www.fox13now.com Open in urlscan Pro
143.204.98.34 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Submission: On May 02 via manual (May 2nd 2022, 5:36:19 pm UTC) from DE — Scanned from DE

Summary HTTP 281 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 82 IPs in 7 countries across 54 domains to perform 281 HTTP transactions. The main IP is 143.204.98.34, located in United States and belongs to AMAZON-02, US. The main domain is www.fox13now.com. The Cisco Umbrella rank of the primary domain is 214925.
TLS certificate: Issued by Amazon on February 17th 2022. Valid for: a year.

This is the only time www.fox13now.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	143.204.98.34 143.204.98.34	16509 (AMAZON-02) (AMAZON-02)
6	143.204.98.104 143.204.98.104	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:215... 2600:9000:2156:d600:13:a391:88c0:21	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	92.122.145.25 92.122.145.25	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.204.98.18 143.204.98.18	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3032::ac43:cb69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
2	104.102.28.29 104.102.28.29	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	96.16.141.156 96.16.141.156	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e01b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.227.208.151 35.227.208.151	15169 (GOOGLE) (GOOGLE)
2	143.204.98.10 143.204.98.10	16509 (AMAZON-02) (AMAZON-02)
1	143.204.103.127 143.204.103.127	16509 (AMAZON-02) (AMAZON-02)
1 19	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	23.35.229.181 23.35.229.181	16625 (AKAMAI-AS) (AKAMAI-AS)
11	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 3	108.157.4.121 108.157.4.121	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:4af5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:6a00:10:618e:d880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.53 143.204.98.53	16509 (AMAZON-02) (AMAZON-02)
1	34.194.161.83 34.194.161.83	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:1f18:e8a... 2600:1f18:e8a:cd02:882c:d916:bae1:7722	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	2a02:fa8:8806... 2a02:fa8:8806:20::2100	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
2	134.209.131.220 134.209.131.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	34.248.81.187 34.248.81.187	16509 (AMAZON-02) (AMAZON-02)
3	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
3	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
3 10	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
2	3.67.60.21 3.67.60.21	16509 (AMAZON-02) (AMAZON-02)
1 7	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
5	64.202.112.255 64.202.112.255	23352 (SERVERCEN...) (SERVERCENTRAL)
2	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
6	18.221.123.94 18.221.123.94	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	3.126.73.74 3.126.73.74	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3 12	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
4 6	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
6 12	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	67.202.105.23 67.202.105.23	() ()
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	34.241.235.173 34.241.235.173	16509 (AMAZON-02) (AMAZON-02)
6	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
2	18.66.248.32 18.66.248.32	16509 (AMAZON-02) (AMAZON-02)
2	104.92.74.8 104.92.74.8	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 3	2a05:d018:d29... 2a05:d018:d29:3601:cc00:50b5:a5a9:66b7	16509 (AMAZON-02) (AMAZON-02)
2	35.156.115.11 35.156.115.11	() ()
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 7	209.54.180.144 209.54.180.144	() ()
2 2	70.42.32.95 70.42.32.95	() ()
2	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
4	54.163.129.198 54.163.129.198	() ()
2	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	216.52.2.48 216.52.2.48	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	52.59.71.183 52.59.71.183	16509 (AMAZON-02) (AMAZON-02)
4 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2	3.218.106.221 3.218.106.221	() ()
2	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	52.94.222.140 52.94.222.140	() ()
2 3	69.173.144.139 69.173.144.139	() ()
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:807::2	() ()
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
281	82

6 143.204.98.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-34.fra50.r.cloudfront.net

www.fox13now.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.98.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-104.fra50.r.cloudfront.net

ewscripps.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:d600:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)

d3plfjw9uod7ab.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:7::17d8:4dca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 92.122.145.25 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-145-25.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-18.fra50.r.cloudfront.net

assets.scrippsdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::ac43:cb69 (United States)

ASN13335 (CLOUDFLARENET, US)

analyticssystems.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.28.29 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-28-29.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.141.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7::5c7b:e01b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.208.151 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 151.208.227.35.bc.googleusercontent.com

aswpsdkus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-10.fra50.r.cloudfront.net

api.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.103.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-127.fra50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 151.101.66.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lit.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.121 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-121.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4af5 (United States)

ASN13335 (CLOUDFLARENET, US)

tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:6a00:10:618e:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-53.fra50.r.cloudfront.net

