzU%2FJmFtcDs%2BYGRvcGIvJTwxNzA2NDI%2FIT18dnFjKSE3MjAxOz01MCc5d3V2YiQmYW1wOzAzNjQxNjU0Kj5iZ2lwZishMz03MzExMDMlOWFpaHdjKSE3MjAwPzA3Myc5ZWZvdG0oJmFtcDsyMDA0PzUxOyZhbXA7PmBkb3BiLyU8MTc%2BNDc0PiE9bmVodWAvITM2NDA2NDEyITlhYmt7YSgkMTY3NzQ1Oz0mYW1wOzxjYm90ZisqMDEyNTQxMzMlMmJlanZmLyU3Mjw0MzQxMiE9ZWZkd2EqJzc2MzEzOzI3JD93cXJmKyowMTI3NDA3OyUyYmVqdmYvJTcyPDY8MTA0IT1lZmR3YSonNzYzMDc4NjMkP2Via3BiJCZhbXA7MDMxMDMxOzUqPmJnaXBmKyEzPTI1NzwwNCU5YWlod2N4JnF1b3Q7XVwiIGRhdGEtY3JlYXRpdmUtbG9hZC1saXN0ZW5lcj1cIlwiPjxkaXYgc3R5bGU9XCJwb3NpdGlvbjogYWJzb2x1dGU7IGxlZnQ6IDBweDsgdG9wOiAwcHg7IHZpc2liaWxpdHk6IGhpZGRlbjtcIj48aW1nIHNyYz1cImh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2dlbl8yMDQ%2FaWQ9eGJpZCZhbXA7ZGJtX2I9QUtBbWYtRFRUNlZyM3VCQWJseWNnUHVWbThXMkprVnJDZlVQX3N5VU5LQ29KZ3RWWWhFYjM5bnJBZ0lLZFRZeUZpUFBfczJoOWg4M3BzQWlDaFdPSHUtbi1UVU5LYlZZU2JOamhGZDJqNTB0ekFsTzNSMHRCR3NcIiBib3JkZXI9XCIwXCIgd2lkdGg9XCIxXCIgaGVpZ2h0PVwiMVwiIGFsdD1cIlwiIHN0eWxlPVwiZGlzcGxheTpub25lXCI%2BPC9kaXY%2BPGlmcmFtZSB0aXRsZT1cIkJsYW5rXCIgc3JjPVwiaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQveGJiZS9waXhlbD9kPUNMZmk5UUlRMFlYajh3RVk1ci01Z0FJd0FRJmFtcDt2PUFQRXVjTldWTjhGd29IU0poZVRoUXhGME9VbURaaFBfVmJHeFVfUWZ4RDJob21JcTM3RjFKU2xkT0x4ZC1SVjhkeUJsMVFHM1EyeEMtZWUzd3h3UDB4eVBMZjVQakpwOERxaHhoTUlZRzNKcS1DQkxwRThEeGhyS25EV2JqdTJFcm91cVl6WmEyOENSREtCUEhfSFMzakkwOUFIcVdsU3R3a1Y5R0Z2TGlrQURJbTJxRFE1TUF0Z1wiIHN0eWxlPVwiZGlzcGxheTpub25lXCIgYXJpYS1oaWRkZW49XCJ0cnVlXCI%2BPC9pZnJhbWU%2BPGRpdj48ZGl2IHN0eWxlPVwicG9zaXRpb246YWJzb2x1dGU7XCI%2BPHNjcmlwdD4oZnVuY3Rpb24oKSB7dmFyIHUgPSAnaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvZGJtL2FkP2RibV9jPUFLQW1mLUN5RUpWWDY2TXg0Yk9Yd2dLMFpuTzdzdTJRX3dHQThsdDNuaWVoSjRZWXNjRF9pempQZUVMTHJWcVliMFFKUm1UWEw3X0ZiUU9NTTRSa0t2aEZzQlBZUXkwcUhxUlFtbEJyS1J6My1sM1pQVUd1ZVpmQmlRWjdtYVJTVVhacGw4WEIwQ19URjdSUHNaXy0tYTJmQWFMVlRTTWtqX0h6M2c0dVd0Y0ZfWS14ZUNhWGpYNCZkYm1fZD1BS0FtZi1CemZUTkkzeFpuNXdFNDdBN2hBNEtLZmNkYUZreDVXejRHS2Zsazlwd3Y5azR6a1JtYzNabkk2QUh3SjlGMzc4bHBxdGY1Ukx1WWhZMWZ1QTJzNGhabXQ5U0ZaMTQwT1hRUEp5VTU4bVQ2RmRoSWZEamJWZFhjcEFqYzk3OHliaTBDaUVrSXNTWUphdWpBZ2NlUUl6bzlPR2lMUEp3WWhRdk1pQklNS29RU3IxS0pDemYyeENjNTZKUDRoanVHQjkzYWZhTzlLZzZ6aGlKV3k0eUZIeG44ZzR6bGIySDM2dmtWVDl1TFJoZUdkSWY0MTFxVnN3Y3ZnZUhmNzZjdXhFRnV2eFFzeURRbFEwRDd3bnRSR3VxcTh6Z0w1N1U2YVQ4dE1xX3Ftd1JyeWVPeEFkbl9kME4wemhsSEpUWkJ3N25OWmJTN0JnYzdMUC1BRTkzV1doSjVUMG16c29WNGNrNTIyeE9uencwdzBac0RnaUlsNUozQUNaRko5Tllwd3VTMVRrSEVYeURpdE52YWNzcUhkWTNjWnFwa1d0LVBrMzJyZ2trVU9XQlk4a1JVcXczeXZXWU9FMTBBaFJRSERIcjlmSmhIVjR6MU9MeWRaME95TUZNT2otNWNXNW0tUWtRVkpDbldnME9qNThXTnBONEt0ZXpqOTVqOHZGOVRyU28weDFrcGpJWnlPcU5mdUsyWTJCSHItaGgxMWNJSGpJdjQzeEhLVFVRMEJBUzROS1FBc0s0bTUzVkE3bVU1b2lmSjZlZnNPYWdHUjM4REJpUzJKRUhraUgteHNaZGh6WUtRT05QYWdOSVpIRGxFYnZPVVBfZUgwaXlCdkRLSjFESFBNOFVSWVNwNE9xNXBzc2I1OEpNRVBkT0VBX1FyYnFwbFZ6Nk1DcUVWTXd2Vzl3M1lTYkdyZkRCSEVlOGFXSUNxN1pTa2RqUURJV0g3R0pvcWVIeG5KaGZ2eFNUOUhiaTAyLWkyUGtlcHQxaGhKUm1pcHc1Vm5OWWx0bUgzcGhWZDZSLXZIUHhFN3dMbXlMUVZLSDNLb3RPWTJYcjdCOHhoMHJaWDl3eXAwTWFHdzY1WjBhN0tyc1lDNUlmcjdOODVkSXNLTlI3Y25VQzVURWZZZ2ZwaktlSTRFeS1IRGtja1lmVDA5aGpIcnZ6WnNLbTg5UnAtR0t6QXkzZ1NBQ1BmOG1veVF2ZTBCOFFTSVdaWTdrZ2Rqb1YxY1YzV3F3ZTBQMy13S0VwUXpVNGZyOEhoY2ltUDhVTVBsZGQwNVBieTljVHE2YnNyMmRsRUw2SVlLZHV6ZEJZMERQUDJTaG53TFlRemYwekNtTmV6SHVOcmZvZlpselYtYWl1eTlzUGQzcFExT0FIdkUtYlBBU0RWUno4Wi1DRTZpOGlIdDlRM1JsSE1NcnFMbFl4U1lqTkhhMmo5LWg0LThRVWpqXzZkclIwVDd3VFZFLTFLYTdiaDMtd3ktWEV0bXU2elJqbU9yclI1YTExclFkTTNXbWwtZU1RNlhZOVpXMm9VMk1rei1xSG5jODdFSmptTzBnSWNfZVhwY01LZVNYbEhOclo1WHhFSFNNdlhZTnlFbEFvMjhjd3ZFWkJfNGQwcXNfNVdPcjBvZkczeUpFamU4MEhTRDdmd2NEeEM0aEgzZ3lzbkJ3dzdYS0V3Sy12T2E1ck9kNXowWWFYUzlCNDZ4bDRtdzBpTUgwb1ZXOXNCQXZFUVh3XzJpenRORVo2Vnh2Q1N5VTRQTHM4QWZFcjhaYTBCWWRnc3NGOHRXLXNTLTZoSnBPU3NqMkpzLUlIYUhTMDRMSG1XRVZPQlk0aFRFZFF2cUUzZGtPaEtWWjlwSWNpLXVKZm1VTF9aWl9SMm5OOUNBWjVMZDdRSENYZzNzckxybTBULTVYcDhkVmZjU29hM2ZTLXpyS1U5c19OSGFrRmNzNGVkTXo0clFLMXRhV1BLbWJzazcwc2lFSl9oZEdFcWJGcndFeFBhSXg0NDhXbk42bmNxV0VBZm1JLWxmTERmSTJydlhyRXhpNk5na1I2dTdYeGRSNmMtb2liVm8wU1JyTXJlcEhQSE5kd3FrejBkVWxwQ2p4SzRGSUpLd1V2eXdaYTlrTi0zRnBodlFtN0VXWEhZcWREOF9samRaSEY1eEJyOU0xdGhPUFV3bDZZU0x1cTV1MUp6YTd2YVJORTF1ck9OT1V2UmQyZUlCbjhCamtFUDhhR1QyTEc0S0lDUTZuLXIxU1dFTERDZXdWSWtRSTZ3dEpmVHhXSlBwVTROdWhMVE44ekd6cXNaN1JBY3V4WU1sOGJpb3ZuaVc5bi1Vd2VCMWRTNW1xd1V3M2N4TGNRcm42VEdTbWs1WXRyUDdOMFZtc18yZ3FQNHU0QWt4SVozT3ZDVmx0STBMdXVxTGlvaG00cjhHUGRPaTBZM3NmaDNqM1J5Sk5xXzNlMnUtbjN1R09SYlA5WUdCOEYzODNHSktnUG1NeGdKWmU2dXBPWnoxNzVhVE45WnRjb2kyQlRUNVFSSzFHRUY5N0UwWmc5R2N5REdpUXRwTl90bHRyVXlOVG1xY3VnRmp1X3VIakI3Z1ZHUjR2Z2JOZ3doR2o3bUN2WjB6Z2N0c3VIOGsyYk85TzZsOTR1WVN2WjM0ZHNHZjNueGFiRGs4MGJRMWJ5RHNmbTAtQmZpVUJqUDBIa3ZvVmoxdWZhQng5eEdzcHRHdTZlRGtyNGQ4Q2xobWRMc2tSeGZXaFAzV0x3bEljV3RqV0MtdVZMUHBKdzE5RU5HZGVZNG5mXy1BWVNBeFFKRldyai1WZVRGSlVtakRYZ1dadEdFVlFjWlllM2kxR05ZTmVpRUlxSW54Ti13LXJ5OVZlTEtJOWQyT0h2M0U0VVVWa2h4T3BuNUJEM1dfTWEzVlRxMTRDTHlBMTlYdldkS21nUUpkUmZYczc2a3pOeEc2d0NveV9leGRtR01KRzVQTW5MZ3ZMUXI2VS1sX1BRaWNtdEQxUmFvSTVpbkFaeXJuSTloekQ0N3RPLVFENjFIMFJGVU8wX1FPaHdQSlNtMUdqN1JzZi1BVHVtNzc1TW8wMDh3NldqR1k5d1E3V3lweXB6eDNBZnR1LWtKaTZyU0htY3VSc3NUTzRiVVB4ZjlDaEtKaVRsR2pnYXNoNmJzMGR2ZGZiQXVlNFpjeGdTcDVfYlRNSUdhZGpKcks4NlBVSEJqekxCZTFUSEhOcXFtLS1QVnM1ZVFIQ3BEaXZLUWlHV3ZfX1ItUzFocWQ4WklfQlptdEhwZk02MHFhTExsVEl5Wm95VTcybnlnWTVDbkJNaHM4LXhQYUI2czN6NlI3OW5DOVhvdHVEenV5a3Z4S3NjZHBzNEg1alVBWk93dkVJMzA0aWxoQkJ5QmFZaERlRWdIUkNkSWNFVkZfTWtRbVRhc0xZUGM1WUtYM0Vua0RzN2lpcU5tTWcyLXByZldtNFBveG1YY0xqNEEzbzVPSjduQjhhM05GYkVLLTY5R01FUzZHSVZzRGFGbFdlelNZWFJJTUo1aXFZaU84eXc2bFl4TERfMnhQZXhWdDFBVk1JY0VPbllBTUZoa2oyaEUyRzl3ZFhaTm9NRTlmMGJsOWlTSlF0SERnVXdtMDB1M0E0ajZTWkhFUmF1YnlSV0N6alZqdmFFSkJtbUhCVmZIQjBsT2lST3lmMFhWRDduak96c1F4Rm1HNHk3ckREa0VReEE4WVlyUlFXX3E4emI4SzB2NE9ZZVpMczFKN0VxeGVrR0R4dm84NWZYdVJEQ0NhZ0dvTW5ZVkxMM19ydWlWemsySDJUOWQ4NE5TcUpndzFQZkMtTl9Yc1ZUUjh0QVJsUF9obFFsZHpyR1NUaUFFUTJqNHlRNmFmRFMxTVh4Wnh4VDlxOVg5YTBCMXl5MXFCNlo2ZWVBa3pxcXFQdVFjcWNSWDY0dG1tSzRmczloeDROeU82VjR4U3g1cXZqRERmYU5xOFJrblk2TGNtbm00cnowS0lYTUJGVkJEWW5Ed2RnNERYSUtOcFlXbWpkTVZwenhhUHhGRkZtUzd0UjFDUEt0V1A4czBKT29XUzhlR1hiaTNWX0taRXpzQlhBS1ZpTnZBdHhaSHExb013MVdOdGFlZ3dvbjFDaDRtWFVJczVCQUFNckVmcVBtR0pVeTJKWUlzN2xjQndqa2piQ09LZDVxN0c4X2hfdnBPVnpsLVNBQVJIc2NEc1Z4cUJuMzUydVlnb1dWRWxjTXRteXhxTGlGWkhKY3ZSeTFheldsRmZRWUJYQlNTaXM0QjVNN1EyZXFBekVUWXE0SzQ0WF9ZTmxjLTZqWTZvNlRYY0s2aF&i=3-13&t=adltag_lr991qpl_4QUKRmqYqWg&r=656a82a1bdf95b3a7aa6d5417ca6000&c=saambaa-deseret&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
M.ok5eJYPe37d_ptPM7ewObNs3KwVG7K
date
Thu, 11 Jan 2024 11:44:52 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
23820
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Wed, 02 Aug 2023 16:01:21 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
P9mKrnRzkI2WbWP_vrnhl7quowiBuNIqWcPywYXcvfHjNEb8KzumCQ==
place
saambaa-deseret-tagan.adlightning.com/ Frame D655 		0
445 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://saambaa-deseret-tagan.adlightning.com/place?p=1&d=ROUHh5VjhIRTZFSk1FUEpLb09GYjlxMmdNZkZYNkVkdWlaaFhNX2w1M3NkVnZVd2VXcngtcWtoWGk3cVFBTzBGSE1zR3FBSExrODlxYVZnNzA2TzNWVDIycnZ2RFE1N2JtQWF0ak04Q1ZEMUZiTnlNcWRxUm5rQmhSV25fSU01WkthVHN5Rmk5QVpxMFBHanFTRlBqWk1tYXpsYUtaUTlpdXUxcVpZay1NOV9PRHpyLXRmcFRjVWowVkNocTVzZ015eV9WTFIwT1U4YVI1ODNiRjhNN1FvQVVaMTFGNWtTbFNrekxxYzZNajYtR1c0WmZ4YmNCb2xWRmVUblRYUnpOY21Ub3Z5bjFZT25TdjJzd1JjZzd0RzVvWUdGZnViWDRudTA2T1hKSGZtampNdGVYZjl5ZTBzQ0NTbVRHWmtFME5rR2JEX2VhNjAzd0g1NHBkUHY5c19GTzQ1UEhMMU5hdXBTbnBwYVJKSWJpYTdCeUV2N1BiNDlfbkNaeEFPYzZlZXZZbzktek5ZSm1YRk9zZW14V05kWkxFZDluUUNrdXNJdTh5SE5qQ1hncERfWTNjQnpQeVpqcC1TY0Q2QzB4bnh2SzFHRklaeThhRHFBd0RmRGMtNk15U3hHVGd5b1dzTEhjOHE3SUluR25kVm1PTXFPaDJhOXJrV2lncldKM0YyLUdBSmFNYTdYa0FNMFdwSGVPdDM4RW1VdUpKb09ETFdjbGJkWlk5R3c5c0dlZG5pUzczbWw2bWJ0d0xoMjN2aGhnWExLdWJub1dQMmt2bS11dHNtQ0xlaFcxejhVNVRHb2FnZkVaSGhreThocVF2allRVnlCU3o4RjlzQm94eEVGdm1YaGd6U3BUdU9HYzR0RU0zckQzam1DMTR0azZXUDBYNjlITjNDd3p2djdxT2JIY0hTREs5MXJsQldKcW03X1NyVEV5RW91Sm10cHpFWUtmWUdvZGREVUlwSFAzMlB5TDI0cXNWM3NickhMRDZ2Nll2TmVNLVRaNjZDRUk2WThrQ0U5YXF2aVZDZ0tyWk1DWEppU3ZuQmN4Ry00THNMV3A2Uy1YaGl6Ul9rdGI5NTF3TW9HV29jJmNpZD1DQVFTT3dBdkhoZl9RMUlXVDJZeEttS2F1MVFBSkh1TGZfV21IWDBpS1NsU29RajBYLUxudEhPc1czSHJQLXY5N2ZEQm5TeG82ZVJfSE9kdDhvV3ZHQUUnO3dpbmRvdy5kdjNVdHcgPSB7dTogdSx3OiBmdW5jdGlvbigpIHtkb2N1bWVudC53cml0ZSgnPHNjcmlwdCBzcmM9XCInICsgdSArICcmZmxiPTFcIj48L3MnICsgJ2NyaXB0PicpO319O30pKCk7PC9zY3JpcHQ%2BPHNjcmlwdCBzcmM9XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9qcy9kdjMuanNcIiBkYXRhLWR2My1jcmVhdGl2ZS1mZXRjaD1cImh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L2RibS9hZD9kYm1fYz1BS0FtZi1DeUVKVlg2Nk14NGJPWHdnSzBabk83c3UyUV93R0E4bHQzbmllaEo0WVlzY0RfaXpqUGVFTExyVnFZYjBRSlJtVFhMN19GYlFPTU00UmtLdmhGc0JQWVF5MHFIcVJRbWxCcktSejMtbDNaUFVHdWVaZkJpUVo3bWFSU1VYWnBsOFhCMENfVEY3UlBzWl8tLWEyZkFhTFZUU01ral9IejNnNHVXdGNGX1kteGVDYVhqWDQmYW1wO2RibV9kPUFLQW1mLUJ6ZlROSTN4Wm41d0U0N0E3aEE0S0tmY2RhRmt4NVd6NEdLZmxrOXB3djlrNHprUm1jM1puSTZBSHdKOUYzNzhscHF0ZjVSTHVZaFkxZnVBMnM0aFptdDlTRloxNDBPWFFQSnlVNThtVDZGZGhJZkRqYlZkWGNwQWpjOTc4eWJpMENpRWtJc1NZSmF1akFnY2VRSXpvOU9HaUxQSndZaFF2TWlCSU1Lb1FTcjFLSkN6ZjJ4Q2M1NkpQNGhqdUdCOTNhZmFPOUtnNnpoaUpXeTR5Rkh4bjhnNHpsYjJIMzZ2a1ZUOXVMUmhlR2RJZjQxMXFWc3djdmdlSGY3NmN1eEVGdXZ4UXN5RFFsUTBEN3dudFJHdXFxOHpnTDU3VTZhVDh0TXFfcW13UnJ5ZU94QWRuX2QwTjB6aGxISlRaQnc3bk5aYlM3QmdjN0xQLUFFOTNXV2hKNVQwbXpzb1Y0Y2s1MjJ4T256dzB3MFpzRGdpSWw1SjNBQ1pGSjlOWXB3dVMxVGtIRVh5RGl0TnZhY3NxSGRZM2NacXBrV3QtUGszMnJna2tVT1dCWThrUlVxdzN5dldZT0UxMEFoUlFIREhyOWZKaEhWNHoxT0x5ZFowT3lNRk1Pai01Y1c1bS1Ra1FWSkNuV2cwT2o1OFdOcE40S3Rlemo5NWo4dkY5VHJTbzB4MWtwaklaeU9xTmZ1SzJZMkJIci1oaDExY0lIakl2NDN4SEtUVVEwQkFTNE5LUUFzSzRtNTNWQTdtVTVvaWZKNmVmc09hZ0dSMzhEQmlTMkpFSGtpSC14c1pkaHpZS1FPTlBhZ05JWkhEbEVidk9VUF9lSDBpeUJ2REtKMURIUE04VVJZU3A0T3E1cHNzYjU4Sk1FUGRPRUFfUXJicXBsVno2TUNxRVZNd3ZXOXczWVNiR3JmREJIRWU4YVdJQ3E3WlNrZGpRRElXSDdHSm9xZUh4bkpoZnZ4U1Q5SGJpMDItaTJQa2VwdDFoaEpSbWlwdzVWbk5ZbHRtSDNwaFZkNlItdkhQeEU3d0xteUxRVktIM0tvdE9ZMlhyN0I4eGgwclpYOXd5cDBNYUd3NjVaMGE3S3JzWUM1SWZyN044NWRJc0tOUjdjblVDNVRFZllnZnBqS2VJNEV5LUhEa2NrWWZUMDloakhydnpac0ttODlScC1HS3pBeTNnU0FDUGY4bW95UXZlMEI4UVNJV1pZN2tnZGpvVjFjVjNXcXdlMFAzLXdLRXBRelU0ZnI4SGhjaW1QOFVNUGxkZDA1UGJ5OWNUcTZic3IyZGxFTDZJWUtkdXpkQlkwRFBQMlNobndMWVF6ZjB6Q21OZXpIdU5yZm9mWmx6Vi1haXV5OXNQZDNwUTFPQUh2RS1iUEFTRFZSejhaLUNFNmk4aUh0OVEzUmxITU1ycUxsWXhTWWpOSGEyajktaDQtOFFVampfNmRyUjBUN3dUVkUtMUthN2JoMy13eS1YRXRtdTZ6UmptT3JyUjVhMTFyUWRNM1dtbC1lTVE2WFk5Wlcyb1UyTWt6LXFIbmM4N0VKam1PMGdJY19lWHBjTUtlU1hsSE5yWjVYeEVIU012WFlOeUVsQW8yOGN3dkVaQl80ZDBxc181V09yMG9mRzN5SkVqZTgwSFNEN2Z3Y0R4QzRoSDNneXNuQnd3N1hLRXdLLXZPYTVyT2Q1ejBZYVhTOUI0NnhsNG13MGlNSDBvVlc5c0JBdkVRWHdfMml6dE5FWjZWeHZDU3lVNFBMczhBZkVyOFphMEJZZGdzc0Y4dFctc1MtNmhKcE9Tc2oySnMtSUhhSFMwNExIbVdFVk9CWTRoVEVkUXZxRTNka09oS1ZaOXBJY2ktdUpmbVVMX1paX1Iybk45Q0FaNUxkN1FIQ1hnM3NyTHJtMFQtNVhwOGRWZmNTb2EzZlMtenJLVTlzX05IYWtGY3M0ZWRNejRyUUsxdGFXUEttYnNrNzBzaUVKX2hkR0VxYkZyd0V4UGFJeDQ0OFduTjZuY3FXRUFmbUktbGZMRGZJMnJ2WHJFeGk2TmdrUjZ1N1h4ZFI2Yy1vaWJWbzBTUnJNcmVwSFBITmR3cWt6MGRVbHBDanhLNEZJSkt3VXZ5d1phOWtOLTNGcGh2UW03RVdYSFlxZEQ4X2xqZFpIRjV4QnI5TTF0aE9QVXdsNllTTHVxNXUxSnphN3ZhUk5FMXVyT05PVXZSZDJlSUJuOEJqa0VQOGFHVDJMRzRLSUNRNm4tcjFTV0VMRENld1ZJa1FJNnd0SmZUeFdKUHBVNE51aExUTjh6R3pxc1o3UkFjdXhZTWw4Ymlvdm5pVzluLVV3ZUIxZFM1bXF3VXczY3hMY1FybjZUR1NtazVZdHJQN04wVm1zXzJncVA0dTRBa3hJWjNPdkNWbHRJMEx1dXFMaW9obTRyOEdQZE9pMFkzc2ZoM2ozUnlKTnFfM2UydS1uM3VHT1JiUDlZR0I4RjM4M0dKS2dQbU14Z0paZTZ1cE9aejE3NWFUTjladGNvaTJCVFQ1UVJLMUdFRjk3RTBaZzlHY3lER2lRdHBOX3RsdHJVeU5UbXFjdWdGanVfdUhqQjdnVkdSNHZnYk5nd2hHajdtQ3ZaMHpnY3RzdUg4azJiTzlPNmw5NHVZU3ZaMzRkc0dmM254YWJEazgwYlExYnlEc2ZtMC1CZmlVQmpQMEhrdm9WajF1ZmFCeDl4R3NwdEd1NmVEa3I0ZDhDbGhtZExza1J4ZldoUDNXTHdsSWNXdGpXQy11VkxQcEp3MTlFTkdkZVk0bmZfLUFZU0F4UUpGV3JqLVZlVEZKVW1qRFhnV1p0R0VWUWNaWWUzaTFHTllOZWlFSXFJbnhOLXctcnk5VmVMS0k5ZDJPSHYzRTRVVVZraHhPcG41QkQzV19NYTNWVHExNENMeUExOVh2V2RLbWdRSmRSZlhzNzZrek54RzZ3Q295X2V4ZG1HTUpHNVBNbkxndkxRcjZVLWxfUFFpY210RDFSYW9JNWluQVp5cm5JOWh6RDQ3dE8tUUQ2MUgwUkZVTzBfUU9od1BKU20xR2o3UnNmLUFUdW03NzVNbzAwOHc2V2pHWTl3UTdXeXB5cHp4M0FmdHUta0ppNnJTSG1jdVJzc1RPNGJVUHhmOUNoS0ppVGxHamdhc2g2YnMwZHZkZmJBdWU0WmN4Z1NwNV9iVE1JR2FkakpySzg2UFVIQmp6TEJlMVRISE5xcW0tLVBWczVlUUhDcERpdktRaUdXdl9fUi1TMWhxZDhaSV9CWm10SHBmTTYwcWFMTGxUSXlab3lVNzJueWdZNUNuQk1oczgteFBhQjZzM3o2Ujc5bkM5WG90dUR6dXlrdnhLc2NkcHM0SDVqVUFaT3d2RUkzMDRpbGhCQnlCYVloRGVFZ0hSQ2RJY0VWRl9Na1FtVGFzTFlQYzVZS1gzRW5rRHM3aWlxTm1NZzItcHJmV200UG94bVhjTGo0QTNvNU9KN25COGEzTkZiRUstNjlHTUVTNkdJVnNEYUZsV2V6U1lYUklNSjVpcVlpTzh5dzZsWXhMRF8yeFBleFZ0MUFWTUljRU9uWUFNRmhrajJoRTJHOXdkWFpOb01FOWYwYmw5aVNKUXRIRGdVd20wMHUzQTRqNlNaSEVSYXVieVJXQ3pqVmp2YUVKQm1tSEJWZkhCMGxPaVJPeWYwWFZEN25qT3pzUXhGbUc0eTdyRERrRVF4QThZWXJSUVdfcTh6YjhLMHY0T1llWkxzMUo3RXF4ZWtHRHh2bzg1Zlh1UkRDQ2FnR29NbllWTEwzX3J1aVZ6azJIMlQ5ZDg0TlNxSmd3MVBmQy1OX1hzVlRSOHRBUmxQX2hsUWxkenJHU1RpQUVRMmo0eVE2YWZEUzFNWHhaeHhUOXE5WDlhMEIxeXkxcUI2WjZlZUFrenFxcVB1UWNxY1JYNjR0bW1LNGZzOWh4NE55TzZWNHhTeDVxdmpERGZhTnE4UmtuWTZMY21ubTRyejBLSVhNQkZWQkRZbkR3ZGc0RFhJS05wWVdtamRNVnB6eGFQeEZGRm1TN3RSMUNQS3RXUDhzMEpPb1dTOGVHWGJpM1ZfS1pFenNCWEFLVmlOdkF0eFpIcTFvTXcxV050YWVnd29uMUNoNG1YVUlzNUJBQU1yRWZxUG1HSlV5MkpZSXM3bGNCd2pramJDT0tkNXE3RzhfaF92cE9WemwtU0FBUkhzY0RzVnhxQm4zNTJ1WWdvV1ZFbGNNdG15eHFMaUZaSEpjdlJ5MWF6V2xGZlFZQlhCU1NpczRCNU03UTJlcUF6RVRZcTRLNDRYX1lObGMtNmpZNm82VFhjSzZoVE5QeHlWOEhFNkVKTUVQSktvT0ZiOXEyZ01mRlg2RWR1aVpoWE1fbDUzc2RWdlV3ZVdyeC1xa2hYaTdxUUFPMEZITXNHcUFITGs4OXFhVmc3MDZPM1ZUMjJydnZEUTU3Ym1BYXRqTThDVkQxRmJOeU1xZHFSbmtCaFJXbl9JTTVaS2FUc3lGaTlBWnEwUEdqcVNGUGpaTW1hemxhS1pROWl1dTFxWllrLU05X09EenItdGZwVGNVajBWQ2hxNXNnTXl5X1ZMUjBPVThhUjU4M2JGOE03UW9BVVoxMUY1a1NsU2t6THFjNk1qNi1HVzRaZnhiY0JvbFZGZVRuVFhSek5jbVRvdnluMVlPblN2MnN3UmNnN3RHNW9ZR0ZmdWJYNG51MDZPWEpIZm1qak10ZVhmOXllMHNDQ1NtVEdaa0UwTmtHYkRfZWE2MDN3SDU0cGRQdjlzX0ZPNDVQSEwxTmF1cFNucHBhUkpJYmlhN0J5RXY3UGI0OV9uQ1p4QU9jNmVldllvOS16TllKbVhGT3NlbXhXTmRaTEVkOW5RQ2t1c0l1OHlITmpDWGdwRF9ZM2NCelB5WmpwLVNjRDZDMHhueHZLMUdGSVp5OGFEcUF3RGZEYy02TXlTeEdUZ3lvV3NMSGM4cTdJSW5HbmRWbU9NcU9oMmE5cmtXaWdyV0ozRjItR0FKYU1hN1hrQU0wV3BIZU90MzhFbVV1SkpvT0RMV2NsYmRaWTlHdzlzR2VkbmlTNzNtbDZtYnR3TGgyM3ZoaGdYTEt1Ym5vV1Aya3ZtLXV0c21DTGVoVzF6OFU1VEdvYWdmRVpIaGt5OGhxUXZqWVFWeUJTejhGOXNCb3h4RUZ2bVhoZ3pTcFR1T0djNHRFTTNyRDNqbUMxNHRrNldQMFg2OUhOM0N3enZ2N3FPYkhjSFNESzkxcmxCV0pxbTdfU3JURXlFb3VKbXRwekVZS2ZZR29kZERVSXBIUDMyUHlMMjRxc1Yzc2JySExENnY2WXZOZU0tVFo2NkNFSTZZOGtDRTlhcXZpVkNnS3JaTUNYSmlTdm5CY3hHLTRMc0xXcDZTLVhoaXpSX2t0Yjk1MXdNb0dXb2MmYW1wO2NpZD1DQVFTT3dBdkhoZl9RMUlXVDJZeEttS2F1MVFBSkh1TGZfV21IWDBpS1NsU29RajBYLUxudEhPc1czSHJQLXY5N2ZEQm5TeG82ZVJfSE9kdDhvV3ZHQUVcIiBkYXRhLWR2My13aWR0aD1cIjMwMFwiIGRhdGEtZHYzLWhlaWdodD1cIjI1MFwiIGRhdGEtZHYzLXJlbmRlci1tb2RlPVwic2NyaXB0XCIgZGF0YS1kdjMtbWV0YS1kYXRhPVwiWzEsNzYsMTAzNjM5NzU2NDg0Njc1NjEwODNdXCIgZGF0YS1kdjMtZG9uZT1cInRydWVcIj48L3NjcmlwdD48c2NyaXB0IHNyYz1cImh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L2RibS9hZD9kYm1fYz1BS0FtZi1DeUVKVlg2Nk14NGJPWHdnSzBabk83c3UyUV93R0E4bHQzbmllaEo0WVlzY0RfaXpqUGVFTExyVnFZYjBRSlJtVFhMN19GYlFPTU00UmtLdmhGc0JQWVF5MHFIcVJRbWxCcktSejMtbDNaUFVHdWVaZkJpUVo3bWFSU1VYWnBsOFhCMENfVEY3UlBzWl8tLWEyZkFhTFZUU01ral9IejNnNHVXdGNGX1kteGVDYVhqWDQmYW1wO2RibV9kPUFLQW1mLUJ6ZlROSTN4&i=4-13&t=adltag_lr991qpl_4QUKRmqYqWg&r=656a82a1bdf95b3a7aa6d5417ca6000&c=saambaa-deseret&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
M.ok5eJYPe37d_ptPM7ewObNs3KwVG7K
date
Thu, 11 Jan 2024 11:44:52 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
23820
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Wed, 02 Aug 2023 16:01:21 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
pD2ZCmtVFq8BRD10Hcb7E9y4KhJ8-fH8asele06nR24YdUHdglI_Ag==
place
saambaa-deseret-tagan.adlightning.com/ Frame D655 		0
447 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://saambaa-deseret-tagan.adlightning.com/place?p=1&d=Wm41d0U0N0E3aEE0S0tmY2RhRmt4NVd6NEdLZmxrOXB3djlrNHprUm1jM1puSTZBSHdKOUYzNzhscHF0ZjVSTHVZaFkxZnVBMnM0aFptdDlTRloxNDBPWFFQSnlVNThtVDZGZGhJZkRqYlZkWGNwQWpjOTc4eWJpMENpRWtJc1NZSmF1akFnY2VRSXpvOU9HaUxQSndZaFF2TWlCSU1Lb1FTcjFLSkN6ZjJ4Q2M1NkpQNGhqdUdCOTNhZmFPOUtnNnpoaUpXeTR5Rkh4bjhnNHpsYjJIMzZ2a1ZUOXVMUmhlR2RJZjQxMXFWc3djdmdlSGY3NmN1eEVGdXZ4UXN5RFFsUTBEN3dudFJHdXFxOHpnTDU3VTZhVDh0TXFfcW13UnJ5ZU94QWRuX2QwTjB6aGxISlRaQnc3bk5aYlM3QmdjN0xQLUFFOTNXV2hKNVQwbXpzb1Y0Y2s1MjJ4T256dzB3MFpzRGdpSWw1SjNBQ1pGSjlOWXB3dVMxVGtIRVh5RGl0TnZhY3NxSGRZM2NacXBrV3QtUGszMnJna2tVT1dCWThrUlVxdzN5dldZT0UxMEFoUlFIREhyOWZKaEhWNHoxT0x5ZFowT3lNRk1Pai01Y1c1bS1Ra1FWSkNuV2cwT2o1OFdOcE40S3Rlemo5NWo4dkY5VHJTbzB4MWtwaklaeU9xTmZ1SzJZMkJIci1oaDExY0lIakl2NDN4SEtUVVEwQkFTNE5LUUFzSzRtNTNWQTdtVTVvaWZKNmVmc09hZ0dSMzhEQmlTMkpFSGtpSC14c1pkaHpZS1FPTlBhZ05JWkhEbEVidk9VUF9lSDBpeUJ2REtKMURIUE04VVJZU3A0T3E1cHNzYjU4Sk1FUGRPRUFfUXJicXBsVno2TUNxRVZNd3ZXOXczWVNiR3JmREJIRWU4YVdJQ3E3WlNrZGpRRElXSDdHSm9xZUh4bkpoZnZ4U1Q5SGJpMDItaTJQa2VwdDFoaEpSbWlwdzVWbk5ZbHRtSDNwaFZkNlItdkhQeEU3d0xteUxRVktIM0tvdE9ZMlhyN0I4eGgwclpYOXd5cDBNYUd3NjVaMGE3S3JzWUM1SWZyN044NWRJc0tOUjdjblVDNVRFZllnZnBqS2VJNEV5LUhEa2NrWWZUMDloakhydnpac0ttODlScC1HS3pBeTNnU0FDUGY4bW95UXZlMEI4UVNJV1pZN2tnZGpvVjFjVjNXcXdlMFAzLXdLRXBRelU0ZnI4SGhjaW1QOFVNUGxkZDA1UGJ5OWNUcTZic3IyZGxFTDZJWUtkdXpkQlkwRFBQMlNobndMWVF6ZjB6Q21OZXpIdU5yZm9mWmx6Vi1haXV5OXNQZDNwUTFPQUh2RS1iUEFTRFZSejhaLUNFNmk4aUh0OVEzUmxITU1ycUxsWXhTWWpOSGEyajktaDQtOFFVampfNmRyUjBUN3dUVkUtMUthN2JoMy13eS1YRXRtdTZ6UmptT3JyUjVhMTFyUWRNM1dtbC1lTVE2WFk5Wlcyb1UyTWt6LXFIbmM4N0VKam1PMGdJY19lWHBjTUtlU1hsSE5yWjVYeEVIU012WFlOeUVsQW8yOGN3dkVaQl80ZDBxc181V09yMG9mRzN5SkVqZTgwSFNEN2Z3Y0R4QzRoSDNneXNuQnd3N1hLRXdLLXZPYTVyT2Q1ejBZYVhTOUI0NnhsNG13MGlNSDBvVlc5c0JBdkVRWHdfMml6dE5FWjZWeHZDU3lVNFBMczhBZkVyOFphMEJZZGdzc0Y4dFctc1MtNmhKcE9Tc2oySnMtSUhhSFMwNExIbVdFVk9CWTRoVEVkUXZxRTNka09oS1ZaOXBJY2ktdUpmbVVMX1paX1Iybk45Q0FaNUxkN1FIQ1hnM3NyTHJtMFQtNVhwOGRWZmNTb2EzZlMtenJLVTlzX05IYWtGY3M0ZWRNejRyUUsxdGFXUEttYnNrNzBzaUVKX2hkR0VxYkZyd0V4UGFJeDQ0OFduTjZuY3FXRUFmbUktbGZMRGZJMnJ2WHJFeGk2TmdrUjZ1N1h4ZFI2Yy1vaWJWbzBTUnJNcmVwSFBITmR3cWt6MGRVbHBDanhLNEZJSkt3VXZ5d1phOWtOLTNGcGh2UW03RVdYSFlxZEQ4X2xqZFpIRjV4QnI5TTF0aE9QVXdsNllTTHVxNXUxSnphN3ZhUk5FMXVyT05PVXZSZDJlSUJuOEJqa0VQOGFHVDJMRzRLSUNRNm4tcjFTV0VMRENld1ZJa1FJNnd0SmZUeFdKUHBVNE51aExUTjh6R3pxc1o3UkFjdXhZTWw4Ymlvdm5pVzluLVV3ZUIxZFM1bXF3VXczY3hMY1FybjZUR1NtazVZdHJQN04wVm1zXzJncVA0dTRBa3hJWjNPdkNWbHRJMEx1dXFMaW9obTRyOEdQZE9pMFkzc2ZoM2ozUnlKTnFfM2UydS1uM3VHT1JiUDlZR0I4RjM4M0dKS2dQbU14Z0paZTZ1cE9aejE3NWFUTjladGNvaTJCVFQ1UVJLMUdFRjk3RTBaZzlHY3lER2lRdHBOX3RsdHJVeU5UbXFjdWdGanVfdUhqQjdnVkdSNHZnYk5nd2hHajdtQ3ZaMHpnY3RzdUg4azJiTzlPNmw5NHVZU3ZaMzRkc0dmM254YWJEazgwYlExYnlEc2ZtMC1CZmlVQmpQMEhrdm9WajF1ZmFCeDl4R3NwdEd1NmVEa3I0ZDhDbGhtZExza1J4ZldoUDNXTHdsSWNXdGpXQy11VkxQcEp3MTlFTkdkZVk0bmZfLUFZU0F4UUpGV3JqLVZlVEZKVW1qRFhnV1p0R0VWUWNaWWUzaTFHTllOZWlFSXFJbnhOLXctcnk5VmVMS0k5ZDJPSHYzRTRVVVZraHhPcG41QkQzV19NYTNWVHExNENMeUExOVh2V2RLbWdRSmRSZlhzNzZrek54RzZ3Q295X2V4ZG1HTUpHNVBNbkxndkxRcjZVLWxfUFFpY210RDFSYW9JNWluQVp5cm5JOWh6RDQ3dE8tUUQ2MUgwUkZVTzBfUU9od1BKU20xR2o3UnNmLUFUdW03NzVNbzAwOHc2V2pHWTl3UTdXeXB5cHp4M0FmdHUta0ppNnJTSG1jdVJzc1RPNGJVUHhmOUNoS0ppVGxHamdhc2g2YnMwZHZkZmJBdWU0WmN4Z1NwNV9iVE1JR2FkakpySzg2UFVIQmp6TEJlMVRISE5xcW0tLVBWczVlUUhDcERpdktRaUdXdl9fUi1TMWhxZDhaSV9CWm10SHBmTTYwcWFMTGxUSXlab3lVNzJueWdZNUNuQk1oczgteFBhQjZzM3o2Ujc5bkM5WG90dUR6dXlrdnhLc2NkcHM0SDVqVUFaT3d2RUkzMDRpbGhCQnlCYVloRGVFZ0hSQ2RJY0VWRl9Na1FtVGFzTFlQYzVZS1gzRW5rRHM3aWlxTm1NZzItcHJmV200UG94bVhjTGo0QTNvNU9KN25COGEzTkZiRUstNjlHTUVTNkdJVnNEYUZsV2V6U1lYUklNSjVpcVlpTzh5dzZsWXhMRF8yeFBleFZ0MUFWTUljRU9uWUFNRmhrajJoRTJHOXdkWFpOb01FOWYwYmw5aVNKUXRIRGdVd20wMHUzQTRqNlNaSEVSYXVieVJXQ3pqVmp2YUVKQm1tSEJWZkhCMGxPaVJPeWYwWFZEN25qT3pzUXhGbUc0eTdyRERrRVF4QThZWXJSUVdfcTh6YjhLMHY0T1llWkxzMUo3RXF4ZWtHRHh2bzg1Zlh1UkRDQ2FnR29NbllWTEwzX3J1aVZ6azJIMlQ5ZDg0TlNxSmd3MVBmQy1OX1hzVlRSOHRBUmxQX2hsUWxkenJHU1RpQUVRMmo0eVE2YWZEUzFNWHhaeHhUOXE5WDlhMEIxeXkxcUI2WjZlZUFrenFxcVB1UWNxY1JYNjR0bW1LNGZzOWh4NE55TzZWNHhTeDVxdmpERGZhTnE4UmtuWTZMY21ubTRyejBLSVhNQkZWQkRZbkR3ZGc0RFhJS05wWVdtamRNVnB6eGFQeEZGRm1TN3RSMUNQS3RXUDhzMEpPb1dTOGVHWGJpM1ZfS1pFenNCWEFLVmlOdkF0eFpIcTFvTXcxV050YWVnd29uMUNoNG1YVUlzNUJBQU1yRWZxUG1HSlV5MkpZSXM3bGNCd2pramJDT0tkNXE3RzhfaF92cE9WemwtU0FBUkhzY0RzVnhxQm4zNTJ1WWdvV1ZFbGNNdG15eHFMaUZaSEpjdlJ5MWF6V2xGZlFZQlhCU1NpczRCNU03UTJlcUF6RVRZcTRLNDRYX1lObGMtNmpZNm82VFhjSzZoVE5QeHlWOEhFNkVKTUVQSktvT0ZiOXEyZ01mRlg2RWR1aVpoWE1fbDUzc2RWdlV3ZVdyeC1xa2hYaTdxUUFPMEZITXNHcUFITGs4OXFhVmc3MDZPM1ZUMjJydnZEUTU3Ym1BYXRqTThDVkQxRmJOeU1xZHFSbmtCaFJXbl9JTTVaS2FUc3lGaTlBWnEwUEdqcVNGUGpaTW1hemxhS1pROWl1dTFxWllrLU05X09EenItdGZwVGNVajBWQ2hxNXNnTXl5X1ZMUjBPVThhUjU4M2JGOE03UW9BVVoxMUY1a1NsU2t6THFjNk1qNi1HVzRaZnhiY0JvbFZGZVRuVFhSek5jbVRvdnluMVlPblN2MnN3UmNnN3RHNW9ZR0ZmdWJYNG51MDZPWEpIZm1qak10ZVhmOXllMHNDQ1NtVEdaa0UwTmtHYkRfZWE2MDN3SDU0cGRQdjlzX0ZPNDVQSEwxTmF1cFNucHBhUkpJYmlhN0J5RXY3UGI0OV9uQ1p4QU9jNmVldllvOS16TllKbVhGT3NlbXhXTmRaTEVkOW5RQ2t1c0l1OHlITmpDWGdwRF9ZM2NCelB5WmpwLVNjRDZDMHhueHZLMUdGSVp5OGFEcUF3RGZEYy02TXlTeEdUZ3lvV3NMSGM4cTdJSW5HbmRWbU9NcU9oMmE5cmtXaWdyV0ozRjItR0FKYU1hN1hrQU0wV3BIZU90MzhFbVV1SkpvT0RMV2NsYmRaWTlHdzlzR2VkbmlTNzNtbDZtYnR3TGgyM3ZoaGdYTEt1Ym5vV1Aya3ZtLXV0c21DTGVoVzF6OFU1VEdvYWdmRVpIaGt5OGhxUXZqWVFWeUJTejhGOXNCb3h4RUZ2bVhoZ3pTcFR1T0djNHRFTTNyRDNqbUMxNHRrNldQMFg2OUhOM0N3enZ2N3FPYkhjSFNESzkxcmxCV0pxbTdfU3JURXlFb3VKbXRwekVZS2ZZR29kZERVSXBIUDMyUHlMMjRxc1Yzc2JySExENnY2WXZOZU0tVFo2NkNFSTZZOGtDRTlhcXZpVkNnS3JaTUNYSmlTdm5CY3hHLTRMc0xXcDZTLVhoaXpSX2t0Yjk1MXdNb0dXb2MmYW1wO2NpZD1DQVFTT3dBdkhoZl9RMUlXVDJZeEttS2F1MVFBSkh1TGZfV21IWDBpS1NsU29RajBYLUxudEhPc1czSHJQLXY5N2ZEQm5TeG82ZVJfSE9kdDhvV3ZHQUUmYW1wO2R2M192ZXI9bTIwMjMwOTI2MDEwMSZhbXA7cmZsPWh0dHBzJTNBJTJGJTJGd3d3LmRlc2VyZXQuY29tJmFtcDtkcz1sJmFtcDt4ZHQ9MSZhbXA7aWlmPTEmYW1wO2Nvcj0xMDM2Mzk3NTY0ODQ2NzU2MDAwMCZhbXA7YWRrPTIxMjM4ODYyOTgmYW1wO2lkdD0xMjAmYW1wO2NhYz0wJmFtcDtkdGQ9MTE4XCI%2BPC9zY3JpcHQ%2BPGRpdiBpZD1cImFkX3VuaXRcIj48ZGl2IGNsYXNzPVwiR29vZ2xlQ3JlYXRpdmVDb250YWluZXJDbGFzc1wiIGlkPVwiZ2NjX19PMmZaYzJJRDZhVmp1d1AtOWlVaUFFXCIgZGF0YS1jcmVhdGl2ZS1sb2FkLWxpc3RlbmVyPVwiXCI%2BPGEgdGFyZ2V0PVwiX2JsYW5rXCIgaWQ9XCJpbWdfYW5jaF9DTTMyLUtpNTFZTURGYWFLZ3djZGV5d0ZFUVwiIGhyZWY9XCJodHRwczovL2FkY2xpY2suZy5kb3VibGVjbGljay5uZXQvcGNzL2NsaWNrP3hhaT1BS0FPanN1NG1FQ1M2cWk1VFluWVk1cDgxV1I0ZmJSbG1TVVZhRGwzX0E3NFBrWWc3MmplbHlrN0JkN3V6WlV3eEF5SVpIellpNWRLYlZyekNGMFZkMWg2UHlMa3kzR2ZwZEpleTZ5d3dkbF95UmtTOTBqQjI4ZTVMaFhUT1F6cko5dUZXeUdINC1Cd1ZzVXYxbGhiTkhUa2ttbkhTYVRwb3dyakR1RGdkeHRqSVhPR01oOWlSMXF0T1Jsc0xhQ1hkRXYwNW4yc2NpUTgzb1lYUHpwVW1Qa25palRybjlRcU10VF90TlBDZng1bF9hUGpEeXFrQWliUmp6ZjFyMm04VjVfa0diX3FFRXN2Z24tZk5SZW9UWmRibnRSalExSXFCMmRmMGtLYktDcGpiX2FnN3ZBdnBsVmxnN1lyc2hTMXNXcG9BYlkwZV9VcGdmX1RZZkV4aVlPazh4VHppSXp5Rm9udkJ2ZGl6dG1vcmlndHh0dDVnTFB4V25HbGM0ZU5sU3lBbkhKdGpMeW5fS205VDVKeGtiS1V5LUVFM2Vsb1kwLS14STQ2VGdTMTQtS3BGd0NPR284NEJjbnBYVVZGVXVsNjl2R3FLTU84bjZ6MXlKbGNvWW52c3VzazJXMU5KOC1rRzdxQkdwWi1FLVpiZFZrLXkxUzQwdTZjaDVaT0NUM2FGOGp5clRxTVRFYXJWZFlFaFNxRjNVYUhEYjAtQ2JsVnVHNldiYm83QlVQaTZVbmZKUTlqQWNyZzJnb2VOVTAxYXZaSHZxUlRIUndZdlZTT3VHVklsRWhPa2hqalNiZFU4OXpqUkN2c19GaWVOWllMd0hBakV6TFFGMmRkTjNGaTJLdlFqSGN6WUw2RWhMTG5kWl9nSHRzVTZUU1RpZFNDbnpiRFZvZHRQT3Ixd3VzVTJJYWNGY2VwR1BiV0lGWTlkT1UyRmtJVUVma2pVeFdSc2pkUmNwekFaWDdqYXNXcGpUbjlnWXg3cU4tOU90bTBLS0RkV3BWVjRXYWJxTlVud0tUVWNDcWRaekxBR21OWEpiSTRHc2lIWXh5ZkJfdGVhQl9JeFdDdkwyZ2I1Mm0waTFMeDJuemhVdGhvZFE2aTJEMWRGNm00Z1A3RkE3Smx4V3B6NVMzV3pNdzZRaXhFU0NpNzBKcXQ0aGxuQmVvaHhPU04ybnFpbjVLWG5tNDFCa2hCWFBGaU5vdDgwRHZQdE95M0lxbnc1b3VjR3hQVkNKSGFYNjQ4QnpPVlh1TElPc0RVR3pXQ0Y2MHhzdEVPNGk3SVdLbnBtT2Izb09mU1YzQUZsb015VzRjdm5NLTFzYTFjMHlWV3NlYkZBSTZOSnBSRVFJS1dvbnFDU243b0NnRFNMSkJ2SUFsdURnS284cWJuSjNpajhQcXJOeTdOaVJVcFYySnNIT0VLM3FHYjNlTGZZNDR3c19YX3pCRnpjOThTV2o2NTVDZHpuelQ5ajhrVlZraTZsdU1yVWhqMkJSTUNuRGxJTDRTbjFYbkN3dUpTRlZwN2VpNzFfRnJ1anRCNGRUcXdfeHE0M25nT3JKXzNfSDdBVm5WLXpaX2FBMVJ3OTNHWUZVcFFvWUlDU1o0LUxYcnNFR3k4UTFFcTFaQV9CR2JPWmZUajJIa3NSZVZyNEV3QTNSSk9DdjQxZ3VYaXp6OXVGTXBtZGFmcUNQRFcydi15dXlyLWlXYmJLUERHR1VQZzJJX0c2aVNZS0dFWm9qWjdYX2hhQmdaRzgwQ25pd3o0aFBPbkk5c0c4X3A5cWFfckRxM1draU5iUmZVa3B4azkzbzM1dHc4a3B4X3U4VVBCdG51Q0JUZEQwVFFFMV9WUH&i=5-13&t=adltag_lr991qpl_4QUKRmqYqWg&r=656a82a1bdf95b3a7aa6d5417ca6000&c=saambaa-deseret&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
M.ok5eJYPe37d_ptPM7ewObNs3KwVG7K
date
Thu, 11 Jan 2024 11:44:52 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
23820
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Wed, 02 Aug 2023 16:01:21 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
_Ys23gMi_LEyKPTNNbrKCTzzEN4BSr5e6rkSpFJERT1CpPqWgJL3dA==
place
saambaa-deseret-tagan.adlightning.com/ Frame D655 		0
449 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://saambaa-deseret-tagan.adlightning.com/place?p=1&d=R4cEdCRzFkcGQ4Sk5PbC1LSjBwVHp3dDZTQ1JVdWJla3M1eEYyNlp6MVptZm9pNmg4SnZaUGUtNDBidDN3WkhIM1hHRFJacllLcmlqZkY1M01wbFJORTRTNGpOeUpWSGJJcWZTSVVtZ3FrSUV1NCZhbXA7c2FpPUFNZmwtWVI4dWZtbms1ZU5ERW5xa1BKZTF1UXpCMEVTdDI3WE5KMjZReERxZ2J0UUtwSXU0eGJac3h3aHN2YThVRFpBb1FfamRXakI5M1dBUHpTZEVudS00OFBtTTNTTTd2Y2VKdThkcEhDRjdYczZrUHV3VnRxZURVQmQ0NUR4Ny1DamtGd0JVWmZRc2JTRVhsQ2lsaVdhaEdsdS1kRmFXQmpSeG9hYUpyZGVQQlVjckdtN1dkZ0pzOG9jRVFSUXpOTmw5QlFvT01oU2JzV2Y3REYwYlpZRzU4U3pjLVk4a2RTdHpRN0lPM25Xbkdra1M4MkdhdGRGYlBEX0pxRFJwN2RYY0R2d3R5QnJIVm9tWWZZJmFtcDtzaWc9Q2cwQXJLSlN6TmJFbXB6MkVFSngmYW1wO2NyeT0xJmFtcDtmYnNfYWVpZD0lNUJnd19mYnNhZWlkJTVEJmFtcDt1cmxmaXg9MSZhbXA7YWR1cmw9aHR0cHM6Ly9oZWxmZW4udW5pY2VmLmRlL2dhemEtMjAyMyUzRmRpc3BsYXklM0QxJTI2dXRtX21lZGl1bSUzRGJhbl9lcyUyNnV0bV9jb250ZW50JTNEMjAyMzEyX2dhemElMjZ1dG1fY2FtcGFpZ24lM0QyMDIzMTJfZXNfZ2F6YV9kdl9wcm9zXzM4MjY5ODUwMyUyNnV0bV9zb3VyY2UlM0RkaV9kdiUyNnV0bV90ZXJtJTNEYXdcIj48aW1nIHNyYz1cImh0dHBzOi8vczAuMm1kbi5uZXQvc2ltZ2FkLzgwNDQ3ODQyMzUxOTgyNDIyNDJcIiBhbHQ9XCJBZHZlcnRpc2VtZW50XCIgYm9yZGVyPVwiMFwiIHdpZHRoPVwiMzAwXCIgaGVpZ2h0PVwiMjUwXCIgc3R5bGU9XCJkaXNwbGF5OmJsb2NrXCI%2BPC9hPjxzY3JpcHQgZGF0YS1qYz1cIjc0XCIgZGF0YS1qYy12ZXJzaW9uPVwicjIwMjQwMTA4XCIgZGF0YS1qY3AtYS1pZD1cImltZ19hbmNoX0NNMzItS2k1MVlNREZhYUtnd2NkZXl3RkVRXCIgZGF0YS1qY3AtZm9yLXN1cmUtb3Blbi1icm93c2VyPVwiZmFsc2VcIiBkYXRhLWpjcC1mb3Itc3VyZS1vcGVuLWN1c3RvbS10YWJzPVwiZmFsc2VcIiBkYXRhLWpjcC1jYy1vdmVybGF5PVwiXCIgZGF0YS1qY3AtY2MtYnV0dG9uPVwiXCIgZGF0YS1qY3AtaXMtZmxlZGdlPVwiZmFsc2VcIiBkYXRhLWpjcC10dXJ0bGV4LWV2ZW50LWFkLXNpZ25hbHM9XCJcIj4oZnVuY3Rpb24oKXt2YXIgYWE9XCJmdW5jdGlvblwiPT10eXBlb2YgT2JqZWN0LmRlZmluZVByb3BlcnRpZXM%2FT2JqZWN0LmRlZmluZVByb3BlcnR5OmZ1bmN0aW9uKGEsYixjKXtpZihhPT1BcnJheS5wcm90b3R5cGV8fGE9PU9iamVjdC5wcm90b3R5cGUpcmV0dXJuIGE7YVtiXT1jLnZhbHVlO3JldHVybiBhfTtmdW5jdGlvbiBiYShhKXthPVtcIm9iamVjdFwiPT10eXBlb2YgZ2xvYmFsVGhpcyYmZ2xvYmFsVGhpcyxhLFwib2JqZWN0XCI9PXR5cGVvZiB3aW5kb3cmJndpbmRvdyxcIm9iamVjdFwiPT10eXBlb2Ygc2VsZiYmc2VsZixcIm9iamVjdFwiPT10eXBlb2YgZ2xvYmFsJiZnbG9iYWxdO2Zvcih2YXIgYj0wO2I8YS5sZW5ndGg7KytiKXt2YXIgYz1hW2JdO2lmKGMmJmMuTWF0aD09TWF0aClyZXR1cm4gY310aHJvdyBFcnJvcihcIkNhbm5vdCBmaW5kIGdsb2JhbCBvYmplY3RcIik7fXZhciBjYT1iYSh0aGlzKTsgZnVuY3Rpb24gcChhLGIpe2lmKGIpYTp7dmFyIGM9Y2E7YT1hLnNwbGl0KFwiLlwiKTtmb3IodmFyIGQ9MDtkPGEubGVuZ3RoLTE7ZCsrKXt2YXIgZT1hW2RdO2lmKCEoZSBpbiBjKSlicmVhayBhO2M9Y1tlXX1hPWFbYS5sZW5ndGgtMV07ZD1jW2FdO2I9YihkKTtiIT1kJiZudWxsIT1iJiZhYShjLGEse2NvbmZpZ3VyYWJsZTohMCx3cml0YWJsZTohMCx2YWx1ZTpifSl9fXZhciBkYT1cImZ1bmN0aW9uXCI9PXR5cGVvZiBPYmplY3QuY3JlYXRlP09iamVjdC5jcmVhdGU6ZnVuY3Rpb24oYSl7ZnVuY3Rpb24gYigpe31iLnByb3RvdHlwZT1hO3JldHVybiBuZXcgYn0scjsgaWYoXCJmdW5jdGlvblwiPT10eXBlb2YgT2JqZWN0LnNldFByb3RvdHlwZU9mKXI9T2JqZWN0LnNldFByb3RvdHlwZU9mO2Vsc2V7dmFyIHQ7YTp7dmFyIGVhPXthOiEwfSxmYT17fTt0cnl7ZmEuX19wcm90b19fPWVhO3Q9ZmEuYTticmVhayBhfWNhdGNoKGEpe310PSExfXI9dD9mdW5jdGlvbihhLGIpe2EuX19wcm90b19fPWI7aWYoYS5fX3Byb3RvX18hPT1iKXRocm93IG5ldyBUeXBlRXJyb3IoYStcIiBpcyBub3QgZXh0ZW5zaWJsZVwiKTtyZXR1cm4gYX06bnVsbH12YXIgaGE9cjsgZnVuY3Rpb24gaWEoYSxiKXthLnByb3RvdHlwZT1kYShiLnByb3RvdHlwZSk7YS5wcm90b3R5cGUuY29uc3RydWN0b3I9YTtpZihoYSloYShhLGIpO2Vsc2UgZm9yKHZhciBjIGluIGIpaWYoXCJwcm90b3R5cGVcIiE9YylpZihPYmplY3QuZGVmaW5lUHJvcGVydGllcyl7dmFyIGQ9T2JqZWN0LmdldE93blByb3BlcnR5RGVzY3JpcHRvcihiLGMpO2QmJk9iamVjdC5kZWZpbmVQcm9wZXJ0eShhLGMsZCl9ZWxzZSBhW2NdPWJbY107YS5BPWIucHJvdG90eXBlfXZhciBqYT1cImZ1bmN0aW9uXCI9PXR5cGVvZiBPYmplY3QuYXNzaWduP09iamVjdC5hc3NpZ246ZnVuY3Rpb24oYSxiKXtmb3IodmFyIGM9MTtjPGFyZ3VtZW50cy5sZW5ndGg7YysrKXt2YXIgZD1hcmd1bWVudHNbY107aWYoZClmb3IodmFyIGUgaW4gZClPYmplY3QucHJvdG90eXBlLmhhc093blByb3BlcnR5LmNhbGwoZCxlKSYmKGFbZV09ZFtlXSl9cmV0dXJuIGF9OyBwKFwiT2JqZWN0LmFzc2lnblwiLGZ1bmN0aW9uKGEpe3JldHVybiBhfHxqYX0pO3AoXCJPYmplY3QuaXNcIixmdW5jdGlvbihhKXtyZXR1cm4gYT9hOmZ1bmN0aW9uKGIsYyl7cmV0dXJuIGI9PT1jPzAhPT1ifHwxL2I9PT0xL2M6YiE9PWImJmMhPT1jfX0pO3AoXCJBcnJheS5wcm90b3R5cGUuaW5jbHVkZXNcIixmdW5jdGlvbihhKXtyZXR1cm4gYT9hOmZ1bmN0aW9uKGIsYyl7dmFyIGQ9dGhpcztkIGluc3RhbmNlb2YgU3RyaW5nJiYoZD1TdHJpbmcoZCkpO3ZhciBlPWQubGVuZ3RoO2M9Y3x8MDtmb3IoMD5jJiYoYz1NYXRoLm1heChjK2UsMCkpO2M8ZTtjKyspe3ZhciBmPWRbY107aWYoZj09PWJ8fE9iamVjdC5pcyhmLGIpKXJldHVybiEwfXJldHVybiExfX0pOyBwKFwiU3RyaW5nLnByb3RvdHlwZS5pbmNsdWRlc1wiLGZ1bmN0aW9uKGEpe3JldHVybiBhP2E6ZnVuY3Rpb24oYixjKXtpZihudWxsPT10aGlzKXRocm93IG5ldyBUeXBlRXJyb3IoXCJUaGUgJ3RoaXMnIHZhbHVlIGZvciBTdHJpbmcucHJvdG90eXBlLmluY2x1ZGVzIG11c3Qgbm90IGJlIG51bGwgb3IgdW5kZWZpbmVkXCIpO2lmKGIgaW5zdGFuY2VvZiBSZWdFeHApdGhyb3cgbmV3IFR5cGVFcnJvcihcIkZpcnN0IGFyZ3VtZW50IHRvIFN0cmluZy5wcm90b3R5cGUuaW5jbHVkZXMgbXVzdCBub3QgYmUgYSByZWd1bGFyIGV4cHJlc3Npb25cIik7cmV0dXJuLTEhPT10aGlzLmluZGV4T2YoYixjfHwwKX19KTtwKFwiTnVtYmVyLmlzRmluaXRlXCIsZnVuY3Rpb24oYSl7cmV0dXJuIGE%2FYTpmdW5jdGlvbihiKXtyZXR1cm5cIm51bWJlclwiIT09dHlwZW9mIGI%2FITE6IWlzTmFOKGIpJiZJbmZpbml0eSE9PWImJi1JbmZpbml0eSE9PWJ9fSk7LyogIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wICovIHZhciB1PXRoaXN8fHNlbGY7ZnVuY3Rpb24ga2EoYSxiKXthOnt2YXIgYz1bXCJDTE9TVVJFX0ZMQUdTXCJdO2Zvcih2YXIgZD11LGU9MDtlPGMubGVuZ3RoO2UrKylpZihkPWRbY1tlXV0sbnVsbD09ZCl7Yz1udWxsO2JyZWFrIGF9Yz1kfWE9YyYmY1thXTtyZXR1cm4gbnVsbCE9YT9hOmJ9O3ZhciBsYT1rYSg2MTA0MDEzMDEsITEpLHc9a2EoNTcyNDE3MzkyLCEwKTt2YXIgeSxtYT11Lm5hdmlnYXRvcjt5PW1hP21hLnVzZXJBZ2VudERhdGF8fG51bGw6bnVsbDtmdW5jdGlvbiB6KGEpe3JldHVybiBsYT95P3kuYnJhbmRzLnNvbWUoZnVuY3Rpb24oYil7cmV0dXJuKGI9Yi5icmFuZCkmJi0xIT1iLmluZGV4T2YoYSl9KTohMTohMX1mdW5jdGlvbiBBKGEpe3ZhciBiO2E6e2lmKGI9dS5uYXZpZ2F0b3IpaWYoYj1iLnVzZXJBZ2VudClicmVhayBhO2I9XCJcIn1yZXR1cm4tMSE9Yi5pbmRleE9mKGEpfTtmdW5jdGlvbiBCKCl7cmV0dXJuIGxhPyEheSYmMDx5LmJyYW5kcy5sZW5ndGg6ITF9ZnVuY3Rpb24gQygpe3JldHVybiBCKCk%2FeihcIkNocm9taXVtXCIpOihBKFwiQ2hyb21lXCIpfHxBKFwiQ3JpT1NcIikpJiYhKEIoKT8wOkEoXCJFZGdlXCIpKXx8QShcIlNpbGtcIil9O3ZhciBuYT1CKCk%2FITE6QShcIlRyaWRlbnRcIil8fEEoXCJNU0lFXCIpOyFBKFwiQW5kcm9pZFwiKXx8QygpO0MoKTtBKFwiU2FmYXJpXCIpJiYoQygpfHwoQigpPzA6QShcIkNvYXN0XCIpKXx8KEIoKT8wOkEoXCJPcGVyYVwiKSl8fChCKCk%2FMDpBKFwiRWRnZVwiKSl8fChCKCk%2FeihcIk1pY3Jvc29mdCBFZGdlXCIpOkEoXCJFZGcvXCIpKXx8QigpJiZ6KFwiT3BlcmFcIikpO3ZhciBvYT17fSxEPW51bGw7dmFyIHBhPVwidW5kZWZpbmVkXCIhPT10eXBlb2YgVWludDhBcnJheSxxYT0hbmEmJlwiZnVuY3Rpb25cIj09PXR5cGVvZiBidG9hO3ZhciByYT0hdyxzYT0hdzt2YXIgRT1cImZ1bmN0aW9uXCI9PT10eXBlb2YgU3ltYm9sJiZcInN5bWJvbFwiPT09dHlwZW9mIFN5bWJvbCgpP1N5bWJvbCgpOnZvaWQgMDt2YXIgdGE9RT9mdW5jdGlvbihhLGIpe2FbRV18PWJ9OmZ1bmN0aW9uKGEsYil7dm9pZCAwIT09YS5nP2EuZ3w9YjpPYmplY3QuZGVmaW5lUHJvcGVydGllcyhhLHtnOnt2YWx1ZTpiLGNvbmZpZ3VyYWJsZTohMCx3cml0YWJsZTohMCxlbnVtZXJhYmxlOiExfX0pfTtmdW5jdGlvbiB1YShhKXt2YXIgYj1GKGEpOzEhPT0oYiYxKSYmKE9iamVjdC5pc0Zyb3plbihhKSYmKGE9QXJyYXkucHJvdG90eXBlLnNsaWNlLmNhbGwoYSkpLEcoYSxifDEpKX12YXIgRj1FP2Z1bmN0aW9uKGEpe3JldHVybiBhW0VdfDB9OmZ1bmN0aW9uKGEpe3JldHVybiBhLmd8MH0sSD1FP2Z1bmN0aW9uKGEpe3JldHVybiBhW0VdfTpmdW5jdGlvbihhKXtyZXR1cm4gYS5nfSxHPUU%2FZnVuY3Rpb24oYSxiKXthW0VdPWJ9OmZ1bmN0aW9uKGEsYil7dm9pZCAwIT09YS5nP2EuZz1iOk9iamVjdC5kZWZpbmVQcm9wZXJ0aWVzKGEse2c6e3ZhbHVlOmIsY29uZmlndXJhYmxlOiEwLHdyaXRhYmxlOiEwLGVudW1lcmFibGU6ITF9fSl9OyBmdW5jdGlvbiB2YSgpe3ZhciBhPVtdO3RhKGEsMSk7cmV0dXJuIGF9ZnVuY3Rpb24gSShhKXthPWE%2BPjE0JjEwMjM7cmV0dXJuIDA9PT1hPzUzNjg3MDkxMjphfTt2YXIgd2E9e30seGE9e307ZnVuY3Rpb24geWEoYSl7cmV0dXJuISghYXx8XCJvYmplY3RcIiE9PXR5cGVvZiBhfHxhLnMhPT14YSl9ZnVuY3Rpb24gSihhKXtyZXR1cm4gbnVsbCE9PWEmJlwib2JqZWN0XCI9PT10eXBlb2YgYSYmIUFycmF5LmlzQXJyYXkoYSkmJmEuY29uc3RydWN0b3I9PT1PYmplY3R9dmFyIEssemE9IXc7ZnVuY3Rpb24gTChhLGIsYyl7aWYoIUFycmF5LmlzQXJyYXkoYSl8fGEubGVuZ3RoKXJldHVybiExO3ZhciBkPUYoYSk7aWYoZCYxKXJldHVybiEwO2lmKCEoYiYmKEFycmF5LmlzQXJyYXkoYik%2FYi5pbmNsdWRlcyhjKTpiLmhhcyhjKSkpKXJldHVybiExO0coYSxkfDEpO3JldHVybiEwfXZhciBNLEFhPVtdO0coQWEsNTUpO009T2JqZWN0LmZyZWV6ZShBYSk7T2JqZWN0LmZyZWV6ZShuZXcgZnVuY3Rpb24oKXt9KTtPYmplY3QuZnJlZXplKG5ldyBmdW5jdGlvbigpe30pO2Z1bmN0aW9uIEJhKCl7dmFyIGE9RXJyb3IoXCJpbnQzMlwiKTthLl9fY2xvc3VyZV9fZXJyb3JfX2NvbnRleHRfXzk4NDM4Mnx8KGEuX19jbG9zdXJlX19lcnJvcl9fY29udGV4dF9fOTg0MzgyPXt9KTthLl9fY2xvc3VyZV9fZXJyb3JfX2NvbnRleHRfXzk4NDM4Mi5zZXZlcml0eT1cIndhcm5pbmdcIjtyZXR1cm4gYX07ZnVuY3Rpb24gQ2EoYSl7aWYoXCJudW1iZXJcIiE9PXR5cGVvZiBhKXRocm93IEJhKCk7aWYoIU51bWJlci5pc0Zpbml0ZShhKSl0aHJvdyBCYSgpO3JldHVybiBhfDB9O3ZhciBEYTtmdW5jdGlvbiBOKGEsYixjKXtudWxs&i=6-13&t=adltag_lr991qpl_4QUKRmqYqWg&r=656a82a1bdf95b3a7aa6d5417ca6000&c=saambaa-deseret&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
M.ok5eJYPe37d_ptPM7ewObNs3KwVG7K
date
Thu, 11 Jan 2024 06:56:14 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
23820
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Wed, 02 Aug 2023 16:01:21 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
HQURvIRHrOeyFxA8CYUmW3ZABG_LqXsDdV7rhrAiDWWLARwaqCX65w==
place
saambaa-deseret-tagan.adlightning.com/ Frame D655 		0
447 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://saambaa-deseret-tagan.adlightning.com/place?p=1&d=PT1hJiYoYT1EYSk7RGE9dm9pZCAwO2lmKG51bGw9PWEpe3ZhciBkPTk2O2M%2FKGE9W2NdLGR8PTUxMik6YT1bXTtiJiYoZD1kJi0xNjc2MDgzM3woYiYxMDIzKTw8MTQpfWVsc2V7aWYoIUFycmF5LmlzQXJyYXkoYSkpdGhyb3cgRXJyb3IoKTtkPUYoYSk7aWYoZCY2NClyZXR1cm4gYTtkfD02NDtpZihjJiYoZHw9NTEyLGMhPT1hWzBdKSl0aHJvdyBFcnJvcigpO2E6e2M9YTt2YXIgZT1jLmxlbmd0aDtpZihlKXt2YXIgZj1lLTE7aWYoSihjW2ZdKSl7ZHw9MjU2O2I9Zi0oKyEhKGQmNTEyKS0xKTtpZigxMDI0PD1iKXRocm93IEVycm9yKCk7ZD1kJi0xNjc2MDgzM3woYiYxMDIzKTw8MTQ7YnJlYWsgYX19aWYoYil7Yj1NYXRoLm1heChiLGUtKCshIShkJjUxMiktMSkpO2lmKDEwMjQ8Yil0aHJvdyBFcnJvcigpO2Q9ZCYtMTY3NjA4MzN8KGImMTAyMyk8PDE0fX19RyhhLGQpO3JldHVybiBhfTtmdW5jdGlvbiBFYShhLGIpe3JldHVybiBGYShiKX0gZnVuY3Rpb24gRmEoYSl7c3dpdGNoKHR5cGVvZiBhKXtjYXNlIFwibnVtYmVyXCI6cmV0dXJuIGlzRmluaXRlKGEpP2E6U3RyaW5nKGEpO2Nhc2UgXCJib29sZWFuXCI6cmV0dXJuIGE%2FMTowO2Nhc2UgXCJvYmplY3RcIjppZihhKXtpZihBcnJheS5pc0FycmF5KGEpKXJldHVybiB6YXx8IUwoYSx2b2lkIDAsOTk5OSk%2FYTp2b2lkIDA7aWYocGEmJm51bGwhPWEmJmEgaW5zdGFuY2VvZiBVaW50OEFycmF5KXtpZihxYSl7Zm9yKHZhciBiPVwiXCIsYz0wLGQ9YS5sZW5ndGgtMTAyNDA7YzxkOyliKz1TdHJpbmcuZnJvbUNoYXJDb2RlLmFwcGx5KG51bGwsYS5zdWJhcnJheShjLGMrPTEwMjQwKSk7Yis9U3RyaW5nLmZyb21DaGFyQ29kZS5hcHBseShudWxsLGM%2FYS5zdWJhcnJheShjKTphKTthPWJ0b2EoYil9ZWxzZXt2b2lkIDA9PT1iJiYoYj0wKTtpZighRCl7RD17fTtjPVwiQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVphYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ejAxMjM0NTY3ODlcIi5zcGxpdChcIlwiKTtkPSBbXCIrLz1cIixcIisvXCIsXCItXz1cIixcIi1fLlwiLFwiLV9cIl07Zm9yKHZhciBlPTA7NT5lO2UrKyl7dmFyIGY9Yy5jb25jYXQoZFtlXS5zcGxpdChcIlwiKSk7b2FbZV09Zjtmb3IodmFyIGg9MDtoPGYubGVuZ3RoO2grKyl7dmFyIGc9ZltoXTt2b2lkIDA9PT1EW2ddJiYoRFtnXT1oKX19fWI9b2FbYl07Yz1BcnJheShNYXRoLmZsb29yKGEubGVuZ3RoLzMpKTtkPWJbNjRdfHxcIlwiO2ZvcihlPWY9MDtmPGEubGVuZ3RoLTI7Zis9Myl7dmFyIGs9YVtmXSxtPWFbZisxXTtnPWFbZisyXTtoPWJbaz4%2BMl07az1iWyhrJjMpPDw0fG0%2BPjRdO209YlsobSYxNSk8PDJ8Zz4%2BNl07Zz1iW2cmNjNdO2NbZSsrXT1oK2srbStnfWg9MDtnPWQ7c3dpdGNoKGEubGVuZ3RoLWYpe2Nhc2UgMjpoPWFbZisxXSxnPWJbKGgmMTUpPDwyXXx8ZDtjYXNlIDE6YT1hW2ZdLGNbZV09YlthPj4yXStiWyhhJjMpPDw0fGg%2BPjRdK2crZH1hPWMuam9pbihcIlwiKX1yZXR1cm4gYX19fXJldHVybiBhfTtmdW5jdGlvbiBHYShhLGIsYyxkLGUsZil7aWYobnVsbCE9YSl7aWYoQXJyYXkuaXNBcnJheShhKSlhPWUmJjA9PWEubGVuZ3RoJiZGKGEpJjE%2Fdm9pZCAwOmYmJkYoYSkmMj9hOkhhKGEsYixjLHZvaWQgMCE9PWQsZSxmKTtlbHNlIGlmKEooYSkpe3ZhciBoPXt9LGc7Zm9yKGcgaW4gYSloW2ddPUdhKGFbZ10sYixjLGQsZSxmKTthPWh9ZWxzZSBhPWIoYSxkKTtyZXR1cm4gYX19ZnVuY3Rpb24gSGEoYSxiLGMsZCxlLGYpe3ZhciBoPWR8fGM%2FRihhKTowO2Q9ZD8hIShoJjMyKTp2b2lkIDA7YT1BcnJheS5wcm90b3R5cGUuc2xpY2UuY2FsbChhKTtmb3IodmFyIGc9MDtnPGEubGVuZ3RoO2crKylhW2ddPUdhKGFbZ10sYixjLGQsZSxmKTtjJiZjKGgsYSk7cmV0dXJuIGF9ZnVuY3Rpb24gSWEoYSl7cmV0dXJuIGEubz09PXdhP2EudG9KU09OKCk6RmEoYSl9O2Z1bmN0aW9uIE8oYSxiLGMpe2E9YS5oO3ZhciBkPUgoYSk7aWYoZCYyKXRocm93IEVycm9yKCk7YTp7dmFyIGU9SShkKTtpZihiPj1lKXt2YXIgZj1kO2lmKGQmMjU2KXZhciBoPWFbYS5sZW5ndGgtMV07ZWxzZXtpZihudWxsPT1jKWJyZWFrIGE7aD1hW2UrKCshIShkJjUxMiktMSldPXt9O2Z8PTI1Nn1oW2JdPWM7YjxlJiYoYVtiKygrISEoZCY1MTIpLTEpXT12b2lkIDApO2YhPT1kJiZHKGEsZil9ZWxzZSBhW2IrKCshIShkJjUxMiktMSldPWMsZCYyNTYmJihjPWFbYS5sZW5ndGgtMV0sYiBpbiBjJiZkZWxldGUgY1tiXSl9fWZ1bmN0aW9uIFAoYSxiLGMpe2lmKG51bGwhPWMmJlwic3RyaW5nXCIhPT10eXBlb2YgYyl0aHJvdyBFcnJvcigpO08oYSxiLGMpfTtmdW5jdGlvbiBRKGEsYixjKXt0aGlzLmg9TihhLGIsYyl9US5wcm90b3R5cGUudG9KU09OPWZ1bmN0aW9uKCl7aWYoSyl2YXIgYT1SKHRoaXMsdGhpcy5oLCExKTtlbHNlIGE9SGEodGhpcy5oLElhLHZvaWQgMCx2b2lkIDAsITEsITEpLGE9Uih0aGlzLGEsITApO3JldHVybiBhfTtmdW5jdGlvbiBTKGEpe0s9ITA7dHJ5e3JldHVybiBKU09OLnN0cmluZ2lmeShhLnRvSlNPTigpLEVhKX1maW5hbGx5e0s9ITF9fVEucHJvdG90eXBlLm89d2E7US5wcm90b3R5cGUudG9TdHJpbmc9ZnVuY3Rpb24oKXtyZXR1cm4gUih0aGlzLHRoaXMuaCwhMSkudG9TdHJpbmcoKX07IGZ1bmN0aW9uIFIoYSxiLGMpe3ZhciBkPWEuY29uc3RydWN0b3IudixlPUgoYz9hLmg6YiksZj1JKGUpLGg9ITE7aWYoZCYmemEpe2lmKCFjKXtiPUFycmF5LnByb3RvdHlwZS5zbGljZS5jYWxsKGIpO3ZhciBnO2lmKGIubGVuZ3RoJiZKKGc9YltiLmxlbmd0aC0xXSkpZm9yKGg9MDtoPGQubGVuZ3RoO2grKylpZihkW2hdPj1mKXtPYmplY3QuYXNzaWduKGJbYi5sZW5ndGgtMV09e30sZyk7YnJlYWt9aD0hMH1mPWI7Yz0hYztnPUgoYS5oKTthPUkoZyk7Zz0rISEoZyY1MTIpLTE7Zm9yKHZhciBrLG0sbD0wO2w8ZC5sZW5ndGg7bCsrKWlmKG09ZFtsXSxtPGEpe20rPWc7dmFyIG49ZlttXTtudWxsPT1uP2ZbbV09Yz9NOnZhKCk6YyYmbiE9PU0mJnVhKG4pfWVsc2Uga3x8KG49dm9pZCAwLGYubGVuZ3RoJiZKKG49ZltmLmxlbmd0aC0xXSk%2Faz1uOmYucHVzaChrPXt9KSksbj1rW21dLG51bGw9PWtbbV0%2Fa1ttXT1jP006dmEoKTpjJiZuIT09TSYmdWEobil9az1iLmxlbmd0aDtpZighaylyZXR1cm4gYjsgdmFyIHY7aWYoSihmPWJbay0xXSkpe2E6e3ZhciBxPWY7Yz17fTthPSExO2Zvcih2YXIgeCBpbiBxKXtnPXFbeF07aWYoQXJyYXkuaXNBcnJheShnKSl7bD1nO2lmKCFzYSYmTChnLGQsK3gpfHwhcmEmJnlhKGcpJiYwPT09Zy5zaXplKWc9bnVsbDtnIT1sJiYoYT0hMCl9bnVsbCE9Zz9jW3hdPWc6YT0hMH1pZihhKXtmb3IodmFyIFdhIGluIGMpe3E9YzticmVhayBhfXE9bnVsbH19cSE9ZiYmKHY9ITApO2stLX1mb3IoZT0rISEoZSY1MTIpLTE7MDxrO2stLSl7eD1rLTE7Zj1iW3hdO2lmKCEobnVsbD09Znx8IXNhJiZMKGYsZCx4LWUpfHwhcmEmJnlhKGYpJiYwPT09Zi5zaXplKSlicmVhazt2YXIgVWE9ITB9aWYoIXYmJiFVYSlyZXR1cm4gYjt2YXIgWDtoP1g9YjpYPUFycmF5LnByb3RvdHlwZS5zbGljZS5jYWxsKGIsMCxrKTtiPVg7aCYmKGIubGVuZ3RoPWspO3EmJmIucHVzaChxKTtyZXR1cm4gYn07ZnVuY3Rpb24gSmEoYSl7dGhpcy5oPU4oYSl9aWEoSmEsUSk7ZnVuY3Rpb24gS2EoYSl7dGhpcy5oPU4oYSl9aWEoS2EsUSk7ZnVuY3Rpb24gTGEoKXt2YXIgYT11O3JldHVybiBhPXZvaWQgMD09PWE%2Fd2luZG93OmF9Oy8qICBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMCAqLyB2YXIgTWE9L14oPyFqYXZhc2NyaXB0OikoPzpbYS16MC05Ky4tXSs6fFteJjpcXC8%2FI10qKD86W1xcLz8jXXwkKSkvaTt2YXIgVDtmdW5jdGlvbiBOYShhLGIsYyxkKXt2YXIgZT0vXihodHRwcz86W146P10rWy9dcGNzWy9dY2xpY2tbXi9dKz8pKD86Jm54W14mXSsmbnlbXiZdKyZkaW1bXiZdKyk%2FKCZhZHVybD0uKikvLmV4ZWMoYSk7cmV0dXJuIGU%2FZVsxXSsoXCImbng9XCIrYitcIiZueT1cIitjK1wiJmRpbT1cIitkKStlWzJdOmF9ZnVuY3Rpb24gT2EoYSl7dmFyIGI9YS5jdXJyZW50VGFyZ2V0LGM9Yi5xdWVyeVNlbGVjdG9yKFwiaW1nW2FsdF1cIik7YyYmKGE9VShhLGMub2Zmc2V0TGVmdCxjLm9mZnNldFRvcCxjLndpZHRoLGMuaGVpZ2h0KSxhPU5hKGIuaHJlZixhLmosYS5sLGEuaSksTWEudGVzdChhKSYmKGIuaHJlZj1hKSl9ZnVuY3Rpb24gUGEoYSxiKXt2YXIgYyxkO251bGw9PShjPUxhKCkpfHxudWxsPT0oZD1jLmZlbmNlKXx8ZC5zZXRSZXBvcnRFdmVudERhdGFGb3JBdXRvbWF0aWNCZWFjb25zKHtldmVudFR5cGU6YSxldmVudERhdGE6YixkZXN0aW5hdGlvbjpbXCJidXllclwiXSxvbmNlOiEwfSl9IGZ1bmN0aW9uIFFhKGEsYil7dmFyIGM9TGEoKTtpZihcImJ1eWVyXCI9PWIpe3ZhciBkO251bGw9PWN8fG51bGw9PShkPWMuZmVuY2UpfHxkLnJlcG9ydEV2ZW50KHtldmVudFR5cGU6XCJjbGlja1wiLGV2ZW50RGF0YTphLGRlc3RpbmF0aW9uOltcImJ1eWVyXCJdfSl9ZWxzZSBpZihcImNvbXBvbmVudC1zZWxsZXJcIj09Yil7dmFyIGU7bnVsbD09Y3x8bnVsbD09KGU9Yy5mZW5jZSl8fGUucmVwb3J0RXZlbnQoe2V2ZW50VHlwZTpcImNsaWNrXCIsZGVzdGluYXRpb246W1wiY29tcG9uZW50LXNlbGxlclwiXX0pfX1mdW5jdGlvbiBWKGEpe3ZhciBiPW5ldyBLYTtQKGIsMSxhKTthPVMoVCk7UChiLDQsYSk7UChiLDEwLERhdGUubm93KCkudG9TdHJpbmcoKSk7UGEoXCJyZXNlcnZlZC50b3BfbmF2aWdhdGlvblwiLFMoYikpO1BhKFwicmVzZXJ2ZWQudG9wX25hdmlnYXRpb25fc3RhcnRcIixTKGIpKTtRYShTKGIpLFwiYnV5ZXJcIik7UWEobnVsbCxcImNvbXBvbmVudC1zZWxsZXJcIil9IGZ1bmN0aW9uIFUoYSxiLGMsZCxlKXtyZXR1cm57ajorTWF0aC5yb3VuZChhLmNsaWVudFgtYiksbDorTWF0aC5yb3VuZChhLmNsaWVudFktYyksaTorZCtcInhcIisgK2UsbTp2b2lkIDB9fWZ1bmN0aW9uIFJhKGEsYil7dm9pZCAwIT11LkFGTUFfQ29tbXVuaWNhdG9yJiZ2b2lkIDAhPXUuQUZNQV9Db21tdW5pY2F0b3Iuc2VuZE1lc3NhZ2UmJihhLnByZXZlbnREZWZhdWx0KCksdS5BRk1BX0NvbW11bmljYXRvci5zZW5kTWVzc2FnZShcIm9wZW5cIix7YTpcImFwcFwiLHU6YS5jdXJyZW50VGFyZ2V0LmhyZWYsc3lzdGVtX2Jyb3dzZXI6ITAsdXNlX2ZpcnN0X3BhY2thZ2U6ITAsdXNlX3J1bm5pbmdfcHJvY2VzczohMCx1c2VfY3VzdG9tX3RhYnM6Yn0pKX07dmFyIFcsWT1kb2N1bWVudC5jdXJyZW50U2NyaXB0O1c9KFk9dm9pZCAwPT09WT9udWxsOlkpJiZcIjc0XCI9PT1ZLmdldEF0dHJpYnV0ZShcImRhdGEtamNcIik%2FWTpkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCdbZGF0YS1qYz1cIjc0XCJdJyk7aWYobnVsbD09Vyl0aHJvdyBFcnJvcihcIkpTQyBub3QgZm91bmQgNzRcIik7Zm9yKHZhciBTYT17fSxUYT1XLmF0dHJpYnV0ZXMsWj1UYS5sZW5ndGgtMTswPD1aO1otLSl7dmFyIFZhPVRhW1pdLm5hbWU7MD09PVZhLmluZGV4T2YoXCJkYXRhLWpjcC1cIikmJihTYVtWYS5zdWJzdHJpbmcoOSldPVRhW1pdLnZhbHVlKX0gKGZ1bmN0aW9uKGEpe3ZhciBiPWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKGFbXCJhLWlkXCJdKSxjPVwidHJ1ZVwiPT09YVtcImZvci1zdXJlLW9wZW4tYnJvd3NlclwiXSxkPVwidHJ1ZVwiPT09YVtcImZvci1zdXJlLW9wZW4tY3VzdG9tLXRhYnNcIl0sZT1hW1wiY2Mtb3ZlcmxheVwiXSxmPWFbXCJjYy1idXR0b25cIl0saD1lP2RvY3VtZW50LmdldEVsZW1lbnRCeUlkKGUpOm51bGwsZz1mP2RvY3VtZW50LmdldEVsZW1lbnRCeUlkKGYpOm51bGw7ZT1cInRydWVcIj09PWFbXCJpcy1mbGVkZ2VcIl07Zj1oJiZnO1Q9bmV3IEphO2lmKGUpe3ZhciBrPWY%2FaDpiLnF1ZXJ5U2VsZWN0b3IoXCJpbWdbYWx0XVwiKTsoZj9oOmIpLmFkZEV2ZW50TGlzdGVuZXIoXCJtb3VzZWRvd25cIixmdW5jdGlvbihsKXt2YXIgbj1VKGwsay5vZmZzZXRMZWZ0LGsub2Zmc2V0VG9wLGsuY2xpZW50&i=7-13&t=adltag_lr991qpl_4QUKRmqYqWg&r=656a82a1bdf95b3a7aa6d5417ca6000&c=saambaa-deseret&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