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd02:882c:d916:bae1:7722 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

ewscripps-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 134.209.131.220 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.248.81.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-81-187.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.33.221.14 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.67.60.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-60-21.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.202.112.255 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.221.123.94 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-221-123-94.us-east-2.compute.amazonaws.com

capi-tier-2-us-east-2.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.73.74 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-73-74.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.74.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.35.236.247 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 76.223.111.18 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.23 (None, )

ASN- ()

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.235.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-235-173.eu-west-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-32.dus51.r.cloudfront.net

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3601:cc00:50b5:a5a9:66b7 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.115.11 (None, )

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 209.54.180.144 (None, ) 4 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.95 (None, ) 2 redirects

ASN- ()

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.163.129.198 (None, )

ASN- ()

x.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.59.71.183 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-71-183.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.218.106.221 (None, )

ASN- ()

exchange.consumabletv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.222.140 (None, ) 2 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (None, ) 2 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (None, )

ASN- ()

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 171 pagead2.googlesyndication.com — Cisco Umbrella Rank: 119	253 KB
30	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 245 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 354 cm.g.doubleclick.net — Cisco Umbrella Rank: 289	244 KB
25	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 4500 cds.connatix.com — Cisco Umbrella Rank: 4673 capi.connatix.com — Cisco Umbrella Rank: 4835 lit.connatix.com — Cisco Umbrella Rank: 10547 ins.connatix.com — Cisco Umbrella Rank: 7062 capi-tier-2-us-east-2.connatix.com — Cisco Umbrella Rank: 5180 vid.connatix.com — Cisco Umbrella Rank: 5472 img.connatix.com — Cisco Umbrella Rank: 5369	418 KB
16	rubiconproject.com 6 redirects ads.rubiconproject.com — Cisco Umbrella Rank: 3313 fastlane.rubiconproject.com — Cisco Umbrella Rank: 663 prebid-a.rubiconproject.com — Cisco Umbrella Rank: 4227 eus.rubiconproject.com — Cisco Umbrella Rank: 829 pixel.rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 1060	131 KB
16	amazon-adsystem.com 6 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 375 s.amazon-adsystem.com aax-eu.amazon-adsystem.com	48 KB
14	3lift.com 6 redirects tlx.3lift.com — Cisco Umbrella Rank: 879 eb2.3lift.com — Cisco Umbrella Rank: 590	6 KB
12	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 326 acdn.adnxs.com — Cisco Umbrella Rank: 853	43 KB
11	yahoo.com 7 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1174 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 738 ups.analytics.yahoo.com — Cisco Umbrella Rank: 420 ads.yahoo.com	4 KB
8	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	411 KB
8	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 20 adservice.google.com — Cisco Umbrella Rank: 128	2 KB
8	serverbid.com e.serverbid.com — Cisco Umbrella Rank: 4320 sync.serverbid.com — Cisco Umbrella Rank: 10149 x.serverbid.com	5 KB
6	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 447	2 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 901 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 821	6 KB
6	openx.net ewscripps-d.openx.net — Cisco Umbrella Rank: 75011 u.openx.net — Cisco Umbrella Rank: 1045 rtb.openx.net — Cisco Umbrella Rank: 2213	1 KB
6	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 4301 log.outbrainimg.com — Cisco Umbrella Rank: 2441	2 KB
6	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1701 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3413 odb.outbrain.com — Cisco Umbrella Rank: 1756 mv.outbrain.com — Cisco Umbrella Rank: 3324	88 KB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 1007 p.typekit.net — Cisco Umbrella Rank: 1232	69 KB
6	brightspotcdn.com ewscripps.brightspotcdn.com — Cisco Umbrella Rank: 44018	316 KB
6	fox13now.com www.fox13now.com — Cisco Umbrella Rank: 214925	333 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 316	112 KB
5	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 439 fonts.googleapis.com — Cisco Umbrella Rank: 111	741 KB
5	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 2169 usersync.gumgum.com — Cisco Umbrella Rank: 4378	7 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
4	advertising.com 4 redirects pixel.advertising.com — Cisco Umbrella Rank: 716	1 KB
4	33across.com ssc.33across.com — Cisco Umbrella Rank: 2373 ssc-cms.33across.com	701 B
4	analyticssystems.net analyticssystems.net — Cisco Umbrella Rank: 14726	2 KB
4	cloudfront.net d3plfjw9uod7ab.cloudfront.net	106 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 227	110 KB
3	cheqzone.com ob.cheqzone.com — Cisco Umbrella Rank: 8786 obs.cheqzone.com — Cisco Umbrella Rank: 5657	20 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 213	2 KB
3	ewscloud.com api.ewscloud.com — Cisco Umbrella Rank: 73119 static.ewscloud.com — Cisco Umbrella Rank: 96203	8 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1448	132 KB
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 655 image6.pubmatic.com Failed	12 KB
2	consumabletv.com exchange.consumabletv.com	787 B
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 881	554 B
2	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 1511	952 B
2	emxdgt.com cs.emxdgt.com — Cisco Umbrella Rank: 1294	81 B
2	zemanta.com 2 redirects b1sync.zemanta.com	602 B
2	bing.com c.bing.com — Cisco Umbrella Rank: 379	880 B
2	bidswitch.net x.bidswitch.net	440 B
2	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 899	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 955	636 B
2	google.de www.google.de — Cisco Umbrella Rank: 3632 adservice.google.de — Cisco Umbrella Rank: 5351	1 KB
2	dotomi.com web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3026	969 B
2	tru.am tru.am — Cisco Umbrella Rank: 7193	12 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3495 p1.parsely.com — Cisco Umbrella Rank: 2820	24 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 195	85 KB
2	media.net hbx.media.net — Cisco Umbrella Rank: 1950 hblg.media.net — Cisco Umbrella Rank: 2399	131 KB
2	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 755	8 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 909
1	gstatic.com fonts.gstatic.com	28 KB
1	aswpsdkus.com aswpsdkus.com — Cisco Umbrella Rank: 7798	38 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	42 KB
1	scrippsdigital.com assets.scrippsdigital.com — Cisco Umbrella Rank: 67954	4 KB
281	54