M.ok5eJYPe37d_ptPM7ewObNs3KwVG7K
date
Thu, 11 Jan 2024 11:44:52 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
23820
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Wed, 02 Aug 2023 16:01:21 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
gZJAyxDDFObiT8po6bV5NNtyYaIs8ZLPZ8bI3ysZx8PzMF6H_uFr3g==
place
saambaa-deseret-tagan.adlightning.com/ Frame D655 		0
447 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://saambaa-deseret-tagan.adlightning.com/place?p=1&d=V2lkdGgsay5jbGllbnRIZWlnaHQpO2w9bi5qO3ZhciB2PW4ubCxxPW4uaTtuPW4ubTtsJiZPKFQsMixudWxsPT1sP2w6Q2EobCkpO3YmJk8oVCwgMyxudWxsPT12P3Y6Q2EodikpO3EmJlAoVCw3LHEpO24mJlAoVCw0LG4pfSk7dmFyIG09YVtcInR1cnRsZXgtZXZlbnQtYWQtc2lnbmFsc1wiXTtnPyhnLmFkZEV2ZW50TGlzdGVuZXIoXCJjbGlja1wiLGZ1bmN0aW9uKCl7VihtKX0pLGcuYWRkRXZlbnRMaXN0ZW5lcihcImF1eGNsaWNrXCIsZnVuY3Rpb24oKXtWKG0pfSkpOihiLmFkZEV2ZW50TGlzdGVuZXIoXCJjbGlja1wiLGZ1bmN0aW9uKCl7VihtKX0pLGIuYWRkRXZlbnRMaXN0ZW5lcihcImF1eGNsaWNrXCIsZnVuY3Rpb24oKXtWKG0pfSkpfWVsc2UgaWYoYi5hZGRFdmVudExpc3RlbmVyKFwibW91c2Vkb3duXCIsT2EpLGYmJmguYWRkRXZlbnRMaXN0ZW5lcihcIm1vdXNlZG93blwiLGZ1bmN0aW9uKGwpe2w9VShsLGgub2Zmc2V0TGVmdCxoLm9mZnNldFRvcCxoLmNsaWVudFdpZHRoLGguY2xpZW50SGVpZ2h0KTtsPU5hKGcuaHJlZixsLmosbC5sLGwuaSk7TWEudGVzdChsKSYmKGcuaHJlZj1sKX0pLGN8fGQpYi5hZGRFdmVudExpc3RlbmVyKFwiY2xpY2tcIiwgZnVuY3Rpb24obCl7UmEobCxkKX0pLGcmJmcuYWRkRXZlbnRMaXN0ZW5lcihcImNsaWNrXCIsZnVuY3Rpb24obCl7UmEobCxkKX0pfSkoU2EpO30pLmNhbGwodGhpcyk7PC9zY3JpcHQ%2BPC9kaXY%2BPHN0eWxlPmRpdnttYXJnaW46MDtwYWRkaW5nOjA7fS5hYmdjcHtoZWlnaHQ6MTVweDtwYWRkaW5nLXJpZ2h0OjFweDtwYWRkaW5nLXRvcDoxcHg7cGFkZGluZy1sZWZ0OjlweDtwYWRkaW5nLWJvdHRvbToxM3B4O3JpZ2h0OjBweDt0b3A6MHB4O3Bvc2l0aW9uOmFic29sdXRlO3dpZHRoOjMxcHg7ei1pbmRleDoyMTQ3NDgzNjQ2O30uYWJnY3tkaXNwbGF5OmJsb2NrO2hlaWdodDoxNXB4O3Bvc2l0aW9uOmFic29sdXRlO3JpZ2h0OjFweDt0b3A6MXB4O3RleHQtcmVuZGVyaW5nOmdlb21ldHJpY1ByZWNpc2lvbjt6LWluZGV4OjIxNDc0ODM2NDY7fS5hYmdie2Rpc3BsYXk6aW5saW5lLWJsb2NrO2hlaWdodDoxNXB4O30uYWJnYywuYWJnY3AsLmphciAuYWJnYywuamFyIC5hYmdjcCwuamFyIC5jYmJ7b3BhY2l0eToxO30uYWJnY3tjdXJzb3I6cG9pbnRlcjt9LmNiYntjdXJzb3I6cG9pbnRlcjtoZWlnaHQ6MTVweDt3aWR0aDoxNXB4O3otaW5kZXg6MjE0NzQ4MzY0NjtiYWNrZ3JvdW5kLWNvbG9yOiNmZmZmZmY7b3BhY2l0eTowO30uY2JiIHN2Z3twb3NpdGlvbjphYnNvbHV0ZTt0b3A6MDtyaWdodDowO2hlaWdodDoxNXB4O3dpZHRoOjE1cHg7c3Ryb2tlOiMwMGFlY2Q7ZmlsbDojMDBhZWNkO3N0cm9rZS13aWR0aDoxLjI1O30uYWJnYntwb3NpdGlvbjphYnNvbHV0ZTtyaWdodDoxNnB4O3RvcDowcHg7fS5jYmJ7cG9zaXRpb246YWJzb2x1dGU7cmlnaHQ6MHB4O3RvcDowcHg7fS5hYmdze2Rpc3BsYXk6bm9uZTtoZWlnaHQ6MTAwJTt9LmFiZ2x7dGV4dC1kZWNvcmF0aW9uOm5vbmU7fS5hYmdzIHN2ZywuYWJnYiBzdmd7ZGlzcGxheTppbmxpbmUtYmxvY2s7aGVpZ2h0OjE1cHg7d2lkdGg6YXV0bzt2ZXJ0aWNhbC1hbGlnbjp0b3A7fS5hYmdjIC5pbC13cmFwe2JhY2tncm91bmQtY29sb3I6I2ZmZmZmZjtoZWlnaHQ6MTVweDt3aGl0ZS1zcGFjZTpub3dyYXA7fS5hYmdjIC5pbC13cmFwLmV4cHtib3JkZXItYm90dG9tLWxlZnQtcmFkaXVzOjVweDt9LmFiZ2MgLmlsLXRleHQsLmFiZ2MgLmlsLWljb257ZGlzcGxheTppbmxpbmUtYmxvY2s7fS5hYmdjIC5pbC10ZXh0e3BhZGRpbmctcmlnaHQ6MXB4O3BhZGRpbmctbGVmdDo1cHg7aGVpZ2h0OjE1cHg7d2lkdGg6NTVweDt9LmFiZ2MgLmlsLWljb257aGVpZ2h0OjE1cHg7d2lkdGg6MTVweDt9LmFiZ2MgLmlsLXRleHQgc3Zne2ZpbGw6IzAwMDAwMDt9LmFiZ2MgLmlsLWljb24gc3Zne2ZpbGw6IzAwYWVjZH08L3N0eWxlPjxkaXYgaWQ9XCJhYmdjcFwiIGNsYXNzPVwiYWJnY3BcIj48ZGl2IGlkPVwiYWJnY1wiIGNsYXNzPVwiYWJnY1wiIGRpcj1cImx0clwiPjxkaXYgaWQ9XCJhYmdiXCIgY2xhc3M9XCJhYmdiXCI%2BPGRpdiBjbGFzcz1cImlsLXdyYXBcIj48ZGl2IGNsYXNzPVwiaWwtaWNvblwiPjxzdmcgeG1sbnM9XCJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2Z1wiIHhtbG5zOnhsaW5rPVwiaHR0cDovL3d3dy53My5vcmcvMTk5OS94bGlua1wiIHZpZXdCb3g9XCIwIDAgMTUgMTVcIj48Y2lyY2xlIGN4PVwiNlwiIGN5PVwiNlwiIHI9XCIwLjY3XCI%2BPC9jaXJjbGU%2BPHBhdGggZD1cIk00LjIsMTEuM1EzLjMsMTEuOCwzLjMsMTAuNzVMMy4zLDQuMVEzLjMsMy4xLDQuMywzLjVMMTAuNCw3LjBRMTIuMCw3LjUsMTAuNCw4LjBMNi42NSwxMC4wTDYuNjUsNy43NWEwLjY1LDAuNjUsMCwxLDAsLTEuMywwTDUuMzUsMTAuNzVhMC45LDAuOSwwLDAsMCwxLjMsMC44TDEyLjcsOC4yUTEzLjcsNy41LDEyLjcsNi43TDMuMywxLjZRMi4yLDEuMywxLjgsMi41TDEuOCwxMi41UTIuMiwxMy45LDMuMywxMy4zTDQuOCwxMi41QTAuMywwLjMsMCwxLDAsNC4yLDExLjNaXCI%2BPC9wYXRoPjwvc3ZnPjwvZGl2PjwvZGl2PjwvZGl2PjxkaXYgaWQ9XCJhYmdzXCIgY2xhc3M9XCJhYmdzXCI%2BPGEgaWQ9XCJhYmdsXCIgY2xhc3M9XCJhYmdsXCIgaHJlZj1cImh0dHBzOi8vYWRzc2V0dGluZ3MuZ29vZ2xlLmNvbS93aHl0aGlzYWQ%2Fc291cmNlPWRpc3BsYXkmYW1wO3JlYXNvbnM9QVd5amJCN2FJUDU4UlBiY0t4SEgyTHAtWkZtaFotSzFiWjQ4TjhUU1RMOEhxVkM5SU5DMElIYlAwNlRVT0ZIbGM1UDNrc3BRZnRqSzVMNEM2U29ITEdkOF9aMGpYZWx1bFpTdkM5ajlUdEtaMEl4blduVUdXRm04QVBiZTJPSmlEYURMUlpaTmtlcUVOWnpaazNSWV93cGhzQmRpZ1ZGeWU5cHZqcjRPd0NtemZWR0VXWllianRFcGhjOVEzWlVwOFhFNDc5S0tHTXFHc3psY2dfZVVjMlhXUTU0TlVfcng4blFob3lCM1lBZ0FTd1lWM0NTamVFTWMyOFdCc0FDX2ZxU2w5WEpIQjZMbzR1OEtqTmxTaFZRRjNSX29lRjZrYmlHRkNPVnlORy1hVEhxVHhXUzhoQzZFU3lrWUtRTFVrNUxrc1ZweC1qdkUxWG9ROEFvblMwVHZ4RHYzR3J4aEJmVEE0ZzliTHQyWlJTRVVxbmN1aTFVUHJyUXUtRzRKZDV0Zi0tZnB0NVlqamtneHdYWXFZcWtFSW9Vbl9hUzNYTlVPYkx3Y2lfa092WG9CMDJob3prMjRkbXNrVm9JTkVmZzRtRHpkajQzMkJCa1J4Ml96cmZpckJpb1BpZWJIN05QeU5kOHdEX0J0ak1PS2tFdGpycHhiMjlDa0Z5bzlaMFJ3R3lUcU50aHZpRGVvOG80UW1ZYUZ5dVBEU0REaHU2czNTeDBfM1NXeEVYaGFsenI2dmhpb3djN2wyeHhIRlEwVUQzMFZYRzB5X2FCNnBubHNrV3NOWFFYcGhURmZlMFJkV2g5NE95dU1oODBLbC1XQmRENVpmSUhMRmUxZE40RmNUZWhPdE9TVHF6YnMyaVVyTUJfWVBlUnczU1ZhZURuTUFyRVlMTEFGYzFWb3FwX1h3aFFlTXQxUDJ0cnRmMG13andzOVNOV2pOeGdsTXhXeWtmNmpJQWJ1TFY4YzU3WFNodnRVbnRsTWwyY1hfMUdkNFZvSmlKbnV4am1IcENFbTNXMUFucTJxNjZnR1J3M25BS2JMTDhBcmprcGE0R1FuX2VhZGdQaFh5TFliYktQNEpVeDFCSHNhbHdkY2FzNm1sdzktM1JSQlBMMmhDQkF2ZnRXNkN1dHFqVi1QMG91TGEtVDJrRHQ5eEVOYW1EUzlOZG9oQ2dLLVkxY21EUTFDNExETi1nTGdhTEkwQUcwRXZpVkRUaE5mVHZ5eHF2UGdzUVctQjlqMUhYTDBSVHlfMzBxQUJ5YUw5ZHNfNkJJcU1pc3ZSdU1EM0RYdzhrN1lOVF9WRUxmS3ZVTElSTEpfamFvTVlWbF94UEUwVk5DRnBXTTMxTFFOQmZvSTNYQnVxY1pzdDRWUlFhQUhPQVRtTzZKRHNGcjJ5VV9qWEk2LU5uelc4SlZxNXdWTHdnaTkxeUZyNFdCaEdTSXhBck5LTVJ3Tk1ORmd5X3lDcG5XZ01vdk9SYXNiVExKUHgtZmVGbzczWDRZbWFvQWFPVW1WS0Y0Q0ZvOUotaEpEUW1ORGx5c2FxWDZfeThYUUZQYy0tMkwtcHVCRTNyV3EyYUdUQ1ZrQ2pYZnFEOXVSbGdRaThEN0c5U2hraTFsSVZlY2JjMlpTZl9OaV9tc0lpa3NUNDlkSGoxS3F4YUxCRThQTTJvQkIzVmYtal9aMEp2c2hZZlNCekF0M0t4N2xjam9aZ2tXNFl3ZVRORVljUS02MWZ2MWZPbTNRTUhUa05FZTBIY2tybC0yZnBCLVRvM25ZaGV1ekR4ZHQ2RGNlTjFyWXBiQkJ1c0diUnpKd25qUVdwRDEtYnZFM2ZHcThuSG9IYUFDcERTWDZaRFRuTVhWXzhhZ2FwY3Z3Tmp3VkRKYjFERmljQmhudDdCbXB6TDV0bFlNM3pQQlF5TTRGVDFuSzM1RmFTang3RWxVckxnMHoydTRlaU9ZWVFsSDFodElRVS1BaTU1aTY1VVVQWGtsV3VSQy0xeF95dnU5bUdqQWVJeFNxVGhCN1U3X2NZTS01d2d1RmdRTDQyTHA0UmhncEtwNTBDZ3pXSEVIVk5OUGd3R1U3QTNPZGxscXd5b19FbHNIQXNMZGY5YXRuQlh6NGJMLU1TMkNucTh6c2l1VWJUTFNsYVYzNzhNeGJQdzBneGFxRlhnd1k3QVNoMUNtZnJnRlVkYWZnUHFpejlhSUVvbVZVNjVjOGdjWE9KZDNjazVSVWhxOUkzRGU0VFdNc1NEclhkT2NyV3lweW5FNlZCSXhiVjcwYl9KcjA3Uno1NHNVN0ZkcFJKR19EdlBjQ1BNNVNjYm9ad2VZcmhtRWp3ZWNZXzFSTWtydENRbGdHWm0waUR2ZUZIMW5HMGNIVFFINXF1MnJiSmpJdnpNWHphRVJrOTVjbnFYMjB5OWVYWkl5M2ZXNnV0dzNFWlY2cGJjYjg4TUc2V3BCM1VPMGZNLS1zb2l0QnJUU2E3UFo4QUpwVURuSnF1NWx3WTd2UW1DM3JhU3BoX0V0TFhiaHhGMjlkRGpNNkFWRm02QUdjWnFHMFp4UHpNcnQ5eGdvT0YxMUVyOUhYYlI4ZW1sVUd0aTFmUGJlaW13XCIgdGFyZ2V0PVwiX2JsYW5rXCI%2BPC9hPjwvZGl2PjxkaXYgaWQ9XCJjYmJcIiBjbGFzcz1cImNiYlwiIHRhYmluZGV4PVwiMFwiIHJvbGU9XCJidXR0b25cIj48c3ZnIHhtbG5zPVwiaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmdcIiB4bWxuczp4bGluaz1cImh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmtcIiB2aWV3Qm94PVwiMCAwIDE1IDE1XCI%2BPHBhdGggZD1cIk0zLjI1LDMuMjVsOC41LDguNU0xMS43NSwzLjI1bC04LjUsOC41XCI%2BPC9wYXRoPjwvc3ZnPjwvZGl2PjwvZGl2PjwvZGl2PjxzdHlsZT4ubXV0ZV9wYW5lbHt6LWluZGV4OjIxNDc0ODM2NDY7fS5hYmdhY3twb3NpdGlvbjphYnNvbHV0ZTtsZWZ0OjBweDt0b3A6MHB4O3otaW5kZXg6MjE0NzQ4MzY0NjtkaXNwbGF5Om5vbmU7d2lkdGg6MTAwJTtoZWlnaHQ6MTAwJTtiYWNrZ3JvdW5kLWNvbG9yOiNGQUZBRkE7fS5tbHNje2hlaWdodDoxMDAlO2Rpc3BsYXk6ZmxleDtqdXN0aWZ5LWNvbnRlbnQ6Y2VudGVyO2FsaWduLWl0ZW1zOmNlbnRlcjt9Lm1sc3thbmltYXRpb246bWxza2YgMnMgbGluZWFyIGluZmluaXRlO2hlaWdodDo1MCU7d2lkdGg6NTAlO30ubWxzZHtzdHJva2UtZGFzaGFycmF5OjEsMTg5O3N0cm9rZS1kYXNob2Zmc2V0OjA7YW5pbWF0aW9uOm1sc2RrZiAxLjRzIGVhc2UtaW4tb3V0IGluZmluaXRlO31Aa2V5ZnJhbWVzIG1sc2tmezEwMCV7dHJhbnNmb3JtOnJvdGF0ZSgzNjBkZWcpO319QGtleWZyYW1lcyBtbHNka2Z7MCV7c3Ryb2tlLWRhc2hhcnJheToxLDE4OTtzdHJva2UtZGFzaG9mZnNldDowO301MCV7c3Ryb2tlLWRhc2hhcnJheToxMzQsMTg5O3N0cm9rZS1kYXNob2Zmc2V0Oi01M3B4O30xMDAle3N0cm9rZS1kYXNoYXJyYXk6MTM0LDE4OTtzdHJva2UtZGFzaG9mZnNldDotMTg4cHg7fX08L3N0eWxlPjxkaXYgaWQ9XCJtdXRlX3BhbmVsXCIgY2xhc3M9XCJtdXRlX3BhbmVsXCIgYXJpYS1oaWRkZW49XCJ0cnVlXCI%2BPGRpdiBpZD1cImFiZ2FjXCIgY2xhc3M9XCJhYmdhY1wiIGFyaWEtaGlkZGVuPVwidHJ1ZVwiPjxkaXYgaWQ9XCJtbHNjXCIgY2xhc3M9XCJtbHNjXCI%2BPHN2ZyBjbGFzcz1cIm1sc1wiIHZpZXdCb3g9XCI1MCA1MCAxMDAgMTAwXCI%2BPGNpcmNsZSBjbGFzcz1cIm1sc2RcIiBjeD1cIjEwMFwiIGN5PVwiMTAwXCIgcj1cIjMwXCIgZmlsbD1cIm5vbmVcIiBzdHJva2U9XCIjOUU5RTlFXCIgc3Ryb2tlLXdpZHRoPVwiM1wiPjwvY2lyY2xlPjwvc3ZnPjwvZGl2PjwvZGl2PjwvZGl2PjxzY3JpcHQgZGF0YS1qYz1cIjYwXCIgc3JjPVwiaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvanMvcjIwMjQw&i=8-13&t=adltag_lr991qpl_4QUKRmqYqWg&r=656a82a1bdf95b3a7aa6d5417ca6000&c=saambaa-deseret&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
M.ok5eJYPe37d_ptPM7ewObNs3KwVG7K
date
Thu, 11 Jan 2024 11:44:52 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
23820
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Wed, 02 Aug 2023 16:01:21 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
SgYo5HZvHFvkRudiYGzvQHHOyOhqfbUUdSAh78uKCGxQI18p30Q9ug==
place
saambaa-deseret-tagan.adlightning.com/ Frame D655 		0
447 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://saambaa-deseret-tagan.adlightning.com/place?p=1&d=MTA4L3IyMDExMDkxNC9hYmdfbGl0ZS5qc1wiIGFzeW5jPVwiXCIgZGF0YS1qYy12ZXJzaW9uPVwicjIwMjQwMTA4XCIgZGF0YS1qY3AtYXR0cmlidXRpb24tZGF0YT1cIltbbnVsbCwmcXVvdDtodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvaW1hZ2VzL210YWQveF9ibHVlLnBuZyZxdW90OyxudWxsLCZxdW90O2h0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9pbWFnZXMvbXRhZC94X2JsdWUucG5nJnF1b3Q7LCZxdW90O2h0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9pbnRlcmFjdGlvbi8%2FYWk9Q2xwYTctdTJmWlpqdUM4MlE3X1VQMHI2YmtBbUI5WmVuZGJySHZQM0pFYWlUekxiZUNSQUJJTmpXLTU4QllKV0NnSUN3QjZBQmxhbnlxd0xJQVFtcEFzdm5JS3VyYmJJLXFBTUJ5QU9iQktvRXJ3SlAwR2hnYVdoSnh3aU0xQU8xMGpRRjJMTERtNWh1U2s5eDU1aGxZQ0JuLUZFaG01Mkc1SEN4STlXVjZEcDdoY1pqVWw4dlpaT0EweTBNWU9RQW1aZkNSSEd4NHBOcjFFcG9wTFRtMjgydVJJR0xReExoeWp0SkVJV1NEQzNiZEJqUi1xX2w3TExEbFBZQ2ZVYVdvU2NpNlR0ME9Ib3oyQU96NnZsUjZSdlQtVkpqRzJyVlJ0aTBGR081dTlWQUFRZ2NnaXNXUjBuaXpuS3BVYjdYNFFTejRIZjhpV29DMEl1T280Wl8zVUUySzJmREtxRng1RGk1UldWQzIydFhPb05BSkdqMW9CZzNvTVM2SE5veGI5ZnlOMU9aV3JCUUI5MHN3UHpQWWIwYkZxaVpIcWJ3bVpxTE1vLWxQZmVsZ1RwSlRLZnBuVE4tclhiSXNGQ2ZfV3BqNndZS1hTdTkxZlhiQTlWdkk0anhRbHlldk05ZEpueW9EQkdXV0ZYOVRGMllpNEl3VVd2dFhLUUhGaDdJeHJYQUJQdWQ2WWZoQS1BRUE0Z0ZuS3ZjenplUUJnR2dCa3lBQjlQV2pkUUJxQWZadHJFQ3FBZU96aHVvQjVQWUc2Z0g3cGF4QXFnSF9wNnhBcWdIMWNrYnFBZW12aHVvQjVvR3FBZnowUnVvQjViWUc2Z0hxcHV4QXFnSGc2MnhBcWdIXzU2eEFxZ0gzNS14QXRnSEFOSUlId2lBNFlBUUVBRVlIVElDcWdJNkFvQkFTTDM5d1RwWWxhejZwN25WZ3dPQUNnT1lDd0hJQ3dHQURBR2lEQWdxQmdvRXJMcXhBcW9OQWtSRjRnMFRDSlhnLXFlNTFZTURGVTNJdXdnZFV0OEdrckFUek5TVEZzZ1Q4TlBMQ05BVEFOZ1RDb2dVQjlnVUFkQVZBZmdXQVlBWEFlZ1hCUVxcdTAwMjZzaWdoPWZjaVRENHh4UFRrXFx1MDAyNmNpZD1DQVFTT3dBdkhoZl9RMUlXVDJZeEttS2F1MVFBSkh1TGZfV21IWDBpS1NsU29RajBYLUxudEhPc1czSHJQLXY5N2ZEQm5TeG82ZVJfSE9kdDhvV3ZHQUUmcXVvdDssJnF1b3Q7eGFWb3JuQXI1R1VJdXNlOF9ja1JFSnlyM004M0dOR0Y0X01CSWhCb1pXeG1aVzR1ZFc1cFkyVm1MbVJsTWdjSUJSTVk5MDhVUWhkallTMXdkV0l0T0RZM05EZzROams1TkRneU9ESTRNRWdHV0FCd0FRJnF1b3Q7LFsmcXVvdDt1c2VyX2ZlZWRiYWNrX21lbnVfaW50ZXJhY3Rpb24mcXVvdDssJnF1b3Q7JnF1b3Q7LDBdLG51bGwsbnVsbCxudWxsLG51bGwsJnF1b3Q7V2hhdCB3YXMgd3Jvbmcgd2l0aCB0aGlzIGFkPyZxdW90OyxudWxsLCZxdW90O2h0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9pbWFnZXMvbXRhZC9iYWNrX2JsdWUucG5nJnF1b3Q7LCZxdW90O1RoYW5rcyBmb3IgdGhlIGZlZWRiYWNrISZxdW90OywmcXVvdDtXZeKAmWxsIHJldmlldyB0aGlzIGFkIHRvIGltcHJvdmUgdGhlIGV4cGVyaWVuY2UgaW4gdGhlIGZ1dHVyZS4mcXVvdDssJnF1b3Q7VGhhbmtzIGZvciB0aGUgZmVlZGJhY2shJnF1b3Q7LCZxdW90O1dl4oCZbGwgdXNlIHlvdXIgZmVlZGJhY2sgdG8gcmV2aWV3IGFkcyBvbiB0aGlzIHNpdGUuJnF1b3Q7LG51bGwsbnVsbCxudWxsLCZxdW90O0Nsb3NpbmcgYWQ6ICUxJGQmcXVvdDssJnF1b3Q7RGF0ZW5zY2h1dHppbmZvJnF1b3Q7LCZxdW90O2h0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9pbWFnZXMvbXRhZC9hZF9jaG9pY2VzX2JsdWUucG5nJnF1b3Q7LCZxdW90O2h0dHBzOi8vd3d3Lmdvb2dsZS5jb20vdXJsP2N0PWFiZ1xcdTAwMjZxPWh0dHBzOi8vd3d3Lmdvb2dsZS5jb20vYWRzZW5zZS9zdXBwb3J0L2Jpbi9yZXF1ZXN0LnB5JTNGY29udGFjdCUzRGFiZ19hZmMlMjZ1cmwlM0RodHRwczovL3d3dy5kZXNlcmV0LmNvbS8yMDI0LzEvMTAvMjQwMzM0OTQvanVkZ2UtcmV2b2tlcy1wZXJtaXNzaW9uLXRydW1wLWNsb3NpbmctYXJndW1lbnQtbnljLWNpdmlsLWZyYXVkLXRyaWFsJTI2Z2wlM0RERSUyNmhsJTNEZW4lMjZhaTAlM0RcXHUwMDI2dXNnPUFPdlZhdzJORGJ6SWxGU0hTMDNkSm1GcGxfS1MmcXVvdDssJnF1b3Q7aHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2ltYWdlcy9tdGFkL3hfYmx1ZS5wbmcmcXVvdDssMCxbWyZxdW90O1NlbmQgZmVlZGJhY2smcXVvdDssWyZxdW90O3VzZXJfZmVlZGJhY2tfbWVudV9vcHRpb24mcXVvdDssJnF1b3Q7MSZxdW90OywxXSxbJnF1b3Q7V2hhdCB3YXMgd3Jvbmcgd2l0aCB0aGlzIGFkPyZxdW90OyxbWyZxdW90O1NlZW4gdGhpcyBhZCBtdWx0aXBsZSB0aW1lcyZxdW90OyxbJnF1b3Q7bXV0ZV9zdXJ2ZXlfb3B0aW9uJnF1b3Q7LCZxdW90OzImcXVvdDssMV1dLFsmcXVvdDtBZCBjb3ZlcmVkIGNvbnRlbnQmcXVvdDssWyZxdW90O211dGVfc3VydmV5X29wdGlvbiZxdW90OywmcXVvdDszJnF1b3Q7LDFdXSxbJnF1b3Q7Tm90IGludGVyZXN0ZWQgaW4gdGhpcyBhZCZxdW90OyxbJnF1b3Q7bXV0ZV9zdXJ2ZXlfb3B0aW9uJnF1b3Q7LCZxdW90OzcmcXVvdDssMV1dLFsmcXVvdDtBZCB3YXMgaW5hcHByb3ByaWF0ZSZxdW90OyxbJnF1b3Q7bXV0ZV9zdXJ2ZXlfb3B0aW9uJnF1b3Q7LCZxdW90OzgmcXVvdDssMV1dXV0sWyZxdW90O3VzZXJfZmVlZGJhY2tfdW5kbyZxdW90OywmcXVvdDsxJnF1b3Q7LDFdXV0sWyZxdW90O2h0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9pbWFnZXMvYWRjaG9pY2VzL2ljb254Mi0wMDAwMDAucG5nJnF1b3Q7LCZxdW90O0FkQ2hvaWNlcyZxdW90OywmcXVvdDtBZCBjbG9zZWQgYnkgJTEkcyZxdW90OyxudWxsLCZxdW90O2h0dHBzOi8vd3d3LmdzdGF0aWMuY29tL2ltYWdlcy9icmFuZGluZy9nb29nbGVsb2dvLzJ4L2dvb2dsZWxvZ29fZGFya19jb2xvcl84NHgyOGRwLnBuZyZxdW90OywmcXVvdDtTZW5kIGZlZWRiYWNrJnF1b3Q7LCZxdW90O1RoYW5rcy4gRmVlZGJhY2sgaW1wcm92ZXMgR29vZ2xlIGFkcyZxdW90OyxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwmcXVvdDtTZWUgbXkgR29vZ2xlIGFkIHNldHRpbmdzJnF1b3Q7LG51bGwsJnF1b3Q7aHR0cHM6Ly93d3cuZ3N0YXRpYy5jb20mcXVvdDssJnF1b3Q7JnF1b3Q7LCZxdW90O0FkcyBieSAlMSRzJnF1b3Q7LCZxdW90O0FkIHNldHRpbmdzJnF1b3Q7LCZxdW90O2h0dHBzOi8vYWRzc2V0dGluZ3MuZ29vZ2xlLmNvbSZxdW90OyxudWxsLG51bGwsbnVsbCwwLG51bGwsbnVsbCxudWxsLDAsMF0sJnF1b3Q7QUIzYWZHRUFBQWF1VzF0YlcyNTFiR3dzV3pJd1hTeHVkV3hzTEc1MWJHd3NiblZzYkN4Yklqa3lOakF4SWwwc2JuVnNiQ3h1ZFd4c0xHNTFiR3dzYm5Wc2JDeHVkV3hzTEc1MWJHd3NiblZzYkN4dWRXeHNMRzUxYkd3c2JuVnNiQ3h1ZFd4c0xHNTFiR3dzYm5Wc2JDeHVkV3hzTEc1MWJHd3NiblZzYkN4dWRXeHNMRzUxYkd3c2JuVnNiQ3h1ZFd4c0xHNTFiR3dzYm5Wc2JDeHVkV3hzTEc1MWJHd3NiblZzYkN4dWRXeHNMRnRiSWtSbGRYUnpZMmhsY3lCTGIyMXBkR1ZsSUdiRHZISWdWVTVKUTBWR0lpd2lSRVVpTERFc2JuVnNiQ3d4WFN3aU5URXhNak13TmpjeklsMWRMRnR1ZFd4c0xDSm9kSFJ3Y3pvdkwyZHZiMmRzWldGa2N5NW5MbVJ2ZFdKc1pXTnNhV05yTG01bGRDOXdZV2RsWVdRdmFXNTBaWEpoWTNScGIyNHZQMkZwUFVOc2NHRTNMWFV5WmxwYWFuVkRPREpSTjE5VlVEQnlObUpyUVcxQ09WcGxibVJpY2toMlVETktSV0ZwVkhwTVltVkRVa0ZDU1U1cVZ5MDFPRUpaU2xkRFowbERkMEkyUVVKc1lXNTVjWGRNU1VGUmJYQkJjM1p1U1V0MWNtSmlTUzF4UVUxQ2VVRlBZa0pMYjBWeWQwcFFNRWRvWjJGWGFFcDRkMmxOTVVGUE1UQnFVVVl5VEV4RWJUVm9kVk5yT1hnMU5XaHNXVU5DYmkxR1JXaHROVEpITlVoRGVFazVWMVkyUkhBM2FHTmFhbFZzT0haYVdrOUJNSGt3VFZsUFVVRnRXbVpEVWtoSGVEUndUbkl4UlhCdmNFeFViVEk0TW5WU1NVZE1VWGhNYUhscWRFcEZTVmRUUkVNelltUkNhbEl0Y1Y5c04weE1SR3hRV1VObVZXRlhiMU5qYVRaVWREQlBTRzk2TWtGUGVqWjJiRkkyVW5aVUxWWktha2N5Y2xaU2RHa3dSa2RQTlhVNVZrRkJVV2RqWjJselYxSXdibWw2Ymt0d1ZXSTNXRFJSVTNvMFNHWTRhVmR2UXpCSmRVOXZORnBmTTFWRk1rc3laa1JMY1VaNE5VUnBOVkpYVmtNeU1uUllUMjlPUVVwSGFqRnZRbWN6YjAxVE5raE9iM2hpT1daNVRqRlBXbGR5UWxGQ09UQnpkMUI2VUZsaU1HSkdjV2xhU0hGaWQyMWFjVXhOYnkxc1VHWmxiR2RVY0VwVVMyWndibFJPTFhKWVlrbHpSa05tWDFkd2FqWjNXVXRZVTNVNU1XWllZa0U1Vm5aSk5HcDRVV3g1WlhaTk9XUktibmx2UkVKSFYxZEdXRGxVUmpKWmFUUkpkMVZYZG5SWVMxRklSbWczU1hoeVdFRkNVSFZrTmxsbWFFRXRRVVZCTkdkR2JrdDJZM3A2WlZGQ1owZG5RbXQ1UVVJNVVGZHFaRkZDY1VGbVduUnlSVU54UVdWUGVtaDFiMEkxVUZsSE5tZElOM0JoZUVGeFowaGZjRFo0UVhGblNERmphMkp4UVdWdGRtaDFiMEkxYjBkeFFXWjZNRkoxYjBJMVlsbEhObWRJY1hCMWVFRnhaMGhuTmpKNFFYRm5TRjgxTm5oQmNXZElNelV0ZUVGMFowaEJUa2xKU0hkcFFUUlpRVkZGUVVWWlNGUkpRM0ZuU1RaQmIwSkJVMHd6T1hkVWNGbHNZWG8yY0RkdVZtZDNUMEZEWjA5WlEzZElTVU4zUjBGRVFVZHBSRUZuY1VKbmIwVnlUSEY0UVhGdlRrRnJVa1kwWnpCVVEwcFlaeTF4WlRVeFdVMUVSbFV6U1hWM1oyUlZkRGhIYTNKQlZIcE9VMVJHYzJkVU9FNVFURU5PUVZSQlRtZFVRMjluVlVJNVoxVkJaRUZXUVdablYwRlpRVmhCWldkWVFsRmNkVEF3TWpaemFXZG9QV1pqYVZSRU5IaDRVRlJyWEhVd01ESTJZMmxrUFVOQlVWTlBkMEYyU0dobVgxRXhTVmRVTWxsNFMyMUxZWFV4VVVGS1NIVk1abDlYYlVoWU1HbExVMnhUYjFGcU1GZ3RURzUwU0U5elZ6TkljbEF0ZGprM1prUkNibE40YnpabFVsOUlUMlIwT0c5WGRrZEJSU0lzVzI1MWJHd3NiblZzYkN4dWRXeHNMQ0pvZEhSd2N6b3ZMMlJwYzNCc1lYbGhaSE10Wm05eWJXRjBjeTVuYjI5bmJHVjFjMlZ5WTI5dWRHVnVkQzVqYjIwdllXUnpMM0J5WlhacFpYY3ZZMjl1ZEdWdWRDNXFjejlqYkdsbGJuUTlkM1JoWEhVd01ESTJiMkptZFhOallYUmxaRU4xYzNSdmJXVnlTV1E5TWpZeE5qRXdOak0zTjF4MU1EQXlObU55WldGMGFYWmxTV1E5Tmpnek5ERTVPREUzTnpJNVhIVXdNREkyZG1WeWMybHZia2xrUFRCY2RUQXdNalpoWkVkeWIzVndRM0psWVhScGRtVkpaRDAyTURNNU56UTBOelkzTXpCY2RUQXdNalp6YVdjOVFVTnBWa0pmZVdveU4wbHNaR2g2WkZkcVZsRjNWbXhSV1d3MU4xaERXaTFXWnlKZExHNTFiR3dzYm5Wc2JDd3hMQ0o0WVZadmNtNUJjalZIVlVsMWMyVTRYMk5yVWtWS2VYSXpUVGd6UjA1SFJqUmZUVUpKYUVKdldsZDRiVnBYTkhWa1Z6VndXVEpXYlV4dFVteE5aMk5KUWxKTldUa3dPRlZSYUdScVdWTXhkMlJYU1hSUFJGa3pUa1JuTkU1cWF6Vk9SR2Q1VDBSSk5FMUZaMGRYUVVKM1FWRWlMQ0l4TkRrek1URXpOemswT0NKZFhWMHNXMjUxYkd3c2JuVnNiQ3d4TERFc01WMHNXMjUxYkd3c2JuVnNiQ3dpUkVVaVhTeHVkV3hzTEc1MWJHd3NXekV5TWpjeE5UZ3pOMTFkaUg4d3BSVkdDUFdGWVNINkEtREhzeTdnVE1Ma1E4R0dXc1MxVDlDa2FPdmVMVVY3bXNHc2RRQWdQRzkxYmxNSkJGR054dUVrX2tpX3VuUFV6MmVvY0lUQnVFRXFuaGRGSjZoVERmWmNtWk1rYjdHNkhvcmJfR25Bbmc1ZVlBaEtmSm5qSWt6THU1RGtWSUlDR0NoY210QmdHdkI2TDNkU1FNMmpGR0puNTM0eS1fcFVlOU9oaWd5TzRHSXprZjhmLU8tN0RlNF9RR2NGalF5X0VtQ2tNeD&i=9-13&t=adltag_lr991qpl_4QUKRmqYqWg&r=656a82a1bdf95b3a7aa6d5417ca6000&c=saambaa-deseret&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
M.ok5eJYPe37d_ptPM7ewObNs3KwVG7K
date
Thu, 11 Jan 2024 11:44:52 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
23820
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Wed, 02 Aug 2023 16:01:21 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
hIXo7lKaDvQ0xQPM8GUQCOJT1j2XF6Au2e2iYkXNEGjQDw00xnX-rg==
place
saambaa-deseret-tagan.adlightning.com/ Frame D655 		0
446 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://saambaa-deseret-tagan.adlightning.com/place?p=1&d=ZmUmUyYy1fTE0xX21EMjZkcmFSbWdjbFFpMWdIY1lrY0d4RGQtd1ExaUFqV0FrUzE4ZFVSSmZJQW0yMEZmcXIzVS05TXlyY0ZPY29UZmpXN2RZdXk3aUo4X1pHejJNZEp0STVvS1Y0cE4zeFJBa3BCWjk0cHZ4YWZwTzBRRUhBLFNIc1pHeDNVSlFtT0RfTTRBVzUtUEEmcXVvdDssJnF1b3Q7aHR0cHM6Ly9hZHNzZXR0aW5ncy5nb29nbGUuY29tL3doeXRoaXNhZD9zb3VyY2U9ZGlzcGxheVxcdTAwMjZyZWFzb25zPUFXeWpiQjdhSVA1OFJQYmNLeEhIMkxwLVpGbWhaLUsxYlo0OE44VFNUTDhIcVZDOUlOQzBJSGJQMDZUVU9GSGxjNVAza3NwUWZ0aks1TDRDNlNvSExHZDhfWjBqWGVsdWxaU3ZDOWo5VHRLWjBJeG5XblVHV0ZtOEFQYmUyT0ppRGFETFJaWk5rZXFFTlp6WmszUllfd3Boc0JkaWdWRnllOXB2anI0T3dDbXpmVkdFV1pZYmp0RXBoYzlRM1pVcDhYRTQ3OUtLR01xR3N6bGNnX2VVYzJYV1E1NE5VX3J4OG5RaG95QjNZQWdBU3dZVjNDU2plRU1jMjhXQnNBQ19mcVNsOVhKSEI2TG80dThLak5sU2hWUUYzUl9vZUY2a2JpR0ZDT1Z5TkctYVRIcVR4V1M4aEM2RVN5a1lLUUxVazVMa3NWcHgtanZFMVhvUThBb25TMFR2eER2M0dyeGhCZlRBNGc5Ykx0MlpSU0VVcW5jdWkxVVByclF1LUc0SmQ1dGYtLWZwdDVZamprZ3h3WFlxWXFrRUlvVW5fYVMzWE5VT2JMd2NpX2tPdlhvQjAyaG96azI0ZG1za1ZvSU5FZmc0bUR6ZGo0MzJCQmtSeDJfenJmaXJCaW9QaWViSDdOUHlOZDh3RF9CdGpNT0trRXRqcnB4YjI5Q2tGeW85WjBSd0d5VHFOdGh2aURlbzhvNFFtWWFGeXVQRFNERGh1NnMzU3gwXzNTV3hFWGhhbHpyNnZoaW93YzdsMnh4SEZRMFVEMzBWWEcweV9hQjZwbmxza1dzTlhRWHBoVEZmZTBSZFdoOTRPeXVNaDgwS2wtV0JkRDVaZklITEZlMWRONEZjVGVoT3RPU1RxemJzMmlVck1CX1lQZVJ3M1NWYWVEbk1BckVZTExBRmMxVm9xcF9Yd2hRZU10MVAydHJ0ZjBtd2p3czlTTldqTnhnbE14V3lrZjZqSUFidUxWOGM1N1hTaHZ0VW50bE1sMmNYXzFHZDRWb0ppSm51eGptSHBDRW0zVzFBbnEycTY2Z0dSdzNuQUtiTEw4QXJqa3BhNEdRbl9lYWRnUGhYeUxZYmJLUDRKVXgxQkhzYWx3ZGNhczZtbHc5LTNSUkJQTDJoQ0JBdmZ0VzZDdXRxalYtUDBvdUxhLVQya0R0OXhFTmFtRFM5TmRvaENnSy1ZMWNtRFExQzRMRE4tZ0xnYUxJMEFHMEV2aVZEVGhOZlR2eXhxdlBnc1FXLUI5ajFIWEwwUlR5XzMwcUFCeWFMOWRzXzZCSXFNaXN2UnVNRDNEWHc4azdZTlRfVkVMZkt2VUxJUkxKX2phb01ZVmxfeFBFMFZOQ0ZwV00zMUxRTkJmb0kzWEJ1cWNac3Q0VlJRYUFIT0FUbU82SkRzRnIyeVVfalhJNi1ObnpXOEpWcTV3Vkx3Z2k5MXlGcjRXQmhHU0l4QXJOS01Sd05NTkZneV95Q3BuV2dNb3ZPUmFzYlRMSlB4LWZlRm83M1g0WW1hb0FhT1VtVktGNENGbzlKLWhKRFFtTkRseXNhcVg2X3k4WFFGUGMtLTJMLXB1QkUzcldxMmFHVENWa0NqWGZxRDl1UmxnUWk4RDdHOVNoa2kxbElWZWNiYzJaU2ZfTmlfbXNJaWtzVDQ5ZEhqMUtxeGFMQkU4UE0yb0JCM1ZmLWpfWjBKdnNoWWZTQnpBdDNLeDdsY2pvWmdrVzRZd2VUTkVZY1EtNjFmdjFmT20zUU1IVGtORWUwSGNrcmwtMmZwQi1UbzNuWWhldXpEeGR0NkRjZU4xcllwYkJCdXNHYlJ6SndualFXcEQxLWJ2RTNmR3E4bkhvSGFBQ3BEU1g2WkRUbk1YVl84YWdhcGN2d05qd1ZESmIxREZpY0JobnQ3Qm1wekw1dGxZTTN6UEJReU00RlQxbkszNUZhU2p4N0VsVXJMZzB6MnU0ZWlPWVlRbEgxaHRJUVUtQWk1NWk2NVVVUFhrbFd1UkMtMXhfeXZ1OW1HakFlSXhTcVRoQjdVN19jWU0tNXdndUZnUUw0MkxwNFJoZ3BLcDUwQ2d6V0hFSFZOTlBnd0dVN0EzT2RsbHF3eW9fRWxzSEFzTGRmOWF0bkJYejRiTC1NUzJDbnE4enNpdVViVExTbGFWMzc4TXhiUHcwZ3hhcUZYZ3dZN0FTaDFDbWZyZ0ZVZGFmZ1BxaXo5YUlFb21WVTY1YzhnY1hPSmQzY2s1UlVocTlJM0RlNFRXTXNTRHJYZE9jcld5cHluRTZWQkl4YlY3MGJfSnIwN1J6NTRzVTdGZHBSSkdfRHZQY0NQTTVTY2JvWndlWXJobUVqd2VjWV8xUk1rcnRDUWxnR1ptMGlEdmVGSDFuRzBjSFRRSDVxdTJyYkpqSXZ6TVh6YUVSazk1Y25xWDIweTllWFpJeTNmVzZ1dHczRVpWNnBiY2I4OE1HNldwQjNVTzBmTS0tc29pdEJyVFNhN1BaOEFKcFVEbkpxdTVsd1k3dlFtQzNyYVNwaF9FdExYYmh4RjI5ZERqTTZBVkZtNkFHY1pxRzBaeFB6TXJ0OXhnb09GMTFFcjlIWGJSOGVtbFVHdGkxZlBiZWltdyZxdW90OywmcXVvdDtXaHkgdGhpcyBhZD8mcXVvdDssMSwwXSxudWxsLG51bGwsMCxudWxsLDAsMCwxLDAsMCwwLDEsMCwwLDAsbnVsbCwwLDEsMCxudWxsLFtbJnF1b3Q7amFrZV91aV9leHRlbnNpb24mcXVvdDssJnF1b3Q7amFrZV9kZWZhdWx0X3VpJnF1b3Q7XV0sMjUwLDMwMCwwLG51bGwsbnVsbCwwLG51bGwsbnVsbCwmcXVvdDtyaWdodCZxdW90OywwLG51bGwsJnF1b3Q7cjIwMjQwMTA4L3IyMDExMDkxNCZxdW90O11cIj48L3NjcmlwdD48L2Rpdj48c2NyaXB0IGRhdGEtamM9XCIxMTJcIiBkYXRhLWpjLXZlcnNpb249XCJyMjAyNDAxMDlcIj4oZnVuY3Rpb24oKXsndXNlIHN0cmljdCc7Y29uc3QgZD0vWyY%2FXWRibV9jPShbXiAmXSspLztmdW5jdGlvbiBlKGEpe3JldHVybihhPWQuZXhlYyhhKSk%2FYVsxXTpudWxsfWZ1bmN0aW9uIGYoYSxiLGMpe2E9YS5nZXRFbGVtZW50c0J5VGFnTmFtZShiKTtmb3IoYj0wO2I8YS5sZW5ndGg7KytiKWlmKGUoYVtiXS5zcmMpPT09YylyZXR1cm4hMDtyZXR1cm4hMX07Y29uc3QgZz13aW5kb3c7aWYoZy5kdjNVdHcpe3ZhciBoPWcuZHYzVXR3LnUsaz1nLmR2M1V0dy53O2cuZHYzVXR3PXZvaWQgMDt2YXIgbDthOntjb25zdCBhPWUoaCk7aWYoIWF8fGYoZG9jdW1lbnQsXCJzY3JpcHRcIixhKXx8Zihkb2N1bWVudCxcImlmcmFtZVwiLGEpKWw9ITA7ZWxzZXt2YXIgbT1kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiZHYzLWFzZnJtXCIpO2ZvcihsZXQgYj0wO2I8bS5sZW5ndGg7KytiKXtjb25zdCBjPW1bYl07aWYoYy5jb250ZW50V2luZG93JiZmKGMuY29udGVudFdpbmRvdy5kb2N1bWVudCxcInNjcmlwdFwiLGEpKXtsPSEwO2JyZWFrIGF9fWw9ITF9fWx8fGsoKX07fSkuY2FsbCh0aGlzKTs8L3NjcmlwdD48L2Rpdj48L2Rpdj48L2Rpdj48c2NyaXB0IGRhdGEtamM9XCIyMlwiIHNyYz1cImh0dHBzOi8vdHBjLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvanMvcjIwMjQwMTA5L3IyMDExMDkxNC9jbGllbnQvd2luZG93X2ZvY3VzX2Z5MjAyMS5qc1wiIGFzeW5jPVwiXCIgZGF0YS1qYy12ZXJzaW9uPVwicjIwMjQwMTA5XCIgZGF0YS1qY3AtdXJsPVwiaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2ludGVyYWN0aW9uLz9haT1DbHBhNy11MmZaWmp1QzgyUTdfVVAwcjZia0FtQjlaZW5kYnJIdlAzSkVhaVR6TGJlQ1JBQklOalctNThCWUpXQ2dJQ3dCNkFCbGFueXF3TElBUW1wQXN2bklLdXJiYkktcUFNQnlBT2JCS29FcndKUDBHaGdhV2hKeHdpTTFBTzEwalFGMkxMRG01aHVTazl4NTVobFlDQm4tRkVobTUyRzVIQ3hJOVdWNkRwN2hjWmpVbDh2WlpPQTB5ME1ZT1FBbVpmQ1JIR3g0cE5yMUVwb3BMVG0yODJ1UklHTFF4TGh5anRKRUlXU0RDM2JkQmpSLXFfbDdMTERsUFlDZlVhV29TY2k2VHQwT0hvejJBT3o2dmxSNlJ2VC1WSmpHMnJWUnRpMEZHTzV1OVZBQVFnY2dpc1dSMG5pem5LcFViN1g0UVN6NEhmOGlXb0MwSXVPbzRaXzNVRTJLMmZES3FGeDVEaTVSV1ZDMjJ0WE9vTkFKR2oxb0JnM29NUzZITm94YjlmeU4xT1pXckJRQjkwc3dQelBZYjBiRnFpWkhxYndtWnFMTW8tbFBmZWxnVHBKVEtmcG5UTi1yWGJJc0ZDZl9XcGo2d1lLWFN1OTFmWGJBOVZ2STRqeFFseWV2TTlkSm55b0RCR1dXRlg5VEYyWWk0SXdVV3Z0WEtRSEZoN0l4clhBQlB1ZDZZZmhBLUFFQTRnRm5LdmN6emVRQmdHZ0JreUFCOVBXamRRQnFBZlp0ckVDcUFlT3podW9CNVBZRzZnSDdwYXhBcWdIX3A2eEFxZ0gxY2ticUFlbXZodW9CNW9HcUFmejBSdW9CNWJZRzZnSHFwdXhBcWdIZzYyeEFxZ0hfNTZ4QXFnSDM1LXhBdGdIQU5JSUh3aUE0WUFRRUFFWUhUSUNxZ0k2QW9CQVNMMzl3VHBZbGF6NnA3blZnd09BQ2dPWUN3SElDd0dBREFHaURBZ3FCZ29FckxxeEFxb05Ba1JGNGcwVENKWGctcWU1MVlNREZVM0l1d2dkVXQ4R2tyQVR6TlNURnNnVDhOUExDTkFUQU5nVENvZ1VCOWdVQWRBVkFmZ1dBWUFYQWVnWEJRJmFtcDtzaWdoPWZjaVRENHh4UFRrJmFtcDtjaWQ9Q0FRU093QXZIaGZfUTFJV1QyWXhLbUthdTFRQUpIdUxmX1dtSFgwaUtTbFNvUWowWC1MbnRIT3NXM0hyUC12OTdmREJuU3hvNmVSX0hPZHQ4b1d2XCIgZGF0YS1qY3AtZ3dzLWlkPVwiXCIgZGF0YS1qY3AtcWVtLWlkPVwiQ0pqVC02ZTUxWU1ERlUzSXV3Z2RVdDhHa2dcIj48L3NjcmlwdD48aWZyYW1lIHRpdGxlPVwiQmxhbmtcIiBzY3JvbGxpbmc9XCJub1wiIGZyYW1lYm9yZGVyPVwiMFwiIGhlaWdodD1cIjBcIiB3aWR0aD1cIjBcIiBzcmM9XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9zL2Nvb2tpZV9wdXNoX29ubG9hZC5odG1sI2FIUjBjSE02THk5aExuUnlhV0poYkdaMWMybHZiaTVqYjIwdmFTNXRZWFJqYUQ5d1BXSTJKblU5UTBGRlUwVk9SVmhXWTFSTVNGSnRablkzVDBGdFdHaHFhWEJSSm1kdmIyZHNaVjlqZG1WeVBURW1aMjl2WjJ4bFgzQjFjMmc5UVZoamIwOXRVVFU1YTJkMVdWZFJWVGswTFhoSlJVUm1abmRsWkVobmMySjFUbTg0V2xBME9GY3RjVmd0UlhwVk5WRmFiMEppUlhwelgzWXhkQzFSUlMxUWIxQkxSSGh5VlVGQlVYSmZOakZpZVZSQmNGTnBUVTlZYlV4cVYyMVdOWGt0U0NaeVpXUnBjbVZqZEQxb2RIUndjeVV6UVM4dlkyMHVaeTVrYjNWaWJHVmpiR2xqYXk1dVpYUXZjR2w0Wld3bE0wWm5iMjluYkdWZmJtbGtKVE5FWlhod0pUSTJaMjl2WjJ4bFgzQjFjMmdsTTBSQldHTnZUMjFSTlRsclozVlpWMUZWT1RRdGVFbEZSR1ptZDJWa1NHZHpZblZPYnpoYVVEUTRWeTF4V0MxRmVsVTFVVnB2UW1KRmVuTmZkakYwTFZGRkxWQnZVRXRFZUhKVlFVRlJjbDgyTVdKNVZFRndVMmxOVDFodFRHcFhiVlkxZVMxSUpUSTJaMjl2WjJ4bFgzVnNZU1V6UkRJM09EWTVOVFFsTWpabmIyOW5iR1ZmYUcwbE0wUWxNalJVUmw5VlUwVlNYMGxFWDBWT1F5VXlOQT09LGFIUjBjSE02THk5a05YQXVaR1V4TjJFdVkyOXRMMk52YjJ0cFpYTXZaMjl2WjJ4bFAyZHZiMmRzWlY5bmFXUTlRMEZGVTBWTmNYTkVUemxKZURZMlJURm1iMEZ4ZDBGVU0yTmpKbWR2YjJkc1pWOWpkbVZ5UFRFbVoyOXZaMnhsWDNCMWMyZzlRVmhqYjA5dFUyeDNSazlRYTNoVFZFZDNOMmxPVDI5RVgyRm1XbmRJZG5wcVNVZHVZVkZmUWxSNlozTlNVMGgzTURjeGJ6Y3piekExVVhoSVNrNWZTMHA1ZWpCaFlrSTBURFUxWm00dGJVaFViRU5PWVZCa1NDMXhjVTg0WmtWalpVMUhPUT09LGFIUjBjSE02THk5ak1TNWhaR1p2Y20wdWJtVjBMM05sY25acGJtY3ZZMjl2YTJsbEwyMWhkR05vTHo5d1lYSjBlVDB4Sm1kdmIyZHNaVjluYVdROVEwRkZVMFZKVVhSaFQwSmphV2xPWmpCNlNGWjZkSGM1YW5SQkptZHZiMmRzWlY5amRtVnlQVEVtWjI5dloyeGxYM0IxYzJnOVFWaGpiMDl0VVRsRVpIVkVWWGRqY0ZaTWQzZDBObkV4VEZobFEzUlJZa2d5TFZaSE0zVlVXREYyWlhvdGEzWm1hR3Q1YjI1VVpFWnZSRkoyZUdzMFZYbGZWbHBwVG5KQ1pHd3laVXcyVjB3eFQxUkRNVU4yT1hKRVgwVmljVUZzZEhZMCxhSFIwY0hNNkx5OXlkR0l1YjNCbGJuZ3VibVYwTDNONWJtTXZaR1J6UDJkdmIyZHNaVjluYVdROVEwRkZVMFZFWnpKdFMyTkRNRXAxU21oQlVXbERUVWhyTFZJNEptZHZiMmRzWlY5amRtVnlQVEVtWjI5dloyeGxYM0IxYzJnOVFWaGpiMDl0VVZseE9XOHRiakJNWkZSSGJtTkhSMHhqTWkxR2VXNXJNV2RzVkc5aFJrRk1ZMGR6TFZOU1QzVm9SMUZpZERjMWNVdHFWRzAxUVRReGNVVnVUbmhRYVZNMWVXWk5PVVUwU1ZSMlJ6WlZZWFkxY2pOc1dVSjZOSFJLUkRGUmFRPT0sYUhSMGNITTZMeTl3YVhobGJDNXlkV0pwWTI5dWNISnZhbVZqZEM1amIyMHZaWGhqYUdGdVoyVXZjM2x1WXk1d2FIQV9jRDFrWm5BbV&i=10-13&t=adltag_lr991qpl_4QUKRmqYqWg&r=656a82a1bdf95b3a7aa6d5417ca6000&c=saambaa-deseret&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
M.ok5eJYPe37d_ptPM7ewObNs3KwVG7K
date
Thu, 11 Jan 2024 11:44:52 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
23820
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Wed, 02 Aug 2023 16:01:21 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
GbRY9QnUPJs1gzwQgiaS3NIkvqsxLsCtcjYlQp8OQ0WLHRioJUL7NA==
place
saambaa-deseret-tagan.adlightning.com/ Frame D655 		0
446 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://saambaa-deseret-tagan.adlightning.com/place?p=1&d=oyOXZaMnhsWDJkcFpEMURRVVZUUlVvMFZWZGpWRVp0Tm0xdU1DMVNRbGROV2tOSWJtOG1aMjl2WjJ4bFgyTjJaWEk5TVNabmIyOW5iR1ZmY0hWemFEMUJXR052VDIxVFNYcE1iR2RwTldWaGJEUjVTV1o2U1dwSmFGbGZTa3N4YkZCcGJrTkdZblE1VVZoWU0xY3RhWGR4ZUhob2J6Um5lVUphTFRJeVNWaGxTa000U0haTFZEaFpNMUpqWkV0Tk4ybEhORFYyU3pFeFpXb3lOSGROVTNsQk5sRT0sYUhSMGNITTZMeTl6YzNWdExYTmxZeTVqWVhOaGJHVnRaV1JwWVM1amIyMHZkWE5sY20xaGRHTm9jbVZrYVhJX2N6MHhPRFF3TWpNbVkySTlhSFIwY0hNbE0wRWxNa1lsTWtaamJTNW5MbVJ2ZFdKc1pXTnNhV05yTG01bGRDVXlSbkJwZUdWc0pUTkdaMjl2WjJ4bFgyNXBaQ1V6UkdsdVpHVjRKVEkyWjI5dloyeGxYMmh0SlRORUptZHZiMmRzWlY5bmFXUTlRMEZGVTBWR2VqZDZiR2hpVmtWNFJqUkhkVUZPVEUxTFNVRk5KbWR2YjJkc1pWOWpkbVZ5UFRFbVoyOXZaMnhsWDNCMWMyZzlRVmhqYjA5dFVrZFZUREJMWWt4Rk9XMXZaVVJIVFd0aFVIZGpPSFZSWlRoSVRrSlVOSEZ5Y2pZeVluVkZORGhCUjJsT2NtczBNbEp0TUVSaWR5MHlXRk4wVFVKVVRXYzBhM2R2ZDJWWllrdHhiemhGUmt0V1QyOURVMUpCYVU1NFJqaHosYUhSMGNITTZMeTlqYlM1bkxtUnZkV0pzWldOc2FXTnJMbTVsZEM5d2FYaGxiQzloZEhSeVAyUTlRVWhPUmpFelNrMTJkamRyUlV0Rk56ZEpkRFpOV2xOS1NEQTNPR3R6ZVVaaUxVNTBUVXRIZEZoRU0xVmFPWFZGVnpkaVFXaEZkVGROTkVKbVRrWjFTR0ZSWW04M1FRPT1cIiBzdHlsZT1cInBvc2l0aW9uOmFic29sdXRlXCIgYXJpYS1oaWRkZW49XCJ0cnVlXCI%2BPC9pZnJhbWU%2BPHNjcmlwdCBkYXRhLWpjPVwiMjNcIiBzcmM9XCJodHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2pzL3IyMDI0MDEwOS9yMjAxMTA5MTQvY2xpZW50L3FzX2NsaWNrX3Byb3RlY3Rpb25fZnkyMDIxLmpzXCIgZGF0YS1qYy12ZXJzaW9uPVwicjIwMjQwMTA5XCIgZGF0YS1qY3AtaW5pdC1kYXRhPVwiW1tbW251bGwsNTAwLDk5LDIsOSxudWxsLG51bGwsbnVsbCwxXV1dXVwiPjwvc2NyaXB0PjxkaXYgc3R5bGU9XCJkaXNwbGF5OiBub25lOyBwb3NpdGlvbjogYWJzb2x1dGU7IHotaW5kZXg6IDIxNDc0ODM2NDc7IHdpZHRoOiAxMDAlOyBoZWlnaHQ6IDEwMCU7IHRvcDogMHB4OyBsZWZ0OiAwcHg7XCI%2BPC9kaXY%2BPGltZyBzcmM9XCIvL3d3dy5nb29nbGUuY29tL2Fkcy9tZWFzdXJlbWVudC9sP2ViY2lkPUFMaDdDYVNHOW44ekN0UUFRdGpXZmxZbldxcXNRRjI0RE51bU9DQU9HOWVsRjFpM0syR1hmSER3b2w1UW9OX3c4bmlhZmxnZ3RUYjhNZG9zakY4Wm9XcDFzWUVuS1BwWFJRXCIgc3R5bGU9XCJkaXNwbGF5Om5vbmU7XCIgYWx0PVwiXCI%2BPGRpdiBzdHlsZT1cImJvdHRvbTowO3JpZ2h0OjA7d2lkdGg6MzAwcHg7aGVpZ2h0OjI1MHB4O2JhY2tncm91bmQ6aW5pdGlhbCAhaW1wb3J0YW50O3Bvc2l0aW9uOmFic29sdXRlICFpbXBvcnRhbnQ7bWF4LXdpZHRoOjEwMCUgIWltcG9ydGFudDttYXgtaGVpZ2h0OjEwMCUgIWltcG9ydGFudDtwb2ludGVyLWV2ZW50czpub25lICFpbXBvcnRhbnQ7aW1hZ2UtcmVuZGVyaW5nOnBpeGVsYXRlZCAhaW1wb3J0YW50O3otaW5kZXg6MjE0NzQ4MzY0NztiYWNrZ3JvdW5kLWltYWdlOnVybCgnZGF0YTppbWFnZS9wbmc7YmFzZTY0LGlWQk9SdzBLR2dvQUFBQU5TVWhFVWdBQUFDc0FBQUFXQkFNQUFBQ3JsM2lBQUFBQUJsQk1WRVVBQUFEK0FjaVdtWnpXQUFBQUFuUlNUbE1BQXBpZHJCUUFBQUNBU1VSQlZCalRiWkVCRHNBd0NBTDFCL3ovdFVzRktVMW1sMnhtU0srMDZyK2F4YS9vTUg5UlFFWFhWTTBxZDlUaHFPYlp6dXIydTE1dlRkRzdyYXNrMlRyV0NPNWpkUVIySGpFb0F3dy9NNjBaYVhVQVVuQ0F6T0xKYzFML2tOZ1h5YjJoTE1sU2N3ZEIzUlJFSVBEZEd6QlVKSGl4NjAzd3hoaDN1Vmt3d0E5L1JnWCtIYWJ2dUFBQUFBQkpSVTVFcmtKZ2dnPT0nKSAhaW1wb3J0YW50O1wiPjwvZGl2PjxzY3JpcHQgZGF0YS1qYz1cIjEwM1wiIGRhdGEtamMtdmVyc2lvbj1cInIyMDI0MDEwOVwiIGRhdGEtamNwLWJhc2VfdXJsPVwiaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2NvbnZlcnNpb24vP2FpPUNscGE3LXUyZlpaanVDODJRN19VUDByNmJrQW1COVplbmRickh2UDNKRWFpVHpMYmVDUkFCSU5qVy01OEJZSldDZ0lDd0I2QUJsYW55cXdMSUFRbXBBc3ZuSUt1cmJiSS1xQU1CeUFPYkJLb0Vyd0pQMEdoZ2FXaEp4d2lNMUFPMTBqUUYyTExEbTVodVNrOXg1NWhsWUNCbi1GRWhtNTJHNUhDeEk5V1Y2RHA3aGNaalVsOHZaWk9BMHkwTVlPUUFtWmZDUkhHeDRwTnIxRXBvcExUbTI4MnVSSUdMUXhMaHlqdEpFSVdTREMzYmRCalItcV9sN0xMRGxQWUNmVWFXb1NjaTZUdDBPSG96MkFPejZ2bFI2UnZULVZKakcyclZSdGkwRkdPNXU5VkFBUWdjZ2lzV1Iwbml6bktwVWI3WDRRU3o0SGY4aVdvQzBJdU9vNFpfM1VFMksyZkRLcUZ4NURpNVJXVkMyMnRYT29OQUpHajFvQmczb01TNkhOb3hiOWZ5TjFPWldyQlFCOTBzd1B6UFliMGJGcWlaSHFid21acUxNby1sUGZlbGdUcEpUS2ZwblROLXJYYklzRkNmX1dwajZ3WUtYU3U5MWZYYkE5VnZJNGp4UWx5ZXZNOWRKbnlvREJHV1dGWDlURjJZaTRJd1VXdnRYS1FIRmg3SXhyWEFCUHVkNllmaEEtQUVBNGdGbkt2Y3p6ZVFCZ0dnQmt5QUI5UFdqZFFCcUFmWnRyRUNxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSDFja2JxQWVtdmh1b0I1b0dxQWZ6MFJ1b0I1YllHNmdIcXB1eEFxZ0hnNjJ4QXFnSF81NnhBcWdIMzUteEF0Z0hBTklJSHdpQTRZQVFFQUVZSFRJQ3FnSTZBb0JBU0wzOXdUcFlsYXo2cDduVmd3T0FDZ09ZQ3dISUN3R0FEQUdpREFncUJnb0VyTHF4QXFvTkFrUkY0ZzBUQ0pYZy1xZTUxWU1ERlUzSXV3Z2RVdDhHa3JBVHpOU1RGc2dUOE5QTENOQVRBTmdUQ29nVUI5Z1VBZEFWQWZnV0FZQVhBZWdYQlEmYW1wO3NpZ2g9ZmNpVEQ0eHhQVGtcIiBkYXRhLWpjcC1jcHVfbGFiZWw9XCJoZWF2eV9hZF9pbnRlcnZlbnRpb25fY3B1XCIgZGF0YS1qY3AtbmV0X2xhYmVsPVwiaGVhdnlfYWRfaW50ZXJ2ZW50aW9uX25ldHdvcmtcIj4oZnVuY3Rpb24oKXsndXNlIHN0cmljdCc7LyogIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wICovIHZhciBsPXRoaXN8fHNlbGY7ZnVuY3Rpb24gbShhLGIpe2E6e3ZhciBjPVtcIkNMT1NVUkVfRkxBR1NcIl07Zm9yKHZhciBkPWwsZj0wO2Y8Yy5sZW5ndGg7ZisrKWlmKGQ9ZFtjW2ZdXSxudWxsPT1kKXtjPW51bGw7YnJlYWsgYX1jPWR9YT1jJiZjW2FdO3JldHVybiBudWxsIT1hP2E6Yn07dmFyIHE9bSg2MTA0MDEzMDEsITEpLHY9bSg1NzI0MTczOTIsITApO3ZhciB3O2NvbnN0IHg9bC5uYXZpZ2F0b3I7dz14P3gudXNlckFnZW50RGF0YXx8bnVsbDpudWxsO2Z1bmN0aW9uIHkoYSl7cmV0dXJuIHE%2Fdz93LmJyYW5kcy5zb21lKCh7YnJhbmQ6Yn0pPT5iJiYtMSE9Yi5pbmRleE9mKGEpKTohMTohMX1mdW5jdGlvbiB6KGEpe3ZhciBiO2E6e2lmKGI9bC5uYXZpZ2F0b3IpaWYoYj1iLnVzZXJBZ2VudClicmVhayBhO2I9XCJcIn1yZXR1cm4tMSE9Yi5pbmRleE9mKGEpfTtmdW5jdGlvbiBCKCl7cmV0dXJuIHE%2FISF3JiYwPHcuYnJhbmRzLmxlbmd0aDohMX1mdW5jdGlvbiBDKCl7cmV0dXJuIEIoKT95KFwiQ2hyb21pdW1cIik6KHooXCJDaHJvbWVcIil8fHooXCJDcmlPU1wiKSkmJiEoQigpPzA6eihcIkVkZ2VcIikpfHx6KFwiU2lsa1wiKX07IXooXCJBbmRyb2lkXCIpfHxDKCk7QygpO3ooXCJTYWZhcmlcIikmJihDKCl8fChCKCk%2FMDp6KFwiQ29hc3RcIikpfHwoQigpPzA6eihcIk9wZXJhXCIpKXx8KEIoKT8wOnooXCJFZGdlXCIpKXx8KEIoKT95KFwiTWljcm9zb2Z0IEVkZ2VcIik6eihcIkVkZy9cIikpfHxCKCkmJnkoXCJPcGVyYVwiKSk7dmFyIEQ9IXY7bGV0IEU9IXY7dmFyIEY9U3ltYm9sKCk7ZnVuY3Rpb24gRyhhKXtjb25zdCBiPWFbRl18MDsxIT09KGImMSkmJihPYmplY3QuaXNGcm96ZW4oYSkmJihhPUFycmF5LnByb3RvdHlwZS5zbGljZS5jYWxsKGEpKSxhW0ZdPWJ8MSl9ZnVuY3Rpb24gSCgpe3ZhciBhPVtdO2FbRl18PTE7cmV0dXJuIGF9ZnVuY3Rpb24gSShhKXthPWE%2BPjE0JjEwMjM7cmV0dXJuIDA9PT1hPzUzNjg3MDkxMjphfTt2YXIgSj17fSxhYT17fTtmdW5jdGlvbiBMKGEpe3JldHVybiEoIWF8fFwib2JqZWN0XCIhPT10eXBlb2YgYXx8YS5vIT09YWEpfWZ1bmN0aW9uIE0oYSl7cmV0dXJuIG51bGwhPT1hJiZcIm9iamVjdFwiPT09dHlwZW9mIGEmJiFBcnJheS5pc0FycmF5KGEpJiZhLmNvbnN0cnVjdG9yPT09T2JqZWN0fWxldCBOLE89IXY7ZnVuY3Rpb24gUChhLGIsYyl7aWYoIUFycmF5LmlzQXJyYXkoYSl8fGEubGVuZ3RoKXJldHVybiExO2NvbnN0IGQ9YVtGXXwwO2lmKGQmMSlyZXR1cm4hMDtpZighKGImJihBcnJheS5pc0FycmF5KGIpP2IuaW5jbHVkZXMoYyk6Yi5oYXMoYykpKSlyZXR1cm4hMTthW0ZdPWR8MTtyZXR1cm4hMH12YXIgUTtjb25zdCBSPVtdO1JbRl09NTU7UT1PYmplY3QuZnJlZXplKFIpO2NsYXNzIGRhe31jbGFzcyBlYXt9T2JqZWN0LmZyZWV6ZShuZXcgZGEpO09iamVjdC5mcmVlemUobmV3IGVhKTtsZXQgUztmdW5jdGlvbiBmYShhLGIpe3JldHVybiBUKGIpfWZ1bmN0aW9uIFQoYSl7c3dpdGNoKHR5cGVvZiBhKXtjYXNlIFwibnVtYmVyXCI6cmV0dXJuIGlzRmluaXRlKGEpP2E6U3RyaW5nKGEpO2Nhc2UgXCJib29sZWFuXCI6cmV0dXJuIGE%2FMTowO2Nhc2UgXCJvYmplY3RcIjppZihhKXtpZihBcnJheS5pc0FycmF5KGEpKXJldHVybiBPfHwhUChhLHZvaWQgMCw5OTk5KT9hOnZvaWQgMDtpZihudWxsIT1hJiZhIGluc3RhbmNlb2YgVWludDhBcnJheSl7bGV0IGI9XCJcIixjPTA7Y29uc3QgZD1hLmxlbmd0aC0xMDI0MDtmb3IoO2M8ZDspYis9U3RyaW5nLmZyb21DaGFyQ29kZS5hcHBseShudWxsLGEuc3ViYXJyYXkoYyxjKz0xMDI0MCkpO2IrPVN0cmluZy5mcm9tQ2hhckNvZGUuYXBwbHkobnVsbCxjP2Euc3ViYXJyYXkoYyk6YSk7cmV0dXJuIGJ0b2EoYil9fX1yZXR1cm4gYX07ZnVuY3Rpb24gVShhLGIsYyxkLGYsayl7aWYobnVsbCE9YSl7aWYoQXJyYXkuaXNBcnJheShhKSlhPWYmJjA9PWEubGVuZ3RoJiYoYVtGXXwwKSYxP3ZvaWQgMDprJiYoYVtGXXwwKSYyP2E6aGEoYSxiLGMsdm9pZCAwIT09ZCxmLGspO2Vsc2UgaWYoTShhKSl7Y29uc3QgZT17fTtmb3IobGV0IGcgaW4gYSllW2ddPVUoYVtnXSxiLGMsZCxmLGspO2E9ZX1lbHNlIGE9YihhLGQpO3JldHVybiBhfX1mdW5jdGlvbiBoYShhLGIsYyxkLGYsayl7Y29uc3QgZT1kfHxjP2FbRl18MDowO2Q9ZD8hIShlJjMyKTp2b2lkIDA7YT1BcnJheS5wcm90b3R5cGUuc2xpY2UuY2FsbChhKTtmb3IobGV0IGc9MDtnPGEubGVuZ3RoO2crKylhW2ddPVUoYVtnXSxiLGMsZCxmLGspO2MmJmMoZSxhKTtyZXR1cm4gYX1mdW5jdGlvbiBpYShhKXtyZXR1cm4gYS5sPT09Sj9hLnRvSlNPTigpOlQoYSl9O2Z1bmN0aW9uIFYoYSxiLGMpe2lmKG51bGwhPWMmJlwic3RyaW5nXCIhPT10eXBlb2YgYyl0aHJvdyBFcnJvcigpO2E9YS5nO2xldCBkPWFbRl07aWYoZCYyKXRocm93IEVycm9yKCk7YTp7Y29uc3QgZj1JKGQpO2lmKGI%2BPWYpe2xldCBrLGU9ZDtpZihkJjI1NilrPWFbYS5sZW5ndGgtMV07ZWxzZXtpZihudWxsPT1jKWJyZWFrIGE7az1hW2YrKCshIShkJjUxMiktMSldPXt9O2V8PTI1Nn1rW2JdPWM7YjxmJiYoYVtiKygrISEoZCY1MTIpLTEpXT12b2lkIDApO2UhPT1kJiYoYVtGXT1lKX1lbHNlIGFbYisoKyEhKGQmNTEyKS0xKV09YyxkJjI1NiYmKGM9YVthLmxlbmd0aC0xXSxiIGluIGMmJmRlbGV0ZSBjW2JdKX19O3ZhciBYPWNsYXNze2NvbnN0cnVjdG9yKCl7YTp7dmFyIGE9dm9pZCAwO251bGw9PWEmJihhPVMpO1M9dm9pZCAwO2lmKG51bGw9PWEpe3ZhciBiPTk2O2E9W119ZWxzZXtpZighQXJyYXkuaXNBcnJheShh&i=11-13&t=adltag_lr991qpl_4QUKRmqYqWg&r=656a82a1bdf95b3a7aa6d5417ca6000&c=saambaa-deseret&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
M.ok5eJYPe37d_ptPM7ewObNs3KwVG7K
date
Thu, 11 Jan 2024 11:44:52 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
23820
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Wed, 02 Aug 2023 16:01:21 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
7hka4u25d7IRJCZZwxahuue3Jb9J-k94BTfSkVzvcJltjgfVKxJA2A==
place
saambaa-deseret-tagan.adlightning.com/ Frame D655 		0