	Domain	Requested by
15	pagead2.googlesyndication.com	srcdoc 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.fox13now.com 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com tpc.googlesyndication.com
12	eb2.3lift.com	6 redirects ads.rubiconproject.com eb2.3lift.com
12	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net eb2.3lift.com
11	securepubads.g.doubleclick.net	www.fox13now.com securepubads.g.doubleclick.net cd.connatix.com www.googletagservices.com
10	ib.adnxs.com	3 redirects ads.rubiconproject.com googleads.g.doubleclick.net acdn.adnxs.com
8	s0.2mdn.net	imasdk.googleapis.com www.fox13now.com s0.2mdn.net 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
7	s.amazon-adsystem.com	4 redirects eb2.3lift.com
7	www.google.com	1 redirects www.fox13now.com securepubads.g.doubleclick.net 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com tpc.googlesyndication.com
6	match.adsrvr.org	ads.rubiconproject.com eb2.3lift.com sync.serverbid.com
6	img.connatix.com	www.fox13now.com
6	vid.connatix.com	cd.connatix.com www.fox13now.com
6	capi-tier-2-us-east-2.connatix.com	cd.connatix.com
6	c.amazon-adsystem.com	www.fox13now.com c.amazon-adsystem.com
6	ewscripps.brightspotcdn.com	www.fox13now.com
6	www.fox13now.com	www.fox13now.com ewscripps.brightspotcdn.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	log.outbrainimg.com	widgets.outbrain.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.fox13now.com
5	use.typekit.net	www.fox13now.com use.typekit.net
4	token.rubiconproject.com	4 redirects
4	ups.analytics.yahoo.com	4 redirects
4	pixel.advertising.com	4 redirects
4	x.serverbid.com	sync.serverbid.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	prebid-a.rubiconproject.com	ads.rubiconproject.com
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	g2.gumgum.com	ads.rubiconproject.com
4	analyticssystems.net	www.fox13now.com 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
4	d3plfjw9uod7ab.cloudfront.net	www.fox13now.com securepubads.g.doubleclick.net 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
3	pixel.rubiconproject.com	2 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	pr-bh.ybp.yahoo.com	3 redirects
3	www.googletagservices.com	securepubads.g.doubleclick.net 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
3	ssc.33across.com	ads.rubiconproject.com
3	c2shb.ssp.yahoo.com	ads.rubiconproject.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	sb.scorecardresearch.com	1 redirects www.fox13now.com
3	cds.connatix.com	www.fox13now.com cd.connatix.com
3	widgets.outbrain.com	www.fox13now.com widgets.outbrain.com
3	use.fontawesome.com	www.fox13now.com use.fontawesome.com
2	ads.pubmatic.com	sync.serverbid.com
2	exchange.consumabletv.com	sync.serverbid.com
2	rtb.openx.net	sync.serverbid.com
2	ap.lijit.com	sync.serverbid.com
2	sync.go.sonobi.com	sync.serverbid.com
2	ssum-sec.casalemedia.com	2 redirects
2	cs.emxdgt.com	sync.serverbid.com
2	b1sync.zemanta.com	2 redirects
2	c.bing.com	eb2.3lift.com
2	x.bidswitch.net	eb2.3lift.com
2	px.ads.linkedin.com	eb2.3lift.com
2	eus.rubiconproject.com	ads.rubiconproject.com eus.rubiconproject.com
2	sync.serverbid.com	ads.rubiconproject.com
2	acdn.adnxs.com	ads.rubiconproject.com
2	sync-tm.everesttech.net	2 redirects
2	u.openx.net	ads.rubiconproject.com
2	googleads4.g.doubleclick.net	www.fox13now.com
2	googleads.g.doubleclick.net	www.fox13now.com 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
2	1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	tlx.3lift.com	ads.rubiconproject.com
2	e.serverbid.com	ads.rubiconproject.com
2	fastlane.rubiconproject.com	ads.rubiconproject.com
2	web.hb.ad.cpe.dotomi.com	ads.rubiconproject.com
2	ewscripps-d.openx.net	ads.rubiconproject.com
2	obs.cheqzone.com	ob.cheqzone.com www.fox13now.com
2	tru.am	www.googletagmanager.com tru.am
2	api.ewscloud.com	ewscripps.brightspotcdn.com
2	connect.facebook.net	www.fox13now.com connect.facebook.net
2	cdn.cookielaw.org	www.fox13now.com cdn.cookielaw.org
1	id.rlcdn.com
1	ads.yahoo.com
1	usersync.gumgum.com	ads.rubiconproject.com
1	ssc-cms.33across.com	ads.rubiconproject.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	mv.outbrain.com	widgets.outbrain.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	odb.outbrain.com	widgets.outbrain.com
1	ins.connatix.com	cd.connatix.com
1	lit.connatix.com	cd.connatix.com
1	www.google.de	www.fox13now.com
1	capi.connatix.com	cd.connatix.com
1	p1.parsely.com	www.fox13now.com
1	ob.cheqzone.com	widgets.outbrain.com
1	static.ewscloud.com	www.fox13now.com
1	hblg.media.net	www.fox13now.com
1	widget-pixels.outbrain.com	www.fox13now.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	cd.connatix.com	1 redirects
1	cdn.parsely.com	www.fox13now.com
1	aswpsdkus.com	www.fox13now.com
1	p.typekit.net	use.typekit.net
1	ads.rubiconproject.com	www.fox13now.com
1	hbx.media.net	www.fox13now.com
1	www.googletagmanager.com	www.fox13now.com
1	assets.scrippsdigital.com	www.fox13now.com
0	image6.pubmatic.com Failed	ads.pubmatic.com
281	99