446 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://saambaa-deseret-tagan.adlightning.com/place?p=1&d=KSl0aHJvdyBFcnJvcigpO2I9YVtGXXwwO2lmKGImNjQpYnJlYWsgYTt2YXIgYz1hO2J8PTY0O3ZhciBkPWMubGVuZ3RoO2lmKGQmJigtLWQsTShjW2RdKSkpe2J8PTI1NjtjPWQtKCshIShiJjUxMiktMSk7aWYoMTAyNDw9Yyl0aHJvdyBFcnJvcigpO2I9YiYtMTY3NjA4MzN8KGMmMTAyMyk8PDE0fX1hW0ZdPWJ9dGhpcy5nPWF9dG9KU09OKCl7aWYoTil2YXIgYT1XKHRoaXMsdGhpcy5nLCExKTtlbHNlIGE9aGEodGhpcy5nLGlhLHZvaWQgMCx2b2lkIDAsITEsITEpLGE9Vyh0aGlzLGEsITApO3JldHVybiBhfX07WC5wcm90b3R5cGUubD1KO1gucHJvdG90eXBlLnRvU3RyaW5nPWZ1bmN0aW9uKCl7cmV0dXJuIFcodGhpcyx0aGlzLmcsITEpLnRvU3RyaW5nKCl9OyBmdW5jdGlvbiBXKGEsYixjKXtjb25zdCBkPWEuY29uc3RydWN0b3Iuczt2YXIgZj0oYz9hLmc6YilbRl0saz1JKGYpLGU9ITE7aWYoZCYmTyl7aWYoIWMpe2I9QXJyYXkucHJvdG90eXBlLnNsaWNlLmNhbGwoYik7dmFyIGc7aWYoYi5sZW5ndGgmJk0oZz1iW2IubGVuZ3RoLTFdKSlmb3IoZT0wO2U8ZC5sZW5ndGg7ZSsrKWlmKGRbZV0%2BPWspe09iamVjdC5hc3NpZ24oYltiLmxlbmd0aC0xXT17fSxnKTticmVha31lPSEwfWs9YjtjPSFjO2c9YS5nW0ZdO2E9SShnKTtnPSshIShnJjUxMiktMTt2YXIgaDtmb3IobGV0IEE9MDtBPGQubGVuZ3RoO0ErKyl7dmFyIG49ZFtBXTtpZihuPGEpe24rPWc7dmFyIHQ9a1tuXTtudWxsPT10P2tbbl09Yz9ROkgoKTpjJiZ0IT09USYmRyh0KX1lbHNle2lmKCFoKXt2YXIgcD12b2lkIDA7ay5sZW5ndGgmJk0ocD1rW2subGVuZ3RoLTFdKT9oPXA6ay5wdXNoKGg9e30pfXQ9aFtuXTtudWxsPT1oW25dP2hbbl09Yz9ROkgoKTpjJiZ0IT09USYmRyh0KX19fWg9IGIubGVuZ3RoO2lmKCFoKXJldHVybiBiO2xldCBiYSxjYTtpZihNKHA9YltoLTFdKSl7YTp7dmFyIHI9cDtrPXt9O2M9ITE7Zm9yKHZhciB1IGluIHIpe2E9clt1XTtpZihBcnJheS5pc0FycmF5KGEpKXtnPWE7aWYoIUUmJlAoYSxkLCt1KXx8IUQmJkwoYSkmJjA9PT1hLnNpemUpYT1udWxsO2EhPWcmJihjPSEwKX1udWxsIT1hP2tbdV09YTpjPSEwfWlmKGMpe2ZvcihsZXQgQSBpbiBrKXtyPWs7YnJlYWsgYX1yPW51bGx9fXIhPXAmJihiYT0hMCk7aC0tfWZvcihmPSshIShmJjUxMiktMTswPGg7aC0tKXt1PWgtMTtwPWJbdV07aWYoIShudWxsPT1wfHwhRSYmUChwLGQsdS1mKXx8IUQmJkwocCkmJjA9PT1wLnNpemUpKWJyZWFrO2NhPSEwfWlmKCFiYSYmIWNhKXJldHVybiBiO3ZhciBLO2U%2FSz1iOks9QXJyYXkucHJvdG90eXBlLnNsaWNlLmNhbGwoYiwwLGgpO2I9SztlJiYoYi5sZW5ndGg9aCk7ciYmYi5wdXNoKHIpO3JldHVybiBifTt2YXIgamE9Y2xhc3MgZXh0ZW5kcyBYe307ZnVuY3Rpb24ga2EoYT13aW5kb3cpe3JldHVybiBhfTt2YXIgbGE9LyN8JC87Y29uc3QgbWE9ZnVuY3Rpb24oYSxiPW51bGwpe3JldHVybiBiJiZiLmdldEF0dHJpYnV0ZShcImRhdGEtamNcIik9PT1TdHJpbmcoYSk%2FYjpkb2N1bWVudC5xdWVyeVNlbGVjdG9yKGBbJHtcImRhdGEtamNcIn09XCIke2F9XCJdYCl9KDEwMyxkb2N1bWVudC5jdXJyZW50U2NyaXB0KTtpZihudWxsPT1tYSl0aHJvdyBFcnJvcihcIkpTQyBub3QgZm91bmQgMTAzXCIpO2NvbnN0IFk9e30sWj1tYS5hdHRyaWJ1dGVzO2ZvcihsZXQgYT1aLmxlbmd0aC0xOzA8PWE7YS0tKXtjb25zdCBiPVpbYV0ubmFtZTswPT09Yi5pbmRleE9mKFwiZGF0YS1qY3AtXCIpJiYoWVtiLnN1YnN0cmluZyg5KV09WlthXS52YWx1ZSl9IChmdW5jdGlvbihhLGIsYyl7dmFyIGQ9d2luZG93O2EmJmImJmMmJmQuUmVwb3J0aW5nT2JzZXJ2ZXImJmQuZmV0Y2gmJihuZXcgZC5SZXBvcnRpbmdPYnNlcnZlcigoZixrKT0%2Be2Y9ZlswXTtpZihcIkhlYXZ5QWRJbnRlcnZlbnRpb25cIj09PWY%2FLmJvZHk%2FLmlkKXtmPTA8KGYuYm9keS5tZXNzYWdlPy5pbmRleE9mKFwibmV0d29ya1wiKXx8MCk%2FYzpiO3ZhciBlPWEuc2VhcmNoKGxhKTt2YXIgZztiOntmb3IoZz0wOzA8PShnPWEuaW5kZXhPZihcImFkX3NpZ25hbHNcIixnKSkmJmc8ZTspe3ZhciBoPWEuY2hhckNvZGVBdChnLTEpO2lmKDM4PT1ofHw2Mz09aClpZihoPWEuY2hhckNvZGVBdChnKzEwKSwhaHx8NjE9PWh8fDM4PT1ofHwzNT09aClicmVhayBiO2crPTExfWc9LTF9aWYoMD5nKWU9bnVsbDtlbHNle2g9YS5pbmRleE9mKFwiJlwiLGcpO2lmKDA%2BaHx8aD5lKWg9ZTtlPWRlY29kZVVSSUNvbXBvbmVudChhLnNsaWNlKGcrMTEsLTEhPT1oP2g6MCkucmVwbGFjZSgvXFwrL2csXCIgXCIpKX1pZihlKXtpZihuYXZpZ2F0b3Iuc2VuZEJlYWNvbihcImh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2dlbl8yMDQvP2lkPWZsZWRnZV9pbnRlcmFjdGlvbnMmbGFiZWw9XCIrIGYpLGU9e2g6ZSxsYWJlbDpmfSxmPW5ldyBqYSxudWxsIT1lJiYobnVsbCE9ZS5oJiZWKGYsMSxlLmgpLG51bGwhPWUubSYmVihmLDMsZS5tKSxudWxsIT1lLmxhYmVsJiZWKGYsNixlLmxhYmVsKSxudWxsIT1lLmomJlYoZiw3LGUuaiksbnVsbCE9ZS5pJiZWKGYsOCxlLmkpKSxudWxsIT0oZT1rYShsKS5mZW5jZSkpe2c9ZS5yZXBvcnRFdmVudDthOntOPSEwO3RyeXt2YXIgbj1KU09OLnN0cmluZ2lmeShmLnRvSlNPTigpLGZhKTticmVhayBhfWZpbmFsbHl7Tj0hMX1uPXZvaWQgMH1nLmNhbGwoZSx7ZXZlbnRUeXBlOlwiaW50ZXJhY3Rpb25cIixldmVudERhdGE6bixkZXN0aW5hdGlvbjpbXCJidXllclwiXX0pfX1lbHNlIGQuZmV0Y2goYCR7YX0mbGFiZWw9JHtmfWAse2tlZXBhbGl2ZTohMCxtZXRob2Q6XCJnZXRcIixtb2RlOlwibm8tY29yc1wifSk7ay5kaXNjb25uZWN0KCl9fSx7dHlwZXM6W1wiaW50ZXJ2ZW50aW9uXCJdLGJ1ZmZlcmVkOiEwfSkpLm9ic2VydmUoKX0pKFkuYmFzZV91cmwsWS5jcHVfbGFiZWwsIFkubmV0X2xhYmVsKTt9KS5jYWxsKHRoaXMpOzwvc2NyaXB0PjxzY3JpcHQgaWQ9XCJnb29nbGVBY3RpdmVWaWV3RGlzcGxheVNjcmlwdFwiIHNyYz1cImh0dHBzOi8vd3d3Lmdvb2dsZXRhZ3NlcnZpY2VzLmNvbS9hY3RpdmV2aWV3L2pzL2N1cnJlbnQvdWZzX3dlYl9kaXNwbGF5LmpzP2NhY2hlPXIyMDExMDkxNFwiPjwvc2NyaXB0PjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPm9zZGxmbSgpOzwvc2NyaXB0PlxuICBcbiAgXG4gIFxuXG48aWZyYW1lIHNyYz1cIi8vdHBjLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9zb2Rhci82MmJIeWRDWC5odG1sXCIgd2lkdGg9XCIwXCIgaGVpZ2h0PVwiMFwiIHN0eWxlPVwiZGlzcGxheTogbm9uZTtcIj48L2lmcmFtZT48L2JvZHk%2BPC9odG1sPjwhLS0gSUZSQU1FIElOTkVSIENPTlRFTlQgLS0%2BPGlmcmFtZSB0aXRsZT1cIkJsYW5rXCIgc3JjPVwiaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQveGJiZS9waXhlbD9kPUNMZmk5UUlRMFlYajh3RVk1ci01Z0FJd0FRJmFtcDt2PUFQRXVjTldWTjhGd29IU0poZVRoUXhGME9VbURaaFBfVmJHeFVfUWZ4RDJob21JcTM3RjFKU2xkT0x4ZC1SVjhkeUJsMVFHM1EyeEMtZWUzd3h3UDB4eVBMZjVQakpwOERxaHhoTUlZRzNKcS1DQkxwRThEeGhyS25EV2JqdTJFcm91cVl6WmEyOENSREtCUEhfSFMzakkwOUFIcVdsU3R3a1Y5R0Z2TGlrQURJbTJxRFE1TUF0Z1wiIHN0eWxlPVwiZGlzcGxheTpub25lXCIgYXJpYS1oaWRkZW49XCJ0cnVlXCI%2BbnVsbDwvaWZyYW1lPjxpZnJhbWUgdGl0bGU9XCJCbGFua1wiIHNjcm9sbGluZz1cIm5vXCIgZnJhbWVib3JkZXI9XCIwXCIgaGVpZ2h0PVwiMFwiIHdpZHRoPVwiMFwiIHNyYz1cImh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL3MvY29va2llX3B1c2hfb25sb2FkLmh0bWwjYUhSMGNITTZMeTloTG5SeWFXSmhiR1oxYzJsdmJpNWpiMjB2YVM1dFlYUmphRDl3UFdJMkpuVTlRMEZGVTBWT1JWaFdZMVJNU0ZKdFpuWTNUMEZ0V0docWFYQlJKbWR2YjJkc1pWOWpkbVZ5UFRFbVoyOXZaMnhsWDNCMWMyZzlRVmhqYjA5dFVUVTVhMmQxV1ZkUlZUazBMWGhKUlVSbVpuZGxaRWhuYzJKMVRtODRXbEEwT0ZjdGNWZ3RSWHBWTlZGYWIwSmlSWHB6WDNZeGRDMVJSUzFRYjFCTFJIaHlWVUZCVVhKZk5qRmllVlJCY0ZOcFRVOVliVXhxVjIxV05Ya3RTQ1p5WldScGNtVmpkRDFvZEhSd2N5VXpRUzh2WTIwdVp5NWtiM1ZpYkdWamJHbGpheTV1WlhRdmNHbDRaV3dsTTBabmIyOW5iR1ZmYm1sa0pUTkVaWGh3SlRJMloyOXZaMnhsWDNCMWMyZ2xNMFJCV0dOdlQyMVJOVGxyWjNWWlYxRlZPVFF0ZUVsRlJHWm1kMlZrU0dkelluVk9iemhhVURRNFZ5MXhXQzFGZWxVMVVWcHZRbUpGZW5OZmRqRjBMVkZGTFZCdlVFdEVlSEpWUVVGUmNsODJNV0o1VkVGd1UybE5UMWh0VEdwWGJWWTFlUzFJSlRJMloyOXZaMnhsWDNWc1lTVXpSREkzT0RZNU5UUWxNalpuYjI5bmJHVmZhRzBsTTBRbE1qUlVSbDlWVTBWU1gwbEVYMFZPUXlVeU5BPT0sYUhSMGNITTZMeTlrTlhBdVpHVXhOMkV1WTI5dEwyTnZiMnRwWlhNdloyOXZaMnhsUDJkdmIyZHNaVjluYVdROVEwRkZVMFZOY1hORVR6bEplRFkyUlRGbWIwRnhkMEZVTTJOakptZHZiMmRzWlY5amRtVnlQVEVtWjI5dloyeGxYM0IxYzJnOVFWaGpiMDl0VTJ4M1JrOVFhM2hUVkVkM04ybE9UMjlFWDJGbVduZElkbnBxU1VkdVlWRmZRbFI2WjNOU1UwaDNNRGN4YnpjemJ6QTFVWGhJU2s1ZlMwcDVlakJoWWtJMFREVTFabTR0YlVoVWJFTk9ZVkJrU0MxeGNVODRaa1ZqWlUxSE9RPT0sYUhSMGNITTZMeTlqTVM1aFpHWnZjbTB1Ym1WMEwzTmxjblpwYm1jdlkyOXZhMmxsTDIxaGRHTm9Mejl3WVhKMGVUMHhKbWR2YjJkc1pWOW5hV1E5UTBGRlUwVkpVWFJoVDBKamFXbE9aakI2U0ZaNmRIYzVhblJCSm1kdmIyZHNaVjlqZG1WeVBURW1aMjl2WjJ4bFgzQjFjMmc5UVZoamIwOXRVVGxFWkhWRVZYZGpjRlpNZDNkME5uRXhURmhsUTNSUllrZ3lMVlpITTNWVVdERjJaWG90YTNabWFHdDViMjVVWkVadlJGSjJlR3MwVlhsZlZscHBUbkpDWkd3eVpVdzJWMHd4VDFSRE1VTjJPWEpFWDBWaWNVRnNkSFkwLGFIUjBjSE02THk5eWRHSXViM0JsYm5ndWJtVjBMM041Ym1NdlpHUnpQMmR2YjJkc1pWOW5hV1E5UTBGRlUwVkVaekp0UzJORE1FcDFTbWhCVVdsRFRVaHJMVkk0Sm1kdmIyZHNaVjlqZG1WeVBURW1aMjl2WjJ4bFgzQjFjMmc5UVZoamIwOXRVVmx4T1c4dGJqQk1aRlJIYm1OSFIweGpNaTFHZVc1ck1XZHNWRzloUmtGTVkwZHpMVk5TVDNWb1IxRmlkRGMxY1V0cVZHMDFRVFF4Y1VWdVRuaFFhVk0xZVdaTk9VVTBTVlIyUnpaVllYWTFjak5zV1VKNk5IUktSREZSYVE9PSxhSFIwY0hNNkx5OXdhWGhsYkM1eWRXSnBZMjl1Y0hKdmFtVmpkQzVqYjIwdlpYaGphR0Z1WjJVdmMzbHVZeTV3YUhBX2NEMWtabkFtWjI5dloyeGxYMmRwWkQxRFFVVlRSVW8wVlZkalZFWnRObTF1TUMxU1FsZE5Xa05JYm04bVoyOXZaMnhsWDJOMlpYSTlNU1puYjI5bmJHVmZjSFZ6YUQxQldHTnZUMjFUU1hwTWJHZHBOV1ZoYkRSNVNXWjZTV3BKYUZsZlNrc3hiRkJwYmtOR1luUTVVVmhZTTFjdGFYZHhlSGhvYnpSbmVVSmFMVEl5U1ZobFNrTTRTSFpMVkRoWk0xSmpaRXROTjJsSE5EVjJTekV4WldveU5IZE5VM2xCTmxFPSxhSFIwY0hNNkx5OXpjM1Z0TFhObFl5NWpZWE5oYkdWdFpXUnBZUzVqYjIwdmRYTmxjbTFoZEdOb2NtVmthWElfY3oweE9EUXdNak1tWTJJOWFIUjBjSE1sTTBFbE1rWWxNa1pqYlM1bkxtUnZkV0pzWldOc2FXTnJMbTVsZENVeVJuQnBlR1ZzSlROR1oyOXZaMnhsWDI1cFpDVXpSR2x1WkdWNEpUSTJaMjl2WjJ4bFgyaHRKVE5FSm1kdmIyZHNaVjluYVdROVEwRkZVMFZHZWpkNmJHaGlWa1Y0UmpSSGRVRk9URTFMU1VGTkptZHZiMmRzWlY5amRtVnlQVEVtWjI5dloyeGxYM0IxYzJnOVFWaGpiMDl0VWtkVlREQkxZa3hGT1cxdlpVUkhUV3RoVUhkak9IVlJaVGhJVGtKVU5IRnljall5WW5WRk5EaEJSMmxPY21zME1sSnRNRVJpZHkweVdGTjBUVUpVVFdjMGEzZHZkMlZaWWt0eGJ6aEZSa3RXVDI5RFUxSkJhVTU0UmpoeixhSFIwY0&i=12-13&t=adltag_lr991qpl_4QUKRmqYqWg&r=656a82a1bdf95b3a7aa6d5417ca6000&c=saambaa-deseret&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
M.ok5eJYPe37d_ptPM7ewObNs3KwVG7K
date
Thu, 11 Jan 2024 11:44:52 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
23820
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Wed, 02 Aug 2023 16:01:21 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
F4zgKgqu8v8o658vrcusmlJHWIDDgkZDd8UUGnuydeHA4euvvhGRCA==
place
saambaa-deseret-tagan.adlightning.com/ Frame D655 		0
446 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://saambaa-deseret-tagan.adlightning.com/place?p=1&d=hNNkx5OWpiUzVuTG1SdmRXSnNaV05zYVdOckxtNWxkQzl3YVhobGJDOWhkSFJ5UDJROVFVaE9SakV6U2sxMmRqZHJSVXRGTnpkSmREWk5XbE5LU0RBM09HdHplVVppTFU1MFRVdEhkRmhFTTFWYU9YVkZWemRpUVdoRmRUZE5ORUptVGtaMVNHRlJZbTgzUVE9PVwiIHN0eWxlPVwicG9zaXRpb246YWJzb2x1dGVcIiBhcmlhLWhpZGRlbj1cInRydWVcIj5udWxsPC9pZnJhbWU%2BPGlmcmFtZSBzcmM9XCIvL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vc29kYXIvNjJiSHlkQ1guaHRtbFwiIHdpZHRoPVwiMFwiIGhlaWdodD1cIjBcIiBzdHlsZT1cImRpc3BsYXk6IG5vbmU7XCI%2BbnVsbDwvaWZyYW1lPiJ9&i=13-13&t=adltag_lr991qpl_4QUKRmqYqWg&r=656a82a1bdf95b3a7aa6d5417ca6000&c=saambaa-deseret&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-deseret/b-d6435a4-e8081c48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
M.ok5eJYPe37d_ptPM7ewObNs3KwVG7K
date
Thu, 11 Jan 2024 11:44:52 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
23820
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Wed, 02 Aug 2023 16:01:21 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
ABpGcqF1N9FhQDaZLpz3JiAzJ96N4RJskiFc7Gk9pp4ZMsweDlCAWQ==
8044784235198242242
s0.2mdn.net/simgad/ Frame E362 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8044784235198242242
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c07c4a729c1a85b4d7ab981f9d958266f1adf5e5a1362e194e20ca45ad7e4dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 08:16:48 GMT
date
Wed, 10 Jan 2024 08:16:48 GMT
x-content-type-options
nosniff
age
105360
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59828
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 09:33:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame E362 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:52:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
67189
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:52:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame E362 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:52:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
67195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:52:53 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E362 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubvzeOPf66MmHLE59rSJfYhkNurei9Lne67lTDj9kbGyB9Q5P-_tYYdogr6Qjq-Vu74KT3s-8XOkqXEF_n_1qLSRAOBc-g3gvTdoNP3LElrkPoEEqa-VU2n6yuxbBQ9E5ZfvWYbP4xuTspLgOkFYo_pwS7_2LP5BQmg5femWW9nAK64SeJp_KtOf8g6pOXCN4ASzOxOYpSfqmsnM1q85gaOwikcIhiGJ-BbRFh6y9i5X2N8FnK2pJvq4uQCWGGwl01nltlEG9cqfxmGHF3WifFnC6BcBV4ejPUrO46SvEkdbw6pH80vWoF0kTBIG6SjneljUgCcHfgTOR07FLEF6a4URCoPuD9t-OE3xPyP93KyS4lUllXn-tq08ilm3tjitivK3QCD4MwbbS-3aZuOBIamToLgXa3myYt24sWkvsHnYl4LNuXnZAog8EAwrRmjFKA3bR0ULEIXE7aUd5vCZcUyyhbKJ88F1Q7vJ32v5SJJQ3oJwcJPMR--yAtWOsFtnCIp11pjVpbIqc_bnvlW9Yh4sG5R5zSEWFa265FV0uGm0U6QcLPh_Uos-0WMkRu9g4h2yG7Yc7fQZWZtoS2YyFHOY1S8EFPsChGQj0_xlEIttxulSQSBRaofkzVxatlWp6hv23BLTiXT1ZIFc9-bZDiw22qLKAsLtorYOb3bGacda6-sqZXv6pOT7ohNIu-rM-MMjO7ihluiFtzaALGhvK4HDjkGqCCrE8tZZiIDcsp67RR0j2BlOqcmri5fONaFmwA_F7SBrN6Cya1hrQUnQHsQotNeTntetRxPg9VHwBoXgzXYXjfAZVzWLQIicOB3t0ZxKg0mXpqi3VNel-f9hhM3KB9McNFTmL4XjVVt8dU0BmeWzLdVfSU19ZGFbCjwhzKHM6WF4Llv2tWH23OquRwTECHMmfQJnbe0WboZYibj9y85BUfN-8OA4C2BNFOdoi5h4sNB5rK6mn0CBof1yavBUaeUKQLIA3L4sdxbBIVcqmIyP4FrjTaYrZ67-2GJgiksvlnTRvPyru0qjxOc0FGxjWj5Zgky5Um6ak2LdaCUqFxtFVVPzy0ladpdjH1K9lLPr5QKHn3P9SHXNKIx4GwqhTsJm0wJSWGaxX-EHGBFddIDu2Enb5OPiLX1Qf4-uB58VkpjFSmUp3w-aKfCfg_NMxjZxALHR6KQ6gHboPJ-vZp4B7RNjNAvkgMidZhpGGqJArWjnDWRmvooYDECTkSLbd07UaSWaeEzkpOk4Wni6Pcr6kYtiqLcJHuJe9UF_tsQufgyH16E67lvKS7Tj-VUKXX-kbpWSdBRcjyWxfpytCiM7xuKeCaETO22ARpt5Ahb7U9o1ymexOy7CIBT81p8Fq_DefqkPtYtygOI69mn3DIpjO4ECmMaxU2zlnTZtDYG74WWGfm72D7Ja1Slz58LiBYlheXkz2Wwbq5tfxWMVT-NbQLge5dklqr3_MYquz2qghO&sai=AMfl-YRbmuBL6ZkdtxPzm42oUh6aMCwz4ZEnjFh6Y0w8XR2sz9EeiQN7SqDmsEk463j2bsRjqyCIiGpQE6Byj_QUmoU1bWxEtjOl64-b5Z291AoqaUIHiwU2efTGEQA_Jsvauket0sEulGPho05XS7Ba8keAMMK1XZdMrJ06bWQhI-BRXBhSC2UW1FI3lEY9wedhH9vsJBmlboqfjQeF8wKDWGWWB7RxlQzuJruRwj28eLFYitpnf7n4NDGPywm88JIgO5b9&sig=Cg0ArKJSzJsqjLu3MgBtEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240108.32434&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 11 Jan 2024 13:32:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
px.gif
d.adtriba.com/ Frame E362
Redirect Chain
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698503&atb_dpuid=di_dv&gdpr=&gdpr_consent=
  • https://d.adtriba.com/px.gif
42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtriba.com/px.gif
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
35.157.89.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-89-79.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 13:32:48 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Thu, 11 Jan 2024 13:32:48 GMT
Last-Modified
Thu, 11 Jan 2024 13:32:48 GMT
Server
nginx/1.16.1
P3P
CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location
/px.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 01:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame E362 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
171812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 13:49:16 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame F5BF 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
169929
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 14:20:39 GMT
expires
Wed, 08 Jan 2025 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
i.match
a.tribalfusion.com/ Frame 7530 		43 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESENEXVcTLHRmfv7OAmXhjipQ&google_cver=1&google_push=AXcoOmRrWNaFXA516_Xs8HNhe855ADWe4nGGACPp3azrkSuB7ddXq9JIqWTvd8lbj49MYK3EWXK96KLrkO9ZyI1lnklVlBDB9JQg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRrWNaFXA516_Xs8HNhe855ADWe4nGGACPp3azrkSuB7ddXq9JIqWTvd8lbj49MYK3EWXK96KLrkO9ZyI1lnklVlBDB9JQg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
843d87237d939a24-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7530
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMqsDO9Ix66E1foAqwAT3cc&google_cver=1&google_push=AXcoOmRvxtnw4-Jirdn5ZvHhX7p7plN_TjoWehLd6ATiLVrvDC0tfHzcdVoTWQ7utopyCCCC58rnbyYnwn3nGw6iMavfYv4...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRvxtnw4-Jirdn5ZvHhX7p7plN_TjoWehLd6ATiLVrvDC0tfHzcdVoTWQ7utopyCCCC58rnbyYnwn3nGw6iMavfYv4g639Ohw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRvxtnw4-Jirdn5ZvHhX7p7plN_TjoWehLd6ATiLVrvDC0tfHzcdVoTWQ7utopyCCCC58rnbyYnwn3nGw6iMavfYv4g639Ohw
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRvxtnw4-Jirdn5ZvHhX7p7plN_TjoWehLd6ATiLVrvDC0tfHzcdVoTWQ7utopyCCCC58rnbyYnwn3nGw6iMavfYv4g639Ohw
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 7530
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIQtaOBciiNf0zHVztw9jtA&google_cver=1&google_push=AXcoOmS0LWSTZbytqp02_Yxt4t9xcx1rsRJN2D-i6uYu18vRyLsIwC6O6zBrmaDNgEag7G3p5nRZbcHS...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmS0LWSTZbytqp02_Yxt4t9xcx1rsRJN2D-i6uYu18vRyLsIwC6O6zBrmaDNgEag7G3p5nRZbc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmS0LWSTZbytqp02_Yxt4t9xcx1rsRJN2D-i6uYu18vRyLsIwC6O6zBrmaDNgEag7G3p5nRZbcHSYjLPE1sY0AaomKrT5Qw0ig
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmS0LWSTZbytqp02_Yxt4t9xcx1rsRJN2D-i6uYu18vRyLsIwC6O6zBrmaDNgEag7G3p5nRZbcHSYjLPE1sY0AaomKrT5Qw0ig
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 7530 		43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEDg2mKcC0JuJhAQiCMHk-R8&google_cver=1&google_push=AXcoOmRr2HDPM7dorijl5azUYDEhqFuQJ9DEP-Gq6469Pnxqe3xpxs8L7NagJrw4rHQxhnklJQ3QcbpETDR22fPF9WhgS0Owv1Nd
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 7530
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ4UWcTFm6mn0-RBWMZCHno&google_cver=1&google_push=AXcoOmRCtfQVpjl597mjTGci0-PuBr8Jqtr1vMydoORh0ROQcyNo-h3og_sU5DDdqi4y0skU1IX...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmRCtfQVpjl597mjTGci0-PuBr8Jqtr1vMydoORh0ROQcyNo-h3og_sU5DDdqi4y0skU1IX8vVZ2cnStJ-w97zSH_6FH_9__nQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmRCtfQVpjl597mjTGci0-PuBr8Jqtr1vMydoORh0ROQcyNo-h3og_sU5DDdqi4y0skU1IX8vVZ2cnStJ-w97zSH_6FH_9__nQ
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmRCtfQVpjl597mjTGci0-PuBr8Jqtr1vMydoORh0ROQcyNo-h3og_sU5DDdqi4y0skU1IX8vVZ2cnStJ-w97zSH_6FH_9__nQ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7530
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmQhB3WeULn7JYwV9D-OKdQ7QSr-hvCVf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmQhB3WeULn7JYwV9D-OKdQ7QSr-hvCVfRKYg_W5I7D1CEJINGVu-UnL7sJdYpEUGGsqDfNb9hHFdxXVUT7md0C5mX01-gKmHw
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDQBknUN9xEgjARhV1BmppDELl3m%2BbK%2FuJQHBjnexcI8XLLPWbRhW2BjvNEVquhQ%2FC8A2s0Me4cHxYpZ4LchXCkkp11MGO5KUyw4Z4FhHFSS7nWxEobrgAr6dyalhqvSRCh5ozaCqGnbSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmQhB3WeULn7JYwV9D-OKdQ7QSr-hvCVfRKYg_W5I7D1CEJINGVu-UnL7sJdYpEUGGsqDfNb9hHFdxXVUT7md0C5mX01-gKmHw
cache-control
no-cache
cf-ray
843d87236a5d6a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 7530 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KmVIX9R5WfHofEENjM5tyWLcrBBZuQ-DesZ8sarmzfe2hB9saoV8-mEL3fkKSbpw
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 1D40 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 09:51:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
13249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 09:51:59 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 018F 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
15558
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E362 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44556479dcbcca381b28827d2c0a339c105065d07cf13e5daded1c3a1cc7e932

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 0BD1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutN7HZ4gKGEvPG--ZZ7-xN_RdAxnImWAjv3X0R-5Mod4vDPoaPOycDKt__HGpXZ4uHpMOAdBf0GluNw20jXAvQgEX682deQo2pvEVi6VXKqQ0qzgVD71_ohpTzBs0VeBWKnmW0O_Vq6Ym6nffnk15WaLwK&sai=AMfl-YTbT8iPF9S9BcAJ12q3l2PipJAxZx4rWtCkbqzM6yDQ5ux7iMyJHKd54J8PpMRrJUOzJ10r7ChimPAbD3zNF2a0yKgT1W6kjXwTWohcduPzUGpPyWPHxBP3jOU&sig=Cg0ArKJSzF3Y3mObf7sfEAE&cid=CAQSOwAvHhf_c_HDliwOy7Eofs2G9glQ932yGFCKh6C1aVk3b2WaxtVsozwy_y2ekF0N0Ic9k6ui5TDD9lcLGAE&id=lidar2&mcvt=1134&p=778,1050,1028,1350&mtos=1134,1134,1134,1134,1134&tos=1134,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2156606619&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704979963165&rpt=4042&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E362 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubvzeOPf66MmHLE59rSJfYhkNurei9Lne67lTDj9kbGyB9Q5P-_tYYdogr6Qjq-Vu74KT3s-8XOkqXEF_n_1qLSRAOBc-g3gvTdoNP3LElrkPoEEqa-VU2n6yuxbBQ9E5ZfvWYbP4xuTspLgOkFYo_pwS7_2LP5BQmg5femWW9nAK64SeJp_KtOf8g6pOXCN4ASzOxOYpSfqmsnM1q85gaOwikcIhiGJ-BbRFh6y9i5X2N8FnK2pJvq4uQCWGGwl01nltlEG9cqfxmGHF3WifFnC6BcBV4ejPUrO46SvEkdbw6pH80vWoF0kTBIG6SjneljUgCcHfgTOR07FLEF6a4URCoPuD9t-OE3xPyP93KyS4lUllXn-tq08ilm3tjitivK3QCD4MwbbS-3aZuOBIamToLgXa3myYt24sWkvsHnYl4LNuXnZAog8EAwrRmjFKA3bR0ULEIXE7aUd5vCZcUyyhbKJ88F1Q7vJ32v5SJJQ3oJwcJPMR--yAtWOsFtnCIp11pjVpbIqc_bnvlW9Yh4sG5R5zSEWFa265FV0uGm0U6QcLPh_Uos-0WMkRu9g4h2yG7Yc7fQZWZtoS2YyFHOY1S8EFPsChGQj0_xlEIttxulSQSBRaofkzVxatlWp6hv23BLTiXT1ZIFc9-bZDiw22qLKAsLtorYOb3bGacda6-sqZXv6pOT7ohNIu-rM-MMjO7ihluiFtzaALGhvK4HDjkGqCCrE8tZZiIDcsp67RR0j2BlOqcmri5fONaFmwA_F7SBrN6Cya1hrQUnQHsQotNeTntetRxPg9VHwBoXgzXYXjfAZVzWLQIicOB3t0ZxKg0mXpqi3VNel-f9hhM3KB9McNFTmL4XjVVt8dU0BmeWzLdVfSU19ZGFbCjwhzKHM6WF4Llv2tWH23OquRwTECHMmfQJnbe0WboZYibj9y85BUfN-8OA4C2BNFOdoi5h4sNB5rK6mn0CBof1yavBUaeUKQLIA3L4sdxbBIVcqmIyP4FrjTaYrZ67-2GJgiksvlnTRvPyru0qjxOc0FGxjWj5Zgky5Um6ak2LdaCUqFxtFVVPzy0ladpdjH1K9lLPr5QKHn3P9SHXNKIx4GwqhTsJm0wJSWGaxX-EHGBFddIDu2Enb5OPiLX1Qf4-uB58VkpjFSmUp3w-aKfCfg_NMxjZxALHR6KQ6gHboPJ-vZp4B7RNjNAvkgMidZhpGGqJArWjnDWRmvooYDECTkSLbd07UaSWaeEzkpOk4Wni6Pcr6kYtiqLcJHuJe9UF_tsQufgyH16E67lvKS7Tj-VUKXX-kbpWSdBRcjyWxfpytCiM7xuKeCaETO22ARpt5Ahb7U9o1ymexOy7CIBT81p8Fq_DefqkPtYtygOI69mn3DIpjO4ECmMaxU2zlnTZtDYG74WWGfm72D7Ja1Slz58LiBYlheXkz2Wwbq5tfxWMVT-NbQLge5dklqr3_MYquz2qghO&sai=AMfl-YRbmuBL6ZkdtxPzm42oUh6aMCwz4ZEnjFh6Y0w8XR2sz9EeiQN7SqDmsEk463j2bsRjqyCIiGpQE6Byj_QUmoU1bWxEtjOl64-b5Z291AoqaUIHiwU2efTGEQA_Jsvauket0sEulGPho05XS7Ba8keAMMK1XZdMrJ06bWQhI-BRXBhSC2UW1FI3lEY9wedhH9vsJBmlboqfjQeF8wKDWGWWB7RxlQzuJruRwj28eLFYitpnf7n4NDGPywm88JIgO5b9&sig=Cg0ArKJSzJsqjLu3MgBtEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=87&vt=11&dtpt=85&dett=2&cstd=0&cisv=r20240108.32434&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
8044784235198242242
s0.2mdn.net/simgad/ Frame 9009 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8044784235198242242
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c07c4a729c1a85b4d7ab981f9d958266f1adf5e5a1362e194e20ca45ad7e4dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 08:16:48 GMT
date
Wed, 10 Jan 2024 08:16:48 GMT
x-content-type-options
nosniff
age
105360
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59828
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 09:33:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 9009 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:52:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
67189
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:52:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 9009 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:52:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
67195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:52:53 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9009 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPTjdzfFqsv0OV25Yw6xg8iwOWEksaLWBzegKm-vGU3e0UgBOwQ1D8mZnGe5_63TFrNjN0TaQOY6umaxn4y-athLNC60z6hoQhTgSyVYSyAer9WIpeqdjlFn94lfL-sk8Pj7UgXNx4pFSpnqXO447mnCaM4m7VfijMg88M2j4OU68DlNiKgoxoUIebOket7XM4YtPg1E0OEqqF6lBTqr0IktaCtUKA-R8OXb6T8YhiIb2-5OuuFNDZlDgEdwP2we-lahl9C7cmQB-x4v9OzW70q6fTGEx8se9Dz1aeEYM_Lr2PnqdJ08TABpBaJ8iUjdhwjcoWYIbCxn8GAddlEgcw71jEd09Pv5IJRzj4-bqmD6IFriQny24Ig3QJ7JwX9gzDyq5D574_xwf6hQiDwdwCwma-cCanojGXf6desUzPLbmqditJzdNfyUfwTSgWmL1roE10GWC6MSDxMJGxggoJTXd-paDRa2NqtRRs1j0v-V0xTBMrUmn4YyPfAWV9DgpIry_4XFC16L0fsu8w6sUj05iwFv9c3HxomOFGQ41o-SZnh17Y9ezpyoodGu3SD_cYFNqEydyz5AkTL4kKmsMUN95hx2fVyl0tMHqdKFXor4KfdC9dmOtyE6IHcwJEaRqCDe6jxQ0DzgHcaG3mKbmfZDujhn6B8TU60ZdnGL0yuSQM21CMcl_LWo9o7lq5Fg1C8_T3oVNe7W7M9D7btVRhUnf4Uptf3Ltg8InAzf-oiIr3U2Uk93Estcb5zv3xgdtqN52QuOIUXMMMHnMbsDMZY_yLgHchcy-buB57eJ7XsyLklN8wh5V3CI0A7dhUoP302DwHPDxhT6lsJDn0PekvYZY04Sfbl1SuTCAFJCNBG4iMW9uT6PSGT6ks0nyjmzxjDdc8NC5kGDEzL92C0d8F0noEOD0tlm_jjAqUw8Y7dkb39ty8slin_Ix31GAjX6pAXCSmduXg6PzpLg6LORJjDeVyUZAASh8FXfz5j-EA6o4k_NY3twCy1YPN9NcZvxUFgyCx1LEpnc-yTTN-F6BhtgkFWzWX7V7TX0YK-5ZCGB4Joj4VHgbVn4meufbqY0u3xKn2Zi7lSEnFif2nSWsFZmL19r89Wn_Zq6-hqAXOjTLc30sWoQ6cUcXwAFI2fdBMLbeIWGvUA5yWDUvkpOFy7babWrQ-M4foSug8Tjg9yG4uroOIg7F9zw-kBvrfG744AK9kml--SCUMKzQa2-kQ8QPe1pgehYSG7UDfH7nSQYOcuzIU1nZSSyA0Ty7SSVdN_JcbSyz9EkUpEej4QZEY3QzObJiu18kTguz6FEshqvn-_Aa3amtfZYprXRNBkjRn0ew01Q71vHHJY4w2Y6L3Jiv7OMGWxEgVUN7zdcDHFbn41qrOxJsiFeXiIIU2W3tYOQeYhOrOUrlif1MujbUqsGoCriZeHURlAosKp2NMH5eb7Xep5GOCCaxSQIUPw_-tJlQA&sai=AMfl-YTzqAZdUdUSg7fc-eNd7ypC1_tgFotjoXbMrLGrb645gvpkoeLVJS30nX1xxNE3d57v-4fleJBzGbAxxZLATnbZ0Xo5hI_OGh7nEat8tLN9UTmRsf79UNcYizzfF8iCXOLugDyIDSzeHi-Vw2klrywl8makgKRa95yeGHTckqbbLmL9Ke10ev51QlmGZ1XDmtvZXE7-R0B2tpOZHE4FfEMsnaQmAqc4wngGqoaVHWY6O1UFMkHYMhU3dBiPXjXJr-Wc&sig=Cg0ArKJSzPpLciJY4zFgEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240108.73915&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 11 Jan 2024 13:32:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
px.gif
d.adtriba.com/ Frame 9009
Redirect Chain
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_gaza_dv_pros_382698503&atb_dpuid=di_dv&gdpr=&gdpr_consent=
  • https://d.adtriba.com/px.gif
42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtriba.com/px.gif
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
35.157.89.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-89-79.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 13:32:48 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Thu, 11 Jan 2024 13:32:48 GMT
Last-Modified
Thu, 11 Jan 2024 13:32:48 GMT
Server
nginx/1.16.1
P3P
CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location
/px.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 01:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 9009 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
171812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 13:49:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 77AF 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
15558
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9009 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62c423d31e29f534692a637edf708c9fc70cc475408da87ece7355b80824de4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 9009 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPTjdzfFqsv0OV25Yw6xg8iwOWEksaLWBzegKm-vGU3e0UgBOwQ1D8mZnGe5_63TFrNjN0TaQOY6umaxn4y-athLNC60z6hoQhTgSyVYSyAer9WIpeqdjlFn94lfL-sk8Pj7UgXNx4pFSpnqXO447mnCaM4m7VfijMg88M2j4OU68DlNiKgoxoUIebOket7XM4YtPg1E0OEqqF6lBTqr0IktaCtUKA-R8OXb6T8YhiIb2-5OuuFNDZlDgEdwP2we-lahl9C7cmQB-x4v9OzW70q6fTGEx8se9Dz1aeEYM_Lr2PnqdJ08TABpBaJ8iUjdhwjcoWYIbCxn8GAddlEgcw71jEd09Pv5IJRzj4-bqmD6IFriQny24Ig3QJ7JwX9gzDyq5D574_xwf6hQiDwdwCwma-cCanojGXf6desUzPLbmqditJzdNfyUfwTSgWmL1roE10GWC6MSDxMJGxggoJTXd-paDRa2NqtRRs1j0v-V0xTBMrUmn4YyPfAWV9DgpIry_4XFC16L0fsu8w6sUj05iwFv9c3HxomOFGQ41o-SZnh17Y9ezpyoodGu3SD_cYFNqEydyz5AkTL4kKmsMUN95hx2fVyl0tMHqdKFXor4KfdC9dmOtyE6IHcwJEaRqCDe6jxQ0DzgHcaG3mKbmfZDujhn6B8TU60ZdnGL0yuSQM21CMcl_LWo9o7lq5Fg1C8_T3oVNe7W7M9D7btVRhUnf4Uptf3Ltg8InAzf-oiIr3U2Uk93Estcb5zv3xgdtqN52QuOIUXMMMHnMbsDMZY_yLgHchcy-buB57eJ7XsyLklN8wh5V3CI0A7dhUoP302DwHPDxhT6lsJDn0PekvYZY04Sfbl1SuTCAFJCNBG4iMW9uT6PSGT6ks0nyjmzxjDdc8NC5kGDEzL92C0d8F0noEOD0tlm_jjAqUw8Y7dkb39ty8slin_Ix31GAjX6pAXCSmduXg6PzpLg6LORJjDeVyUZAASh8FXfz5j-EA6o4k_NY3twCy1YPN9NcZvxUFgyCx1LEpnc-yTTN-F6BhtgkFWzWX7V7TX0YK-5ZCGB4Joj4VHgbVn4meufbqY0u3xKn2Zi7lSEnFif2nSWsFZmL19r89Wn_Zq6-hqAXOjTLc30sWoQ6cUcXwAFI2fdBMLbeIWGvUA5yWDUvkpOFy7babWrQ-M4foSug8Tjg9yG4uroOIg7F9zw-kBvrfG744AK9kml--SCUMKzQa2-kQ8QPe1pgehYSG7UDfH7nSQYOcuzIU1nZSSyA0Ty7SSVdN_JcbSyz9EkUpEej4QZEY3QzObJiu18kTguz6FEshqvn-_Aa3amtfZYprXRNBkjRn0ew01Q71vHHJY4w2Y6L3Jiv7OMGWxEgVUN7zdcDHFbn41qrOxJsiFeXiIIU2W3tYOQeYhOrOUrlif1MujbUqsGoCriZeHURlAosKp2NMH5eb7Xep5GOCCaxSQIUPw_-tJlQA&sai=AMfl-YTzqAZdUdUSg7fc-eNd7ypC1_tgFotjoXbMrLGrb645gvpkoeLVJS30nX1xxNE3d57v-4fleJBzGbAxxZLATnbZ0Xo5hI_OGh7nEat8tLN9UTmRsf79UNcYizzfF8iCXOLugDyIDSzeHi-Vw2klrywl8makgKRa95yeGHTckqbbLmL9Ke10ev51QlmGZ1XDmtvZXE7-R0B2tpOZHE4FfEMsnaQmAqc4wngGqoaVHWY6O1UFMkHYMhU3dBiPXjXJr-Wc&sig=Cg0ArKJSzPpLciJY4zFgEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=94&vt=11&dtpt=93&dett=2&cstd=0&cisv=r20240108.73915&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 9356 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 09:51:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
13249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 09:51:59 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7AED 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvanjKJ2K8Slg3xMATN6bU7bKeo8F_k8z8IiibHLnoZ5TL3mzwS4hrlqAdK5Bewiz4fu0_yVIbP-V84m6GJBReujrLcsLDp54ShZfw507v4qXQ93Baa2qR00N3kLwj5pX8YHiEM4h0A5x5pXRPY5shKoz8u&sai=AMfl-YTi1vVrGH-xctzD2yIZMGZI_Gyfg--IEU0OK1KIh_ZPqIMp5dZ6UJ8JiRsFKQ6rU3JO4inmWC9KBSGwoKPMDXIitepTVleCMynoIQOt6LioiFSEn9de732c0mQ&sig=Cg0ArKJSzGdy2HhnUAeIEAE&cid=CAQSOwAvHhf_FUNFcFDnZYZ5qCiY3FlDe7Jo1uUkVkqyEjaMW3f3ODo55IxIqB43IePNsPHTFy8RkhOjvsUtGAE&id=lidar2&mcvt=1074&p=778,1050,1028,1350&mtos=1074,1074,1074,1074,1074&tos=1074,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1568068282&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704979963388&rpt=4096&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 8180 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 09:51:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
13249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 09:51:59 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 0F48 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
169929
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 14:20:39 GMT
expires
Wed, 08 Jan 2025 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
i.match
a.tribalfusion.com/ Frame 018F 		43 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESENEXVcTLHRmfv7OAmXhjipQ&google_cver=1&google_push=AXcoOmTF7FyiYm4e5V3Bt8NGBzY3-E62p2trRa7mI_8MnlTdSTWBDBZDbDXfQT7Upf_p8uviZZ5aatuQEauM9QGydvvVRRnWsH52&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTF7FyiYm4e5V3Bt8NGBzY3-E62p2trRa7mI_8MnlTdSTWBDBZDbDXfQT7Upf_p8uviZZ5aatuQEauM9QGydvvVRRnWsH52%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:49 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
843d87257f4f9a24-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 018F
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMqsDO9Ix66E1foAqwAT3cc&google_cver=1&google_push=AXcoOmRG2R_NoyKeaSLPWz3E1U_SKykJbNoxJkbpckS4PeuZVS2M1wW-42pENM9Bni32KX_FJpAmiPp54Hb4eshy40U2gwe...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRG2R_NoyKeaSLPWz3E1U_SKykJbNoxJkbpckS4PeuZVS2M1wW-42pENM9Bni32KX_FJpAmiPp54Hb4eshy40U2gweFLK8h
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRG2R_NoyKeaSLPWz3E1U_SKykJbNoxJkbpckS4PeuZVS2M1wW-42pENM9Bni32KX_FJpAmiPp54Hb4eshy40U2gweFLK8h
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRG2R_NoyKeaSLPWz3E1U_SKykJbNoxJkbpckS4PeuZVS2M1wW-42pENM9Bni32KX_FJpAmiPp54Hb4eshy40U2gweFLK8h
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 018F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIQtaOBciiNf0zHVztw9jtA&google_cver=1&google_push=AXcoOmRFk4_o7ZlYGeFobfSYPKozzJYy5wD99UKqoqOe_npTot4u8w63gxyfwyH4IItiK8GMUL12oT8d...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmRFk4_o7ZlYGeFobfSYPKozzJYy5wD99UKqoqOe_npTot4u8w63gxyfwyH4IItiK8GMUL12oT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmRFk4_o7ZlYGeFobfSYPKozzJYy5wD99UKqoqOe_npTot4u8w63gxyfwyH4IItiK8GMUL12oT8dDQbQ2SfVW2Bd6UT2sdHM
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmRFk4_o7ZlYGeFobfSYPKozzJYy5wD99UKqoqOe_npTot4u8w63gxyfwyH4IItiK8GMUL12oT8dDQbQ2SfVW2Bd6UT2sdHM
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 018F 		43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEDg2mKcC0JuJhAQiCMHk-R8&google_cver=1&google_push=AXcoOmScqV_HkWqaPr1V3Z5m-ppmSenjnr-lbRv-gs5E2oc2EgiU8yamET4AOd_jcYSjGq7fXT5oRg4r63LysYnn0Y0quqy6slY
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 018F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ4UWcTFm6mn0-RBWMZCHno&google_cver=1&google_push=AXcoOmQ9MYvmpV6eM3yjklyN4ixmrFFrcTdPw9Unn5-LrJFERiUGz4s4ziK-phWBRZePaWzMsrJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmQ9MYvmpV6eM3yjklyN4ixmrFFrcTdPw9Unn5-LrJFERiUGz4s4ziK-phWBRZePaWzMsrJyKZxN3Krn3VveT6_IKkhJNP-j
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmQ9MYvmpV6eM3yjklyN4ixmrFFrcTdPw9Unn5-LrJFERiUGz4s4ziK-phWBRZePaWzMsrJyKZxN3Krn3VveT6_IKkhJNP-j
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmQ9MYvmpV6eM3yjklyN4ixmrFFrcTdPw9Unn5-LrJFERiUGz4s4ziK-phWBRZePaWzMsrJyKZxN3Krn3VveT6_IKkhJNP-j
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 018F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmRy7gUUjR1sQkm_4bTO8DrdaqdPc57FO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmRy7gUUjR1sQkm_4bTO8DrdaqdPc57FOlbecgSnIOt2TV0yUyTy0I3MoCFz-8VN-bRtGPf9SS1hB3Y8Rl7rt-buZ562Du60
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UD%2FB4Fg%2FxTytDKeW6ccsQIN6Pq0oTcqBVxHo0iCu1KvsRie8V18pXAnoLOiPSOszTR2MpgHvA9OL1qpZGD4p%2Fb7tmVhicKbJ%2Fa2nyw2iz6keKQyC7qG%2B5wYEPrO5DQPokqkspH4jo1xooA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmRy7gUUjR1sQkm_4bTO8DrdaqdPc57FOlbecgSnIOt2TV0yUyTy0I3MoCFz-8VN-bRtGPf9SS1hB3Y8Rl7rt-buZ562Du60
cache-control
no-cache
cf-ray
843d8725781e6a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 018F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LgXEf0PYmyGpFoPcmc2DblA0NI5rRlVm5MpqC0qoCZclgnoASu_hdqRA0dW97B0Q
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js
pagead2.googlesyndication.com/bg/ Frame F5BF 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d5205b03ac9436282767d3c920a33499c2c9c4b3799a29b7ffe160f956a15ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:45:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
190065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19609
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:45:03 GMT
i.match
a.tribalfusion.com/ Frame 77AF 		43 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESENEXVcTLHRmfv7OAmXhjipQ&google_cver=1&google_push=AXcoOmQyzMW-EGE50fF9NbhcJgywfNx9i5P7kmt7cJmKwEP_JlKchIpJ5pTRS_FbOcYjVptnUgxLcMbISLTw-REqUR6UXbPv66R1&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQyzMW-EGE50fF9NbhcJgywfNx9i5P7kmt7cJmKwEP_JlKchIpJ5pTRS_FbOcYjVptnUgxLcMbISLTw-REqUR6UXbPv66R1%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:49 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
843d8725af819a24-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 77AF
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMqsDO9Ix66E1foAqwAT3cc&google_cver=1&google_push=AXcoOmRIl61rhQ4S6TU-6vwOczoKLVMnh2jABMCi1enqpM3NUmopZphPKGlW-NBeWFFG0wH9Wlhu-ctIVuRYIkA5kRskroi...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRIl61rhQ4S6TU-6vwOczoKLVMnh2jABMCi1enqpM3NUmopZphPKGlW-NBeWFFG0wH9Wlhu-ctIVuRYIkA5kRskroiG22rW
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRIl61rhQ4S6TU-6vwOczoKLVMnh2jABMCi1enqpM3NUmopZphPKGlW-NBeWFFG0wH9Wlhu-ctIVuRYIkA5kRskroiG22rW
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRIl61rhQ4S6TU-6vwOczoKLVMnh2jABMCi1enqpM3NUmopZphPKGlW-NBeWFFG0wH9Wlhu-ctIVuRYIkA5kRskroiG22rW
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 77AF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIQtaOBciiNf0zHVztw9jtA&google_cver=1&google_push=AXcoOmQF3zHfDpMCgL-tdJnEAnaHaAC9SuoVgh9K6znTho4vTT57qF43IVwfskSs055LkL9TMuTrPoMb...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmQF3zHfDpMCgL-tdJnEAnaHaAC9SuoVgh9K6znTho4vTT57qF43IVwfskSs055LkL9TMuTrPo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmQF3zHfDpMCgL-tdJnEAnaHaAC9SuoVgh9K6znTho4vTT57qF43IVwfskSs055LkL9TMuTrPoMbCIGAN-xaO0KNMRghXHdU
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA1NDE4MTM2NDIxOTYyNjE2NQ&google_push=AXcoOmQF3zHfDpMCgL-tdJnEAnaHaAC9SuoVgh9K6znTho4vTT57qF43IVwfskSs055LkL9TMuTrPoMbCIGAN-xaO0KNMRghXHdU
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 77AF 		43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEDg2mKcC0JuJhAQiCMHk-R8&google_cver=1&google_push=AXcoOmSUlJR8ii7s3XEDT9vdj8vk5sIEJoohP8EpYhVQ2SApJYeZxKeqxqpUDEmY7qcSZCJHLy8lKYHsJy1X-o7T-5mVIk8_8RE
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 77AF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ4UWcTFm6mn0-RBWMZCHno&google_cver=1&google_push=AXcoOmQDJCMkYyy4bjqzsoRKnABOi8xve5LHgV8Cdql-_vRqEy1A3XZ_1OLnMj8lkFx-LlsPsS3...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmQDJCMkYyy4bjqzsoRKnABOi8xve5LHgV8Cdql-_vRqEy1A3XZ_1OLnMj8lkFx-LlsPsS3YSvSXrlNGlaJpKsGLzAKLOIYT
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmQDJCMkYyy4bjqzsoRKnABOi8xve5LHgV8Cdql-_vRqEy1A3XZ_1OLnMj8lkFx-LlsPsS3YSvSXrlNGlaJpKsGLzAKLOIYT
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5OTFROU8tTi04NlFD&google_push=AXcoOmQDJCMkYyy4bjqzsoRKnABOi8xve5LHgV8Cdql-_vRqEy1A3XZ_1OLnMj8lkFx-LlsPsS3YSvSXrlNGlaJpKsGLzAKLOIYT
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
pixel
cm.g.doubleclick.net/ Frame 77AF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmS0EKJ33o_TntTCXE1WrU7wpr1GqUuNK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmS0EKJ33o_TntTCXE1WrU7wpr1GqUuNKDGRGaHfztfTVqHBJ-nfoHoohemjRr-josIVpp_80tb-_kD-Liictt-WJaIQkY1J
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6IOOD63lUVSbc6b34AtvoS47o1pX43OEAlb%2Bn%2FRU4RcRaLafIh6iDcBZ8c%2Fm1rubuVTahVPGtDTuE8JqkR66TrCxsuRfSNa3B4PX0f6%2FqUHB98j24KcdydYXRIO2zdeFkmY3L1tjE2lpA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFz7zlhbVExF4GuANLMKIAM&google_hm=ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB&google_nid=index&google_push=AXcoOmS0EKJ33o_TntTCXE1WrU7wpr1GqUuNKDGRGaHfztfTVqHBJ-nfoHoohemjRr-josIVpp_80tb-_kD-Liictt-WJaIQkY1J
cache-control
no-cache
cf-ray
843d872598b86a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 77AF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JNKKYe9pbCVbI5PTLwX2IAUb9aClgIMFvGoqiOYWOpSutoN0kSZVIefV8U-vnxeA
Requested by
Host: e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
URL: https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 75E6 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
169929
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 14:20:39 GMT
expires
Wed, 08 Jan 2025 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 0F48 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 09:51:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
13249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 09:51:59 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 75E6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 09:51:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