This site contains links to these domains. Also see Links.

Domain
scripps.wd5.myworkdayjobs.com
www.facebook.com
twitter.com
givingpledge.org
x-default-stgec.uplynk.com
support.fox13now.com
publicfiles.fcc.gov
www.instagram.com
scripps.com

Subject Issuer	Validity	Valid
*.scrippsnationalnews.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
ewscripps.brightspotcdn.com Amazon	`2022-04-30` - `2023-05-29`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.scrippsdigital.com Amazon	`2021-08-08` - `2022-09-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.analyticssystems.net E1	`2022-04-05` - `2022-07-04`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-09` - `2022-05-10`	3 months	crt.sh
aswpsdkus.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-20` - `2023-02-20`	a year	crt.sh
*.ewscloud.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-19` - `2022-09-19`	a year	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.cheqzone.com Amazon	`2022-01-22` - `2023-02-20`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-07-13` - `2022-06-25`	a year	crt.sh
e.serverbid.com R3	`2022-04-13` - `2022-07-12`	3 months	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-08` - `2022-08-31`	6 months	crt.sh
ssc.33across.com GTS CA 1D4	`2022-03-22` - `2022-06-20`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon	`2022-02-15` - `2023-03-16`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
sync.serverbid.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2022-03-28` - `2022-09-28`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-04-12`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh

This page contains 32 frames:

Primary Page: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Frame ID: 3466DF05FA9F932748D47503829425B4
Requests: 119 HTTP requests in this frame

Frame: https://cds.connatix.com/p/160402/connatix.playspace.dc.js
Frame ID: CD5A0433639A460B788B4AAC1BFE13F6
Requests: 14 HTTP requests in this frame