13250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 09:51:59 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E35D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRFSjA-mGEyCBAbm4Za4IeoNauG0-lMJNhFVHlzCr8Ky8qFS3uji52zmHd6fM05PPKlYAntDJ-LOZQ7otRY9biSMYuJDOC_CBhqsw4vOa8RMCnFrj6S2iIVecQ5oNFwtedFQq12rZ6EPb2g5BFRbRwnkak&sai=AMfl-YRsgy3JSSXHY9ZmDZ7J7Rpsx1tPh8L3mGcNonWZqiuIJv0AalCEBh-US86ySMoaNxWRUawb0qx8tLH-TUs0JdShMlGbsa57G_GnpiIAQptEvgSG6P1kBa3or5w&sig=Cg0ArKJSzOooiq2XTa2oEAE&cid=CAQSOwAvHhf_i8AZAsq3w-X-bDqw4Mt4IGIKzNhzFKydlG0V0QJZkCQ_pdAySsV1WHnoT3407EJ2wOtlSPkjGAE&id=lidar2&mcvt=1018&p=778,1050,1028,1350&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=272005427&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704979963655&rpt=4098&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D40 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BNlv1_O2fZc2ID6aVjuwP-9iUiAEAAAAAOAHgBAI&bg=!qKulq-TNAAaumcC-jpk7ADQBe5WfOLsWzq4aLmtVYSQnzRXt18LUbBz_6nGIbpauzeKNI5DO8byVU1mV0oQ0_mW07oFbAgAAAP1SAAAAAmgBB5kDKKk616mkL3nhwSPBIRhTDTdsz2jp28We9HZKng-yKudX6pS4uzI2qqXM7NtPJl_99oRgFk0qVFPCdNVWRoyTEnsUZNzEcL85uhH8FcrNbaRW2WkHZMVoBUbHjb1XKfhkHOHPHm6sOtlhjAymh2OsFFHginWlc0CEjxLKgff3JuCkOsHnvI0FB2sbnoH0tmrvsOKonWRjy6tH7_QpxZZCoL0t3oQHExS-0dHQfOMN5VOsplwozGCeCrTWMQ0jkJ51v9ZBBC6ZWYAKvlJC8QdEwn0CMeLfNg2qxgY1-wTWOnXP9zCmjTEr9AvSiHcP2NZIkvOhzxbZUK5BmVgXModhrinTnOS91-7v3nFcRJO_w3SiKSMD1eFYZBPuBmMcJb5N5tiQXo0bVNwOfbp5F1bvGgwfEd4jZw4q87Rdo1pnzSZFtP_S_X6b76GPHioQ-WkrYaGbbFYLxEo3TE--jZEsc9FY_12UdLL_gx4ZP894c7FM9JSrImaMduBXhXZmWz_4LNmTD6F8C1kqKrl8XYpJTb4gO_TXB0fbj8kB5xrFOm8GvizOfJrPIOWsxjOSwDodSN3JlPODlq6aFjt_tg_egxfowXQNbH9cwALz07HWMniWSsA-TzlpFS_eNcLOKUjOCZhi7G3eZCLM8JIVHKC97eLpZr-J_hYrd7Ux63UBIKg5zW5tmPtvhJy_xNIfZwQJLm2xfDkIIkiSdR2BiLaC6JDOvpXjUDuBVI7GS5OfxIwPtTNMikX7UxUOMFMG9LGbMpI7GiLSNC-G6v3UIVYn9NcGQBwR52LgxJOFHSJaNL0D_FSfbRyhgZ07cnCBUX97mjpsZG91RpT6q7SmbGOC0HIrUQ3vkHvietDfoiBA-jGiKjB_WZlWdc8PGTTs9WfGLQzs8wJz_vYgTMxO6O6pFVFeOmu1gY6KKTOUONFfwdZt6d7pgbgsRH6lYzocc0TzQFeU-pcfQMx9oq5iJsKtKT36DcoY9SvYaxmWdgEeVDO6k4foSexXCSpZNDh2CNluYx1ko95xJ9f9Xwd9rCsnVs9fuNZ7SfAXoBb0nBm1Z6wSqSNexDRfwfQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9356 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B5TYk_e2fZcWWFqDo1PIP7c6swA4AAAAAOAHgBAI&bg=!bG-lbyDNAAaumcC-jpk7ADQBe5WfOCfzU9f5AJP0ljkX7nCk3GfTg7954w8PWnqbUEy3y78Vj9kNtDCI8jocxUENiYpuAgAAARBSAAAAA2gBB5kDIOHoSe4gXqSJ-WkU-muVTry3HiOOaWAVPINnDRyXRQ4mJozWP5BzCPKOnmgBMVGCjRKOT-QQ5UMhyYuQABXf8D8J_oBHgUBhASFSeRL5kX_kaRjH4pj7mGRfRtr3MZsEy6sETytD0m99kNTCh5vs0Gp_s-Zq9YIiSLimUtoC-zvnXJ0m9DT0hTott6zdCUpz1C6jE5HhyGfsbKkyfvmZt4JhRUg-aLm6hfY4WgUddZgOxJAGaBWnj8iDnRoZXHjZIeBSqVY4n3V3KF6g_Ldk6fNoWvbN-6mGlpJLDdlQCsIRxw7ssl88XehR7LL3Ma1n0qsBeXftwBOBLxJASTLytDq0yyyZO4hU2RYAXgpJGSDpWwlHQRYuliR1Hq2r4Lzi1TtD7wggWCrsgAmZcikq3joPTE0MfM4PM6xq-2aF2nsKjuxXHJVJITUiAKnI-d1X3AFrqXVa35YELRiCc09oe7RIlz-WVn-N_y5dowsU4TqugvDFWdUJOJNkW6M0J4rhnfNntrsXYV4R45xhTVdQY1arZx9mySMqwWU2zoZxGG-nfsUR97-aqUgP6ZTFjy1QogPVAA8aB1H9HA5zJ08TE3kWhVYXWIWfdh3Eb1EPx8v3NWnLZwaIlT_uBmyVg3bY1SxSQRVfxlujxuSdRKuqHLSve0KPmmFQNHhZs7FcK2m-oT1QIUoq7W-oGMQAncA6y3swqh1idAcrobyMqtAYTzAyxOc-SPD-gLCD6NYAjLoytkPgB1Tej28QPf8uvQfhG7J_9xNnxNPnrHmekDSqmGhoxPy3ircCF5-ro1vq2BKtirKcEcosogdaNQA_u_sJvBDo3dWTJKTiD2YjzOICKFz2krqadHCklrYsPd--dxzXeid6TrM192Can0RikGLL8nGFtI5UQL94-B5fZIbOp-SRw1g8hCgjBgxkn7pJTXGjxsto6RtmYQZc3TAO9MTdV7vyDdTH4_rjjFPaPQgHoCRr-XVKzMg0GfGGRYv3Y0begYc4R28G4MHA2toHD-UMn69qWnF4JqPlO7HYgJdV7YxEcNSxXZLxW-ZnmRrx2mmB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8180 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B1FLw_u2fZfvbEZnYx_APqturoAgAAAAAOAHgBAI&bg=!_v2l_bLNAAaumcC-jpk7ADQBe5WfOCkrQqN44Lw9WqD-17DMq06R926mLckbVxrBbSBdz7WDYhfdN98PMzcF1ZXsrhWeAgAAARBSAAAAA2gBB5kDH-kga1RJyUQ0BOhxTwLX0RyWfjr5GL7cSpwoXZlF6okLwm5C9yG_lmR2b3eF2XOEBiFr1Bqx0kkUTHOk-ggzxRDTAY4kuFC4MUgozgDHd9MBK8zk9RxpAnEiI93JjBhNu9U6PS0xLlvvAMtYG03jobWOC4Ec4loQc-s4K1w-AX2aVsgITrQ05RrIhk_cuGLFJgVzTvl6TjeEGpUbqbRn4sI16s3EL3EgsAcP5rSmzE1Den2QAp5jHzc_M-s-kaFo9jHlpbDcJafi2F8_OaORnIlvIri4zT1kEaH6eVZ9tyfZatWzJib5yCREtKYn27yxzvnqbLjaR3yz6nLDFyaAMIo5767gHdRXbRUGcDvbOW0xGWbiul9KsGcbvXcr17oPUbHZrk3ph8Ofvk0n-Z5KAfsfvai2pXIWWXyYNjokWgwjuF0iaNBylzwWFRhOqMtG6uKzdoSXyiJQoi5JmcIC9OA5uWZU6bQRtR1wl_1WTzTvkkAnB1whdrfw-wHWlPmmnJNFDxUK2iaB4-W1MwZ863VZuVdUB6JJevRb4kSCjfg7_sJMzpybLQ2WOk6Ouhafp6PeV51xTztsVMk-rE32Ju-oMxhZSCFEpco4DhU9snhFo7tE270DNW_T4iIcU8BlvvK7qL-RQGJrjmNszTXhwMRw4Rd00ogz9i0C9Ku9DtzNvtZ6YdmpnwVfcIFtW5Z0hN991tVci0R-qbYGJ15bGfKH8gsI8Xz5sjLo1dKZ_nBt7MGpBWI7WyQcodnCOL17Rtbo8XljvnQjF5ftz4cdi9Tc_MFy6Ez2MpIZ1bBaShSzmJeYwzG2AgvgZVMQZ6W0-b8Ma3RLEEv53_vb5EAS7Cnzc6_HxmGCRkoTZk7OyApz8T9unmcVsU6JUIVzBjUOGxjtndKgh8BI42CBptXmO6YEVfC7wldcMUufmWodTsebQfEZ5iamDmnOcTsBAK8n6ReyvQoGxu539C2B7UP6dH2ZdzSMbOdw5wZniNhfvtvyUIbxl9D-r4ud6uzDBordp3ZL8hXtCRJrWeFl1R-F1yz6o7jvX8zOqT-zs-7gGck
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F5BF 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bi7p9_u2fZciDIen8x_AP-q24wAsAAAAAOAHgBAI&bg=!j4yljMPNAAZ1R9vHVUc7ADQBe5WfOHtAIfXhCvJ9hawC2QOTfeyHfOUWXKT-3rax2kUr6CH1GBcWLc24v3QxaRaakBy0AgAAAQpSAAAABGgBBwoALUE05MSpL6xx793OaKiNNDF95HzHQ9frztbsdqSTnYw0Mb4GkLN-S_xbtd80bZkDHAKwFNuWTXIrw1y6TLNFR7l_mqPKasxPd3aQ3j27SBE_QMTemZSdDGlfXAW-SQW4Oe55fjsg1QJ2yLrbxJkrPlvalW9yGx4To2hDPt7KP0IJoPzpcDsw4ETPGhZbAujXd73GG6LH7khNJTO1enl2Qdav2SSOS5rHJzywjMPZF_2cVkumoZzl_DLbb029b2orrf8U2G8cesVadD2gOEmvnsVoFsl0oT7jSUXiyazE6Ymp1vHxkL6DfnK6u-_gFZnEJl07Ahrx6Lg8RueQk7UVOnhgPXtGsKCaO3aYk_i8SlcNmGXKqJ7dKbTXIBaHCIbjD5ejFM_HVkN3m7lT-O2ojbx_axX7XGJjsRfR6kKQEG2tsEomoIR1vSolVGKf7MTHtFzvK9xIMUwEJ55Yz7DS9dygthfjgfq6-v1EsXm8wCWTSfaS2Q6EEIGRC0iAuKWRpgx1xR_dDCTVMySj6HmDOIYrzFpGP7CSBx3yMkPPRucRCffzMFUa1HYGDv-bQO47-j9evIq1-xcUr2B4JMi8TDMwFthbHCzULN7OILIYeryzHfUOLC6Y8QPTgp1vPsaI85lE49HGFoEPPPlwRVpLQZ16uMH8U7mIXRkXoMIP606wzDzP1N2j9jMjjgRkc2fjIwdVS4zrcfhKepy5WoGRmqmBY3dCQB6wXby1vSYNOVwNhQ2NRu2xE7u9I8EMQrr71kupLtS9b3Vq8ZNF5lo77UONNf9iUcMkDfFLVjK4SDt-YbBtVM9SdUcuHSgbuhUP81NNat0KjitEUzGssKmxm2uZ34Y69DG2kKwxDFTmS1-ddIAj-_MQx5ywI2VAXaQ4PbitgyxJFeciZE8BGEDZxMvELFM7BMXh1mxahaWM6t3sl_6IS9Rr8ZTs0cwmTAzZAzibyeICr8CVkmhw1C_a0r9vicbXk9hTFtyQhbGa1ASfWVKJyj50N4PuL2DxXS5N0CT1sLwWsyi0IcEiP4ve__eV5jCYpOjnTG7MqHTDs_GeQmexsySwbWzfdBZqk1Y2HMMVz_A9bm0HM4x2R6lagNR2gGeCcJYpiXjL1bY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F48 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BiU_KAO6fZbLLBLDpx_AP7NOWiAsAAAAAOAHgBAI&bg=!LC-lL2DNAAaumcC-jpk7ADQBe5WfOFvko1slc0lOhamKpKFa7J5lP4sFC6hFB2wElzhzkBlsRC0G3H1z_Bn9Gnr1JYj4AgAAAORSAAAABGgBB5kDLyPmfOKXlLrTHLdc9G8r8rVQdyf75Iov7uaV2wgdKRBsRr48yC3wMGdJxGIDXSJD6Mbr8P0EbJA2g2X9gq_2jpuh1kGUn_XAINEtaYJENVq0rpkntLxa3j--hoW0ChEKSUIk2xJpoaK__shyQdaupjKBBTSrXAbObeoO24Jh7tDxe8sY_Nyl3N69LiNKhD_ks7FPbQqdr3n-BDsqx0uTXBJmZHfgYnrOGzcb-d06KtqV0m92-ElZS-XqxJaCOY8vy3vDjpn25XILbTMEzqwFqSfX347yxuql8GoKAQchjtOfuMYS7qIxObWNY7HUTNM8JtedTO2JnbTCg5uB0916bsVrjpFfMxeKCu8BfwrBx0dKyUEHVv9-n6jVexFmC_GJnwEbFUh9vnCFWJg9PVS7x92GWwgbMTgUwVX2WvoalmpYjRSSSIcNlxRH28MA5DuylfP6VwOBUP9JAgx2fPAdxbwlzLYx649cWDrgxh-0WQnfksEj_qW96T2BN7LFUJcHK3PE3GoVhHtChR45dxe2KwoLyfY0KwtkkFXt3Vlvkt7Q9FpEHJQLtvY4TSMgyySUoRQcLysPR0k0HlEhAj3HVv7bEnhMKR1ZlRDrGkm_FIHdnRiWj-GlBMmcWV5jRKXa05V_eX4HJcCsi-gczeZAwFM2lL_U2bMYsCXd1A4ShbJXkq36zzFP7fTYPNnP2Rlt030m_STg1usPpTzlJms7tMZdteGPcwaHm_23nBpDESqB2HI_NMP-7ncQMBDvcmjveQ0Jlq2zWR_nP4jjXmOJyPVHmvNWaCA012TjbMQDoDERXweRWyFsjGatWi8BqhVSWRoADkHG_SadrZWUbyn7OGzLo6hWgVFDbZOoFMU4l17hHwAZ1taAbF6zdMk77FiqgBBPRit8GH3EgEH5lMa5mdJlNS5oIDAAKahQATjjypeXDbZ8Y_qOFm4Ago98WAgOGO-OSSkq1Bp3VeUhGFv4Fqmgz_aymw8jp01gf6XEDGdMzCt0YvnStxG2x4ZM06XXvnDWUIMyIUTURGMplRQh8IW1K-tPyboc3MWPhCOljS6H75iriMsPpZ8xGtgCGhoO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 75E6 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B_jy_AO6fZcfPFKDpx_APpKqpgA0AAAAAOAHgBAI&bg=!OTqlOnXNAAaumcC-jpk7ADQBe5WfOEgTCd22cKl26sZ7zvt8sqlxLc6Jy_EQn4E5XoiuWPcp1AaMZCh7umWxfPAfzuuCAgAAAKpSAAAAA2gBB5kDLAqJG6HQTme_vyNXIuyUA5VtiSKWoVzjdMTyiZFdOvJlrUXEHpONy36IixFdGjxEIodFTFEPGjIskDSyD7-vgRko4cfVuYLtKMuQGVYo2tYsZG9z5lY1hfqJMSh9d7UcaKFNPQV5wGc0s4N4-Ayd5st-8RSimihmCH8l5JLHtTSJ9WtACdKpHvNNlYDQatlyy8KCLI9zwheikPwDlZgJGqbXlx_SHpTTgJtrntNPj6xb4ukchwUt1otRl-zfLAaPyvLf2lddAMA_9eiVXfQY0dIoqzGGiry9WhTQj_uq6kVneMArFzr6w81VkFzRiNI1zrUXZJ_sIEhFTvArPt2ngHjzPR3Epfmk23Y92HxrXSLuaExjqkRBzsWEdxFymrq4zIDdSm5M-ZX_WvtnLUBiTNNgjJZ3J09gfnCr8HObLmZ_pSMAwTCBBHQG1LFyT2sZNzENESH7nQ5RiK-8RxZkJRJQPmqsp_XskgGx-z7OJQFHqCyTyFI2xq18KXwCGg5BH2zrLCDA-xy8NgHi5fCr0BemXei2WDVMeMwgo_9BUISQLW7Bkh42VV4Z2UNyj0oXBVMM0C9lXql-k7X7zvZeqcAWyZHgAfenRVTDsUwbiw_96s9Ib6ih4EVM_bvECvQsxAQmwa65LVSn-osW9JBNiP1nL-YAugDPP6rVHTbr5HP2VwlFfgHnVugHvkdtkL6KKMegFQCKdpoR53jrV_rZUDXr6vXT03tJVwSIm90gEhLtwNOcHZ3XRbuioymMdAH7XBbDBnIoDOu2ezblQToRFYyVJJMzSMZfmtfPxvELnGHoJ9TTyeDmE2mCdfKoyPVlbTsjLshArxsPkGWiUhTG0cQIwkZwnKFWuxM4bi2xQGgs6Y_gh3W7AcjC65TU_HKZBq8SeF8rYGVaCcrY0tjNYI2G_Z8DU1pi_98H7tMefM7SwvZh1D9zI6wsUjDPhFScSknkvj4nJUt3P74HQJGLjAoChVFs8N-Mem3H1R3LaBraHsKzeEcWyNT4-JHoxfA541u9iVkdcjvnw-hlJFT7YUltBiA3cph47PzMnAIfpb8RwPeRAAAvfvft8-mG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D655 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4868666129356&version=m202309260101&ct=76&x=1&cor=10363975648467560000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E362 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDlSurciSWPV0pcqoRALyTdHOV0CLGL1fQDg4y0m6RguMoxxyYMYFvhN9m-M2vpexl4bo6_QTzJHM6trT_5Z5EVEKpVz5I1cdebi-HmJRoNpQplgoGj_jUa_9rX_qHbkvW6Xe34MYj5i9DuiwZ2V_oMGJc&sai=AMfl-YTdUuvp_YLvDZpq-cP2RRo215UONswwd147tfeo6XScihZktFx-PukZ3njeKFywAmWgGe6mqSePPTbEr3oQsFW4N3b1oQ0yZsQCGaOWzqVn9l6poN1cJ8mWurE&sig=Cg0ArKJSzGWmqI2s-YKGEAE&cid=CAQSOwAvHhf_-6KSfXM5C7juTUUqqFqKRw1SKfY8YsjQOny0lRrViV0zVVzqSfacQtA2VRcsgNM6VfO2XIPYGAE&id=lidar2&mcvt=1619&p=778,1050,1028,1350&mtos=1619,1619,1619,1619,1619&tos=1619,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4135884502&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704979964731&rpt=3840&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BD1 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8537032340389&version=m202309260101&ct=76&x=1&cor=8268734740169431000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AED 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9745365214934&version=m202309260101&ct=76&x=1&cor=4697551238385508000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9009 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspjVm4Zdx-LgOtuIoWcRtjkUvto_B8bvwyRrX9bgfgmeQKM27jrZGmVV9xi5Y1trAN0dcoo5OuY2H1W2nI_BSOSnRhNfOR0s6NQeR3INfA8i8WYpiXjoLJjH2vCa_0tm6L9kMVFhUu6u9oWffQhTr4u7oq&sai=AMfl-YSkdBdRVxOf-ddSFzVo9kO2-av9nVdN5-FpTITus4-KNWd63FhS6QqGogizIJAKnxZtCNVXeQjKFqGBGtljrmfSSv6pOprViPCPnx3DmYYnGcV4C4exAI4Q3SQ&sig=Cg0ArKJSzHl48YeCtEsyEAE&cid=CAQSOwAvHhf_6I7vJVRnogEQTgiE_YXQyGnpCRgo2owuAO7JizFfmHsJZJ_7HE_Ql84ybUN7q-q-C9qvDrs1GAE&id=lidar2&mcvt=1463&p=778,1050,1028,1350&mtos=1463,1463,1463,1463,1463&tos=1463,0,0,0,0&v=20240109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3785658796&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704979965055&rpt=3717&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E35D 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5361023174425&version=m202309260101&ct=76&x=1&cor=13858063726780238000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E362 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9424591480132&version=m202309260101&ct=76&x=1&cor=2721596336157349000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9009 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2116542304468&version=m202309260101&ct=76&x=1&cor=2200999967778855000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 13:32:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
sb.scorecardresearch.com/ Frame 9A52 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1704979958917&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10004&ns_st_cl=27990&ns_st_hc=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=3303689&ns_st_pt=10004&ns_st_dpt=10004&ns_st_ipt=10004&ns_st_ap=10004&ns_st_dap=10004&ns_st_et=10004&ns_st_det=10004&ns_st_upc=10004&ns_st_dupc=10004&ns_st_iupc=10004&ns_st_upa=10004&ns_st_dupa=10004&ns_st_iupa=10004&ns_st_lpc=10004&ns_st_dlpc=10004&ns_st_lpa=10004&ns_st_dlpa=10004&ns_st_pa=10004&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1704979970425&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Deseret%20Recirc%20RSS&c3=sendtonews&c4=News&c6=*null&c7=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&c8=&c9=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-76.fra56.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:50 GMT
via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
Jj5rOvMr1gLhE7-JOnve3OQGN1QWrQ8M3zzilhSzyAtxEhHxJdUFew==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=klGSJ7kVemkmgute&instance=214733147&version=7.29.5-Z&age=240111&ldt=QUARTILE&key=DXzBc7p4&seq=1&order=10&vIndex=0&absoluteTime=19458.7&relativeTime=16024.5&sm_id=3303689&visiblestatecd=I&soundcd=OFF&quartile=2&pposition=float&floattype=s
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.68.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-68-173.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:32:54 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOPeyX-iF9Xlzc0O6ZPhxUg&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

259 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture function| gtag object| dataLayer object| OneTrustStub function| OptanonWrapper object| otStubData function| isAdblockerEnabled function| getCookieValue function| addAdditionalDataLayerData function| getUserAgent function| getCurrentHour function| getPageTheme function| getAcquistionDate function| getUserId object| WebComponents object| head undefined| script function| switchIcon function| fbAsyncInit boolean| htlbidLoaded object| pbjsChunk object| pbjs object| _pbjsGlobals object| htlbid function| HTLBIDLoader object| googletag object| apstag string| isSandboxMode string| sectionName undefined| pathname string| isHome string| author object| dfpAdSlotsObject object| dfpAdSlots object| staticAdSlots function| admiral object| excludePaths boolean| loadWknd object| wkndSlot object| i18n object| webpackChunkbrightspot_theme_core function| unfocus object| FB object| ax6TKV2 function| ax6TKV3 object| xop object| 1cjkw85j816o object| rsmkiizn400 object| Optanon object| OneTrust string| OnetrustActiveGroups string| OptanonActiveGroups function| 4dm1r11545242527 object| regeneratorRuntime object| _aps boolean| apstagLOADED object| ggeac object| google_tag_data object| google_js_reporting_queue object| OBR string| OB_releaseVer object| OBREvents function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| google_tag_manager object| KO6P0g2 function| KO6P0g3 function| xblocker object| c3zM4C function| c3zM4f object| xblacklist object| _qevents string| GoogleAnalyticsObject function| ga object| __buffer object| Coral undefined| google_measure_js_timing boolean| htlbidStarted number| google_unique_id object| gaGlobal object| apscustom function| _typeof object| PARSELY object| gaplugins function| ttd_dom_ready function| TTDUniversalPixelApi function| onYouTubeIframeAPIReady object| InactiveClientList string| __mkm_new_fp object| __fp_components object| _paq function| __fp_uuidv4 function| __getUuid function| __sessionStorage function| __localStorage function| __setCookie function| __get__Fp function| __getParameterByName string| __fp_uuid object| MYLIBRARY number| __trk_counter function| invokeTrackVisitor function| __hasPwkKey function| enableTracking function| getQueryStrings function| __fp_callMonApi number| __mkm_local_counter function| __mkm_bindEvent_async function| generateMkmNewFp function| logMessage object| Base64 function| convertArrytoJson function| quantserve function| __qc object| ezt object| _qoptions string| ggpid number| ggcxm boolean| DFPMessageEnabled function| Fingerprint2 object| ID5 object| ggevents undefined| bean object| GUMGUM object| __id5_instances object| gaData object| turnstile number| __mobxInstanceCount undefined| __mobxGlobals number| c2 number| c1 object| headertag function| _33AcrossPpidMappingsProvider object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| closure_lm_872696 object| closure_lm_436306 object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| hadron boolean| __halo_loaded__ object| IFrame_Base64 string| mrkt_baseUrl string| __mrkt_qs string| __mrkt_ft string| __mrkt_tfp string| __mrkt_lsof string| __mrkt_lsemail string| __mrkt_f string| __mrkt_isUb string| __mrkt_ipAddress string| _mrkt_trackvisitor string| __mrkt_customVarV4 string| __mrkt_customvarV5 undefined| __mrkt_globlaFpId undefined| __mrkt_setPNGEmailId boolean| ___debug__code undefined| ___donottrack number| __mrkt_maxWaitCallTime number| __mrkt_waitCallTime string| __mrkt_utcCurrentTime function| ShowCurrentTime function| StoreVariablesinSession number| __mrkt_isLocal string| mrkt_lp_submission_uri boolean| is_mrkt_submission_posted object| _mrkt_submission_obj function| Getvalue_mrkt_lp_controls function| mrkt_lp_pushwebflowhandler function| getFp_mrkt_lp_finger_Print object| obj_mrkt_lp function| Bind_mrkt_lp_Save_Event boolean| __mrkt_isPiwikCall string| _fp_temp_token function| getFp_Temp_Token function| getCustomVariable function| tempEmailRemoval function| delete_fp_cookie function| trackAnaluticsOfPiwik function| TrackVisitor function| IFrameCall function| readPostMessage function| isValueNullorEmpty function| getEmailId function| getfpCookie function| SetFpCookie function| __mrkt__updateEm function| updateEm function| getEmail function| getMailinQs function| getQueryStringByKey function| getParamValue function| setCookie number| __mkm_unbounceCounter function| PushToUnbounce function| setUbFld function| setwebflowFld function| getQsFromUrl function| GenerateCampaignDigitalId number| __mkm_counter function| PushToWebflow object| ___ifrmsDocs number| ___ifrmReties function| __mkm_processiFrames function| __mkm_bindEvent function| __mkm_unbounceBindEvent function| __logvstemupd function| Set_cl_fp_TempToken function| __fp_send_temptoken function| __getSessionData function| __temptoken_readpostmessage function| sendfingerprinttoIframe boolean| isNewfpgenerated number| setFP function| tempfpcall string| f string| e string| tfp object| data number| srcIndex object| au object| -1gdj8jz1yqyo object| google_reactive_ads_global_state object| google_ad_modifications object| google_prev_clients object| GoogleGcLKhOms object| ggData object| google_image_requests

66 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChAKBgjSARD5FgoGCKIBEPkW
.youtube.com/ Name: YSC
Value: nu5ZDUgLFnI
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: g93NFfCfPQw
.deseret.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Thu+Jan+11+2024+14%3A32%3A37+GMT%2B0100+(Central+European+Standard+Time)&version=202311.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.deseret.com%2F2024%2F1%2F10%2F24033494%2Fjudge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A0%2CC0004%3A0
.deseret.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial%22%2C%22sref%22:%22%22%2C%22sts%22:1704979957689%2C%22slts%22:0}
.deseret.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=4bf51625-604e-41bb-a247-07030beaa7a6%22%2C%22session_count%22:1%2C%22last_session_ts%22:1704979957689}
.deseret.com/ Name: __gads
Value: ID=4b0742be3c1d7fc0:T=1704979957:RT=1704979957:S=ALNI_Mbs4rw_CKJhjAJvo6h35at8qhUi2Q
.deseret.com/ Name: __gpi
Value: UID=00000d3f76510e2f:T=1704979957:RT=1704979957:S=ALNI_MavKhLTXflWEFLNeuE1r7_8Dk1UXA
.quantserve.com/ Name: mc
Value: 659fedf6-01ec4-dc27d-0a558
.deseret.com/ Name: __qca
Value: P0-1310109665-1704979957765
.doubleclick.net/ Name: IDE
Value: AHWqTUkWxxVEIxSxg-n5QyJDLLZrWqntyKYk02WUyreWJBA0h1YpiSarR-89qzD6_3w
www.deseret.com/ Name: fp_value
Value: 020c4699-78d0-4dcc-be37-f766ea6ac05d
.deseret.com/ Name: _awl
Value: 2.1704979958.5-84969bcb39c03a0c03545feee842fd6e-6763652d6575726f70652d7765737431-0
www.deseret.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.deseret.com/ Name: _pk_id.499.d800
Value: 823a8e797f296906.1704979960.1.1704979960.1704979960.
www.deseret.com/ Name: _pk_ses.499.d800
Value: 1
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.rubiconproject.com/ Name: khaos
Value: LR991Q9O-N-86QC
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/Egpvg1N10f8rQNb0fGVcfL/XWaA1sYWTLHiXIXbtn90w51mQqm+l+Ih99gF7/1Vqqik/zeioVoeCuBxGCOXoSK1GRKjX/ziR4y+xUA9sgf/4b7FQD2yB//h
.go.sonobi.com/ Name: _usd_deseret.com
Value: 94e2e2a1-a423-466d-aa73-28e7ff6926cd
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uis
Value: 76762978-a966-486f-aa53-7127c5698d63
.gumgum.com/ Name: cs
Value: true
.prebid.a-mo.net/ Name: __amc
Value: 4_1704979961_1704979962
.doubleclick.net/ Name: APC
Value: AfxxVi7JylQRxNptl2Nd02zhDec-WEg6jlS9bCPoZNXsnQkXPGxZQA
.casalemedia.com/ Name: CMID
Value: ZZ-t-V3Fy.E6onXiEaSO-QAA
.casalemedia.com/ Name: CMPS
Value: 3361
.casalemedia.com/ Name: CMPRO
Value: 3361
.adnxs.com/ Name: uuid2
Value: 1078151303361022471
.adnxs.com/ Name: XANDR_PANID
Value: C_YG8tmcP6i1EkfJ58Tgf5iR53-9OD3yE1Gptd7gEam6Nyyrr5LPVXbv0he7L8RDfCUKT_IhoV3qRmWq_DO5PRa_fYU7wEPKtjZ_S3giv44.
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Ilhvz@0N!]tbPl1M>e)ZlrFUfJ+tGXxp2N$/vtC]G4'A3bF%^)^HB[fkgNQ<<%)x7ANL3If)y3KL9D3I?-9QEUx.
.adtriba.com/ Name: atbgdid
Value: 90881867-1f7f-4508-8641-23f9901be04c
.creativecdn.com/ Name: u
Value: dw0fN5Ynx8NwcOtSeiD6
.creativecdn.com/ Name: g
Value: dw0fN5Ynx8NwcOtSeiD6_1704979966121
.creativecdn.com/ Name: ts
Value: 1704979966
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjYyM7cwN7UwNRLiM9QNNKjwKnF3yi8w9_MAAByNiqolAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjYyM7cwN7UwNRLiM9QNNKjwKnF3yi8w9_MAAByNiqolAAAA
.bidswitch.net/ Name: tuuid
Value: 7e84d570-b5f1-4b55-a3fb-620e7bbe6f6a
.bidswitch.net/ Name: c
Value: 1704979966
.bidswitch.net/ Name: tuuid_lu
Value: 1704979966
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f3637285-b477-5d23-47ec-f8e0e7db5f30.7dg8Luy%2FdF2SrLlqe56BqNqiuYRUxbbDmsoJ8Tau7XE
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f3637285-b477-5d23-47ec-f8e0e7db5f30.7dg8Luy%2FdF2SrLlqe56BqNqiuYRUxbbDmsoJ8Tau7XE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A82NyhbR3XSNH7Pjg59tfMFD_B2w.6h56y2ZQ5IppI50dzLQWiqRB2cVNPRPL97Z%2BNISnMfk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A82NyhbR3XSNH7Pjg59tfMFD_B2w.6h56y2ZQ5IppI50dzLQWiqRB2cVNPRPL97Z%2BNISnMfk
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGFtzq-L4TuPwox2UZo5vn1abI_hyoKnna9vEXhX2CJTEHwYBCD-2_-sBjABOgRvD7diQgR5cBQu.SP%2F%2BizgCqSaRENLPM8tqNFKEdtc9K2CT%2B2C1DgFODW4
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGFtzq-L4TuPwox2UZo5vn1abI_hyoKnna9vEXhX2CJTEHwYBCD-2_-sBjABOgRvD7diQgR5cBQu.SP%2F%2BizgCqSaRENLPM8tqNFKEdtc9K2CT%2B2C1DgFODW4
.go.sonobi.com/ Name: HAPLB8G
Value: s86113|ZZ/uA
.de17a.com/ Name: guid
Value: 1.8729322251305762700
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8054181364219626165
.liadm.com/ Name: lidid
Value: a1ad907e-accb-4d1d-a8e6-15e3fd005338
.demdex.net/ Name: demdex
Value: 17777582327559816383034053773480472771
.company-target.com/ Name: tuuid
Value: 3147a909-c7ce-4f38-a409-c19d0dce6191
.company-target.com/ Name: tuuid_lu
Value: 1704979968|ix:0
.dpm.demdex.net/ Name: dpm
Value: 17777582327559816383034053773480472771
.ads.stickyadstv.com/ Name: UID
Value: 8868538986d26a2253e4865ab6c9ef
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZZ_t_V3Fy-E6onXiEaSO_QAADSEAAAIB
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.turn.com/ Name: uid
Value: 8010591416803421536
.amazon-adsystem.com/ Name: ad-id
Value: A3zPSPMSQEvVnQRCBECogNY
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.rezync.com/ Name: zync-uuid
Value: dc199543-d2cc-4d7a-ae99-bc04965e7d44:1704979968.8926263
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_w3HwRGAIAwEwI_txJFw5Di7wYRGrFz3t-_ByiYNdCvPNBSXrS3ZkxcUY7OAu_EPpZjnlIdH_wD4zhAMOgAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XIuxGAIBAFwAqMGMs4h4P78OwGgYYMDQ2tUiMdw909eG8MqGTqqTWS7pXqAGhrUWA6vIus7A8csLIUJEuWjzC9ichy_q3X_NnY9QZpfvfJagAAAA
.tribalfusion.com/ Name: ANON_ID
Value: aJnt6Zap26Ua8e4OCaRoUwmloqP4s30NIoUusjeAD7U2dYq0hk0T7AJdn3k1QtbEh5KZaWwebI26x0AcYG6ZbEG19lZdmgEk
live.rezync.com/ Name: sd-session-id
Value: .eJwNysEOwiAMANB_6XkYgZZSfmZB6IHo0Ix5cdm_y_El74T1o_uWu_YD0rF_dYHyalMD0gmj_TZ9QgKyHpEInXeBI1MkB9cCQ8do7762Ok8tVoTQm-pKMVg5m6wi5lHuKIGUK2KyPMEiId6iuOCCh-sPv_Ql-A.ZZ_uAQ.EDXUMQ1k_Rbk_nIRgi0ptelo-7E

36 Console Messages

Source Level URL
Text
security warning URL: https://tagan.adlightning.com/deseretdigital/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/deseretdigital/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/deseretdigital/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.deseret.com
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Bold.5151938f16d42d400f1b1b6cf8ce28b0.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Display_Bold.3ae2bb4526d6e998f6f95c1227253d91.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Display_Bold.26cefedcab11054b85987ff2f992a2c5.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Regular.a86565d35df3a9fb1e50b963cbf97a13.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Bold.401d3b047965b9833f0ef9a4299972b2.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Italic.9f7066049b8a07ca0e905ba46c8645f4.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Roman.a3e2828fcd9d3b031c3d3e07aea3d55e.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Roman.7d4d83ea55695b66b9beb992fadfb14b.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Condensed_Medium.93a6c93a1977e45c6c8110ece8b4b5d0.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Bold.8cb714e2e55e898768c36431818db72f.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Italic.1852359a620808c5c15d4adc10b281d9.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Condensed_Medium.bb363d55467296410f913b84056528f9.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Bold.d49a5ce3e771acb6ef7780dfb8628852.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Regular.409a2ac6bc1aa08eb312bd751e5b8f40.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOPeyX-iF9Xlzc0O6ZPhxUg&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=dc199543-d2cc-4d7a-ae99-bc04965e7d44%3A1704979968.8926263&_=1704979968.895723
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Bold.5151938f16d42d400f1b1b6cf8ce28b0.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Display_Bold.3ae2bb4526d6e998f6f95c1227253d91.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Display_Bold.26cefedcab11054b85987ff2f992a2c5.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Regular.a86565d35df3a9fb1e50b963cbf97a13.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Bold.401d3b047965b9833f0ef9a4299972b2.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Italic.9f7066049b8a07ca0e905ba46c8645f4.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Roman.a3e2828fcd9d3b031c3d3e07aea3d55e.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Roman.7d4d83ea55695b66b9beb992fadfb14b.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Condensed_Medium.93a6c93a1977e45c6c8110ece8b4b5d0.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Bold.8cb714e2e55e898768c36431818db72f.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Italic.1852359a620808c5c15d4adc10b281d9.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Condensed_Medium.bb363d55467296410f913b84056528f9.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Bold.d49a5ce3e771acb6ef7780dfb8628852.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.deseret.com/2024/1/10/24033494/judge-revokes-permission-trump-closing-argument-nyc-civil-fraud-trial
Message:
The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Regular.409a2ac6bc1aa08eb312bd751e5b8f40.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

46959c7b18fd908f021e5c9d6b008479.safeframe.googlesyndication.com
a.ad.gt
a.tribalfusion.com
aax.amazon-adsystem.com
ad.doubleclick.net
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
ams-pageview-public.s3.amazonaws.com
ap.lijit.com
apex.go.sonobi.com
api.deseret.com
api.emailsnow.info
api.rlcdn.com
api.saambaa.com
app.mirabelsmarketingmanager.com
c.amazon-adsystem.com
c1.adform.net
cdn-ima.33across.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.parsely.com
cdn.saambaa.com
cdn.vox-cdn.com
cdnjs.cloudflare.com
ce.lijit.com
challenges.cloudflare.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
cookie-cdn.cookiepro.com
creativecdn.com
csi.gstatic.com
d.adtriba.com
d.turn.com
d1vg5xiq7qffdj.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d5p.de17a.com
deseret.brightspotcdn.com
deseretnews.coral.coralproject.net
dpm.demdex.net
dsum-sec.casalemedia.com
e2767a2ab5f20ea2cf99813500f880a5.safeframe.googlesyndication.com
embed.sendtonews.com
embedcdn.sendtonews.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geolocation.onetrust.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
htlbid.com
i.liadm.com
ib.adnxs.com
id.hadron.ad.gt
id.sv.rkdms.com
id5-sync.com
idsync.rlcdn.com
images.outbrainimg.com
imasdk.googleapis.com
insight.adsrvr.org
js-sec.indexww.com
js.adsrvr.org
js.gumgum.com
lb.eu-1-id5-sync.com
lexicon.33across.com
live.rezync.com
match.adsrvr.org
mcdp-nydc1.outbrain.com
mv.outbrain.com
p.rfihub.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
player.sendtonews.com
prebid-server.rubiconproject.com
prebid.a-mo.net
pubads.g.doubleclick.net
region1.google-analytics.com
restrainstorm.com
rtb-csync.smartadserver.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
s2l.sendtonews.com
saambaa-deseret-tagan.adlightning.com
saambaa-static.azureedge.net
saambaa.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
sync.go.sonobi.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.teads.tv
tagan.adlightning.com
targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
uploads.deseret.com
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.deseret.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.mirabelanalytics.com
www.youtube.com
x.bidswitch.net
sync.search.spotxchange.com
104.18.35.167
108.138.15.119
108.138.26.63
13.32.121.35
13.32.27.113
13.32.27.39
13.58.98.49
141.95.98.65
142.250.185.194
142.250.186.130
142.250.186.166
143.204.98.51
145.40.97.67
146.75.118.132
161.47.17.28
162.19.138.117
172.64.149.180
172.64.151.101
18.158.30.2
18.193.91.20
18.214.196.3
18.245.60.100
18.245.86.113
18.66.110.17
18.66.112.76
18.66.122.16
18.66.138.185
18.66.147.69
18.66.97.62
184.30.22.30
185.184.8.90
185.64.189.112
185.89.211.116
193.0.160.130
199.232.196.124
2001:4860:4802:34::36
2001:4860:4802:36::178
2001:678:cb4:bbbb::13
213.155.156.183
216.52.2.16
216.52.2.30
217.182.178.233
23.35.236.201
23.35.237.56
23.35.237.86
23.53.233.193
23.57.19.78
2404:6800:4005:81b::2003
2600:1901:0:7a38::1
2600:9000:223c:7200:6:44e3:f8c0:93a1
2600:9000:223f:5c00:8:48e:53c0:93a1
2600:9000:2491:5a00:0:6f3c:65c0:21
2602:803:c003:200::41
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:1871
2606:4700:10::6816:1971
2606:4700:10::6816:445
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700:10::ac43:266a
2606:4700:4400::6812:2894
2606:4700:4400::ac40:9b77
2606:4700::6810:5514
2606:4700::6811:180e
2606:4700::6811:2b8
2606:4700::6812:19ad
2607:ae80:192:1::173
2607:f350:3:2569:0:10:0:200a
2607:f350:3:2569:0:10:0:c
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:800::200e
2a00:1450:4001:802::2008
2a00:1450:4001:806::200a
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2006
2a02:26f0:3500:16::215:1495
2a03:2880:f084:105:face:b00c:0:3
3.160.196.90
3.20.119.232
3.5.10.16
3.75.62.37
34.120.133.55
34.206.99.162
34.96.71.22
35.157.89.79
35.227.252.103
35.244.156.29
35.244.159.8
35.244.174.68
35.244.193.51
35.71.131.137
37.157.2.230
44.197.68.173
46.228.174.115
52.12.68.237
52.19.49.194
52.208.197.4
52.46.130.91
52.48.240.80
54.145.242.45
63.34.81.234
64.202.112.223
65.9.61.60
69.173.144.137
69.173.144.165
99.86.4.128
00df4c71abce5525e275be8f94ee32a07ffbeea94226e8096bbb432e3928e8b1
0235a432875e1486bdd643c49e0272b6e94df13ac7cec7ea269a0634afd2099f
0251289d2acf9ce1c07d69193df8c2ea279d5c9a057bcd4704b8ede0567384c0
02ff9ab9217afbaacb4ccd2a48d03c83161ba8126c0a1ffea3598b2946817880
0491e80e1960abebdd47ddd85c27a7ae3d3932d63c635daab0a7164f2d5a419d
04a2016e7259df05d8a2674b190c10dea67900a6eb0890c5dc901b56b101fd5b
0501a7736754c180f9c837b9b827571a8d108ff6ae199fbcc1bf80eaa1298142
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05538211898904261ad3f287b6828176ee887139de3290dde48b9660ace9940d
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
075a4ff009dfd00746970507771335399665c783cfaa7e3ed1a785fe154860cf
093fd02725ce81017378404252656e5152e58f032f51d57c37a6b486c9b72715
0a6be191a5569423993f2182b8a894733eb1c13804e0265773f5eca799d2e05b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c46d3b5218424bc0cb4c868abfc21fbcee6fab184289a77928bce49ac3d5ba8
0c7e4f76a293cf884c18a80a1b4f815223536cf2d56a1c9f8d6ba5a8f71a4ed2
0d5205b03ac9436282767d3c920a33499c2c9c4b3799a29b7ffe160f956a15ac
0ffe1094aa6cba32504f6ea98a0d8ace3bc25d720deb3938cce92206609be5dc
11870ce2c78f2ac1cd089be24fbc9fb4e65f214dc9cd9dca41d3a9465924e5fd
12fdd6f58f3a38ef326051b7a11f197847880b7a294ae181247a75ac31195b76
139b5bbf6aaa835413c9de4f77fac25469a9ea4976e4dbda20b29bd0e63eef81
148914fac032598dfa94957aee1addc57bff67ba08e902552d4aa42ae7fdf64e
1496e19cbae1f57865ce25d8d72caadd2195fabb9d9f19d18a10849c370371e1
1691528e16358e4a55f27a5960fdb5c5cfc05671e6682aa5d28ce102f483e758
18e417acc2170bc5559488138d56f4d308d36104a26eff8c23dd2cb371ab514a
1988c84385a43adbac8e318203dc8b42a5a94643af86c6d748b7e838135b2287
1a598c2fda78e0b6018bc16cee7e1db0a6a41a4594bddd19c927d60daec73f7d
1b1c8eb0f8246cf8da5999b82f45975f0d02cf1be1e114c958278a766ccbd97a
1b47172e940bc6307993348843eb9f3457fa525fa8f67882054f6042bde10ae2
1ba5a3c632e847397757ee221ccb105c46e6ae84e06a4c2c6412d39f20513059
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e8748e6b61572fabe24423cbff6af4e6c67775288ac09f4ba351f41d71d8c42
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13
21c63fdb7fe5edf1e0f2a2962fb1b653ca6a54b8dd12e14a2c9f17bd0602dafc
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
2439d09276050789596af71728fc61f652e2c7a0d721b3d19e20b506118df1fe
244d14860feb6151e162573386b08360a377d5060254ec62a823f35b61f10a17
24c210386e8b569a89b380b91b4b33c0e8d6bb064cf3ccd308a4ca54ba8fe517
260f3c2ba68e60ac028972f5749041ed7ff8f6bd2899fe849aa48b23010b9e4e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2742a5b0465d08b2166793d3420bb615774ff274768267bf44316be5c4981d86
292c4b31226660d43c28401602552c41ee62725a14405471e49b069251908026
29547ffb25c2912fc1fd7127e48bc045ed9dac17308af24a77500bb3c6113ac7
2a67f6e2a1380b836695e3b6090dc2d70920620669e370ba5e1861bf8c44e3b9
2ae6b8bae3212d1e511a1b0c51cd09855cb81b9df53db3afaaffb0229df025b2
2e56d46b73d36a4cd2959b5163de05df3f69ed1a27f99ffed7bd73089ba7ab88
2f0b2df67130c20d3f75e473ccf941fc8fea7c029d15adf044af4df143c45b2c
2f5ec0118626853c74c86c3a42bce3e20e9cd23523770f327d197b1b98cc1200
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33752b82ebac0330a91ebb3dd42b572558f7a7691bb3241eacb10be19387dfb9
351ba2ac20d28ffadb1115a6dd19d3a789cbd9d30d88630ca6d0a9a7fa6122d9
36b2007c0fe0a0f968bd49d1d050bd46989db93585b00b39df19ffa3e164047f
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3b9c1cc05afebe36aaca5962ba895806b4d4439677ad000009879d5914f78b0a
3c1b52e421e8fca80579ef1ad10e31f9eb62f16b5e3e5185b42ea75ff1aa4f10
3d3682c484de2380d37647d58525c03ac6a90983169ef5cf12b8900faccc5c35
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400364eacf69f0a75ce19dd956ae13093eae641137d6e0a076ee76a52c67eceb
404dee41a85b8b1947fb898339c079c42f3a33ec89d1879636bc2f6ddd0482af
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44556479dcbcca381b28827d2c0a339c105065d07cf13e5daded1c3a1cc7e932
4512a7b3315614a07cb8724f2b7879da1f085838fb8b68be377a1fab9d4e96a9
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48caede7b9c8d5e8e4349254a9840495ee7f93dfdf588c7adf34061ef4f43b20
497072e2582b04989a37eea01c697ce1add067414886d2bb81933b257cb3a242
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
4bfcce0a55f53bb1f3e24f7cfd05b3a4ae178b8ccfd4523652071f1615237caa
4c98415225e2d798f63c5cf293cecc7e25003e2bfdd5c36a15131e481377d3a5
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4d63e78bf545113a89fe586ca2edf214a9937d1569a9ccaf9b1d232906765228
4d6b0f3248092a19fd2fd52c9eb08778d6dd496b825eb7ae7a321e93f834755b
4dc74432b7b5eb8bc638e343a51c5aaf661667a55628e47e7707850c8e90405f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e485c7dbbc25e969e85d37706feb9ea7b35de758e08112d577eec9f334e9864
50923aa1c9538e17e1ad38afb7f8b736d415bae8eb4e08cd3691cd7d84e6c1e4
51f2a46c447874057ce75e50b81402242f305e8ea89dd7c36517cf7afebe23ec
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549e563419bcc1947e3f4676dcc2d0f0d9a079fecd796a3a5d0dc8006143e8c1
555f1db725cb79a4a3ae447aa5eb2e878dc39e3f4b2891829d9033da3130618c
557f82247c92222495045ab6e4e63541901223e4692b72bc25364614a820e7f7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5776a75d93fa4dfd2b2e858464735e8706480d16e0ca08c072b185ffd638900d
58221aabd5838e2b9b5582e18638bdd2845ae0ca4bf91c0e18b0c5fcea912ee7
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
5ae4511cca9105f1d4a785b54345acc66ba7a06dd9352fa9b5b280475cb05d63
5b647edf1597f3427578fc09d41be48660f2388e92022eb0693975efd38acda0
5c427e138011ce114d3377e8fd3b318f2623d9ce87f54a29e8f9b0db724de245
617d8707a5d4b256aac7f90276660fe1330782c98523ef14da8cba553c2e6dd3
61a9edae0f9dab3007c0b61f6e9ce733aa2ff81164a248cf830a714ddd04ff53
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62618a4bde8655938da346aa3168ea48507997f4950c593e072e09100a1658b9
629cdf78e2bf67f7b63b1d2b9b73ff5078c52e48af5f50f8823819e53042f6a7
62a1d4170d36abf67ef44e5e27efcf3c6838d1cd751b775296b86c08295bb4b0
62c423d31e29f534692a637edf708c9fc70cc475408da87ece7355b80824de4a
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63e938a1badfc997dfc37af37b607c19cd80e8a6c43d7d5beec530a253ceb1b1
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
653b367c322558cb2e60712a158f56c2929b62408a35ad4dfec09359c25b34b0
6547ba08705ae158059937825bcc38dddaebc8f48af354e8e570fafbe70fa926
66ca5597c9ea83b248a88ae983dba9366572a64571a204b8479e2a9a7665cf02
66f0dc601980210348b662950393979dddd60cd7d71deec55d52d33dba6480bd
6851edc0fca6eb99fa5fa083c37055fb96b62567bcd4730305e755e4cc0ab82a
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6927fa049d3b1421c68ba743653d6dbcf4556f17cf0a0467ea67f106611e536c
69ad3aa28d82aca629d5970eb80b68d85111d458e08fe3eae014ed8cc509637a
6a8fbb5a0c2a63d1e01a428166747c6300d8549ebe1e18d3e840141264585928
6bc5dd6f10419ca9cb3c62306501ceed08a23c1a65ec8e47804b221c37edaf83
6d5bea8e0cdd9848eedee10232ad1498f8027e66a5d9ccee1d052622247ada7f
6f1d7a8d874d9620f5c3d094cc8874b372d085546e46a9d5b5e48fb750e0ea59
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7201e6bac53c0dcb98d30679555b61e86990a8696eee906c8b2b7fd0634c3ddf
720eec6292faacec16eb3d540f8270e9e7d662ea66b6763a7a69478dca59c461
72753bf20ed288ede24c8c12689fd3ec0aaaae976f5155d7b8d90eca316506b5
742eda3b2d2aefb9c25c7daa5dfe251f02317aae3027a7f8221710d9a5a3d3d5
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
762c214cabdce5338b8e9b18339f3cbb2713ff8d3dbb69356c737a3aaa533414
769657ed5b1cbb514cb65e29be0742b3479af5816541609308966ed1c511e917
78aedee867f376acedb7baf555f6ad3b8871aafd40d1d7349c1146b21c5cd33c
79bfd990f4a7c0761fba24d187be6877d875e0e3c4563cd99f2821ef8d1a915a
79e5b8e2b0df08368c09d142a09c363acfd72c462d011ab6052680363300f7e3
7a45273b45f8e27e7112f967d5d17207567a10f406512edad9881a05a1dba469
7be8d23faf8e20f95b11c1a6b936f8e7fab5edfe166294fa5cbddd5f4aee8dbc
7c08fb910a4a36aba1781397a920cc83568ac400b6180bc3a425c450ca636d01
7c169a2b8c8c7d9c1d7a302528ba979a59419d832d22575a996b914ea44e079e
7d7434ecc674742ed5a87be268af3c99a9d9a67b4d55898128dbc5ae899eab26
7e11cc2bfb2fad7c637d1f41afe65456d855048d6e128f6affd56148fc45e3a1
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
80d8bddff3ab656502b1555ab421c61eebaf5549d4389529648f67c46c9dc980
8194aa79ecf954eb2b1a9a19c7ed16d893ab737297f1c3ac58c662073c76aa4a
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b974070760f2509bd8460ef35022d20f00556bac3be188a50cfef762d2327e
843cf70a8f73b9334bebd67ea154e575ffb2c7dc85d57a703bc67ecf865674f0
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
850e587a96f9cad84206169720be046f289fa015e4b76b6ae79610c9d73c7eef
8557d02fc2f9e24ddb17432f71b633c3afe7761887f2d4ed9668bacbf854554a
85976c05de46ce57ed5573e315c75d3377b11c946683a4ee81d6092a59032f34
86741fbbd4e540c5e2a541773927159732b41034318e0e0a4a78ee2253da2eab
86cbd186d5f518d881af44ace9a2d7afc7e354f5ce6c2d0a675da7161881f42e
884745c5681a986cfcad22b959065049a2f2f5ac4c90d21dcd2c087b264f903d
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a18a76b040ad064cb4e3e956086c3d602fd87471df3713d0efe221e889b57c9
8b34a6e3b62823dc4ed7e5c01f5ea550ada1ecfd8832e7b11ee0cea68d7ed534
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db5740ee1b4996b2c0e7003cbd48645f9b3a01d7d2f7b5e4eaf11e291432c29
8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447
8ee4feaf7d7d9ebbdc924f9d70e67a34ba1fc00f48051151f66f747d5846ea54
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8faee1e9a9f2a9c9aa0ebbaa33046d50467b46162ffca9136b1efca66026db63
8ff28e2ad4b71d4e10bc872b1b79402455ad47907c3b3be54e631404ac8848b4
905f99e00243328b9ff9c14712a95acc877e0f67cd696edfd287c14b21268226
92044b33c729f1c353019f977112007e977d5461be793261a1499f034c4ec066
927dedc9a3661b1abc859b113cf96c427a928af9f2bfbf35df7476bccd2f34f3
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
94b1b4f4da4b9b1a39c2c3f839eadc4bf18cc907a02db1dc7413e191a380645c
96ad235708770c4198d6310ee0c1a2d1a372974558d1e4a97fb3b79bf25d7d7d
96f1bf7e1c0ac4c3310832746a1a8887970155a1de90935c488b05a0c2c73c1e
9718fd957de7231935c27f6ea7ab94b7993565ce7227eb809a1d6e3dc19acf75
97e0d65ace73cf6609e6b3aceef4359662f2919f7a274f59b81339a08a2d0155
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
9969d346aaf23751a6f8ab6c0b4b12c09c62ec8c594cb126e876a189bffd56bd
998566e29ab8c76df582b811323fd5645930797a51fd6c32e0b48cd443bab086
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a811246367093979c01fc9ea67e8db8c1b1e5abbd10fd669d6de163702c942b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9f7845baf48f3b8c34aad7cdfabdbde46cdefcd61f5843bb8e485ecd17b35381
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09d02e6d88797dbde0e92bbca6e534dbe41f4add18f56f2e10ab3ae98dca0a6
a0d01b7dcb4fad6330dbe35bd607491e5974b40a0d4e60ccf82bf79f82ade80e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a17ae6bc886c2c22c1e22c582d2f7e847265e816459994e967766e35093c9786
a476972d8bfd0c31d4e4dfc6886d6083aab91dfe744de364c1fc93978e8ad793
a5c5b350418be584122397d04f348fa5735a376d38a7ec875a267fde565dbba8
a6228e761dcb43896055c3e8271b1e4dfd480df47f1ee88c57c1000b991e60c0
a6d8efcec4beb19fdcb6e14e5ae504451a3d846afe70c26c79825c9b9121a9be
a7dedf94200ec35597a1b32207ebb117b959a3d2d5bbf4e95e973c787ff892ba
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
a95d7230e92fa3f5e49d0a98b70db47eca288aa80c32e7aa463fbf0887ed6648
ab90132e45888410d7ca1b5b647a9d40eff08c262b97edf1d7b6354e34680551
acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7
ade64b94b199f7eed364aed791007ad5ea08cb6b4d23d29a4e525eed6d546cc3
adf2a36c4c7fa138ab5bf38e689008bb84b9cccfeb212a5bc727ea5219f82dcc
aeac3df5ca446725ac4a984ed4b6172c3b3b1cec23d70cc45ec546863f792264
af8574c64eb8a1a24537fe67d1c22a775ddff60c52157b8922dae42caf91db97
aff731edea8ed44f2004b31ff21b7a7736ea47527c8711487f4e170940106f7f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b234a16b484ec2981e8f24f3f4a30c066539c3daa948a23b964868033217fc09
b2f09e431b6ef8f992bad9473ab180eb81560fb1f5dcb16b14621abff65e5d6e
b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e
b52608eb90130f261d38507f7445e73f9c54fde9b481d23f1987bafd1ed5090a
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09
b7f5d70a1071fe2f8b9e45d9befbb788d9912d50f7dbc60e5728bdf837a21d08
b947b576d812b8973c7f61c01e772f677f67294af6c528a49f76196d79a939f2
b9bb801cbf67566b7ba3ee069c3ee5dde456e41133e43cd7ea7a7f2632af29b0
bcc5776e9fae4fdacc876c8fec1a448df437dbcb9c79920384bd88d8cebb3869
bd6c8a509da4d92785ad9a6ca5f3f876c29df01567c8b7be9f1bbaaffb5b5d59
be006d80a99b5528054b3db1558fc7326c5d2139c890d4216a293ec1a996b9a6
c07c4a729c1a85b4d7ab981f9d958266f1adf5e5a1362e194e20ca45ad7e4dfb
c09ad64ffa8068d09aae8382e6b3b345aec086018cc7ce2942c9cfe290df5b45
c1235797de51c5f9f7f56a5795f1fc6e13d2f5357949ed24857ccb634cd4a747
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c77ff32582eb944231be1a9996a4e1d4472908643c1188c35b8e63a2832cf011
c7a8bfe0d4f7f345b49ee46bc1a8ecfeea20b46a617ad4a1908c15e7ea2d72a0
c94ebc505ac53cbcf1dd0aa14f8ddb99e063d1fbb6757cf37d7ea27e543c199b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbec7e88311e23ca6604fdc4dc242d79f68860de276d4bb846b64ff310ec9b18
ccbc178ef65d63d799889051c0ff77970e2d9cb0b64befbcc2056de0b692572e
cd7c41b6632232b82acdb3131e371cb0ad687e4760d675ab226f40e97cef80ed
cd7edbb00e154e957bbfc2a825ee603de6bab62215d5fe1580687dbeba3d3d45
cef4f8291e3a04c0285761f4bce1be1ba267090ce3078367eaab21653a48319b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2288c575a997b8e3c506f2d9d6ee20a12c9592d66a98404f58100369797c939
d233f75c43cd448ecfc7d3b35986fd1df1c9101a44719772db87c1aabe10151e
d2dcf4e292cf679e2c8530bc37a6f23979b184ba573845ddbb1e9d595a554227
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d37a519f3a04fe4c01c920f2ba0cf85283ebd419b5d101a606c5ee2b33f19b35
d3e6adbda65d2903f09a41c14896d338479636be883f23fd9c22cfdecdadcd26
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d50cb6bda0a5fd7016cdfe46cadb1f5a517fd0135726d581dfe9826bebcd0cd0
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c
d6e5ddd963178ca2ccfabb7a46845cf2d008e1d060df46da0a5daa9e874f762d
d751f9a0669eaa9975bd4caa721ff3ae89770ff2694e409e073e30795ef329ea
d75c1ccca03452171a4a1228fcd5b26df8dea67439e85cb5ba3b2e7c84dc9dcc
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f
db1a1fd6abb5ccf8313c46f34a1e6ad3bcf72cb0a1323a70fe11d8318f5e32b4
dbcda260836aeb509a6fbffe6ec0101fb3f488f447bd84e72469d4a5535982b4
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dc866635a05e8762cdddae2527450326d4a82e074c768d1aa658a25cd723421d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dee47dde991622023f766b8259b8e18c08c534c51e226bd76d896c4d5d7f300b
e31197a6a66ed48020a2e8eed540b9151a60ffc48fa12ba64408dfab0c10c838
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ad3a7c4aa97b074c4d59a438bb5813ded8ad1d8bb8cf630abb4c6ee075d54e
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87
e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7d4d79a9e6e9e8517a50ccf73d395158447af175d89d638be16072f86709132
e90c6ec3d4f0c3fbc0b90092308ea0dc40d10eb4c59455937927794082128b11
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
eabb880277c8644d8b8d3134cc8649109692ee1d1d4ca460374dd7cd97c9271b
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb6d8677f4fe82deb229a4a4123c46c3378a92cf5e17f4844dcf430dd1ff6b45
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04c91ee88b4ddb8c3d67e67a74d996c38e64a8126ef4aadc677331645693d50
f0b2aa044e220b8f9ec02d387f0a408309d8563232656a8700338f293598e1e0
f15fcceb995f21bd3b51233147c6eaab83022b27090116c8eb835a67eae3fc94
f2a94eb1d42e17433281e0b974340f4d2efc5ef5033d0d4af074a96012c6ba1d
f3e1d573601ec8fc04b7410e8593284ffce7fbcc2148ce3070349b6218a40d1f
f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38
f767c777d5b0c7bda7a7e315f2aaf053d62613362cd3d9b05da2b09bbd5be6c0
f77b13b209813da09a0d1af63b7bb71129c58e0b3b29174844ab7e210e2284fe
f928e3c53fd579926f3c8bf4473084a5b67d9e08bb33bf3de87fa1bfd944c863
fa6e94acb00215b8da920da7fbf9f18b00d1ae97184dbaf4a4e37b4c87938459
fb0937c8795554e0837a02e3c17fc431c8665d70b631fd4bc285e8c10e5e22a6
fb963f606e9332dc0135d41b0769ef60751afe0357fbef8f8926c4b6efc73ff8
fbb22ef8eebf981424d05fe5c6ebf0ba79922ef57bf3a9347b8c410a0f30658e
fd8e6d26ae464a400f3c77955c4d426cec2d159f514c30ff72f9155f6e606a15