Frame: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4A16153B0C9D96163A170514A266E2B7
Requests: 1 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Frame ID: C3D1E4F90A6DF373B8381C64A089C19E
Requests: 10 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Frame ID: FF56A9168888361AEAF3C7F4DD046419
Requests: 11 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: C86FF30ED4F3BFCC216D59AF73993E00
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: 3CD3C47583D4D9D4CE29853CB3360B6A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: BA8E2282962C5706996B5A6AB34E8036
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 51BD1700B5D91778D195A2DA013D0625
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D2F03DF3BDA690CFA68FDA53DFA0F8E0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 720322DCCD707067538ADBB25377A2F8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 984C4651577BADDF1FEB2B37B9C27E10
Requests: 14 HTTP requests in this frame

Frame: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C28BEEC13FBCE90D6B5AD5417205A561
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGInDncEBMAE&v=APEucNWouRXJWq82ausJ-L4Miw3N3qgKS1lvwVqK6NUCNXqS7jgfGPeM9KUsyTdnvKN5xL1YSUCEiuCf13Ctoors8avlu-cJW9Ju-siwQSEjcJLJZGIzee-_kec_GupKZKkJFfYJvZmcInNyMFaZ6n8uMf6b7IokzNc4rfSlgnK-dlCgRPpSqgY
Frame ID: 70B0119D5FA294C9558CB451EE78CFF5
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8851140725476658159/index.html
Frame ID: D171C7B1A116F67839F54D9CFAEE276E
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2EF22B7917EEDEFD4A781F4274B8D245
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 45EA56E2AC63D18428DC32C8B9AED9EA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 873ECF767DB35A695D164238D18FF721
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: E1A5DC136FFD63705F9A80DB540A44D4
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: A172C01DC679B2F0C4EDA059E0160267
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bgZdFqByur67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 00AF9BF27D190392F49B9542F920E92A
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: A5E2BC4306C6869989049B61B994C73B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=YnAWkgAGWDgwUgAZ&gdpr=1&gdpr_consent=&_test=YnAWkgAGWDgwUgAZ
Frame ID: 07B9571EA990D37FB0FB549AE84D1AD9
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 55D41461433221947219237A342E14FB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 28EF6AC71B48144FAFCDBFFFF3B815ED
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: AA16510061A6B794FFA4E9B3AACAAD2A
Requests: 11 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000248.html
Frame ID: 4C33FA9F5359FF60C1752584939BFC99
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 554FF7BE44341DA29D3EE494DE0D2905
Requests: 3 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000248.html
Frame ID: E63E26AFE7468FD27C0B744629936BBF
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3A5F52B25A27213AC749472409396891
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 1BCA852996879DB74FB553FC7700769E
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 5D7126AA24F7AE659A126C58C2858AB6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Billionaire Utahn to give away 90% of his wealth

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

281
Requests

86 %
HTTPS

38 %
IPv6

54
Domains

99
Subdomains

82
IPs

7
Countries

4013 kB
Transfer

15091 kB
Size

39
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://scripps.wd5.myworkdayjobs.com/Scripps_Careers/3/refreshFacet/318c8bb6f553100021d223d9780d30be
Title: Careers

Search URL Search Domain Scan URL

URL: https://scripps.wd5.myworkdayjobs.com/Scripps_Careers
Title: Careers Search

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=765516083862087&display=popup&href=https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth&text=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth
Title: Tweet

Search URL Search Domain Scan URL

URL: https://givingpledge.org/Pledger.aspx?id=430
Title: announced Tuesday

Search URL Search Domain Scan URL

URL: https://givingpledge.org/About.aspx
Title: The Giving Pledge

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/d5f/ef205c0e5ea14d77944cbd6904335118/d5f543e0684c437fa0c679d6af95d519/d5f543e0684c437fa0c679d6af95d519_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/c3d/ef205c0e5ea14d77944cbd6904335118/c3dc827c17ac4ff784335db9333c890c/c3dc827c17ac4ff784335db9333c890c_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/8dd/ef205c0e5ea14d77944cbd6904335118/8ddc48348d7143f1a0ddd3d9d1326e5a/8ddc48348d7143f1a0ddd3d9d1326e5a_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/a12/ef205c0e5ea14d77944cbd6904335118/a12821b898bd4334b52dc12d9d69f21c/a12821b898bd4334b52dc12d9d69f21c_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/9c9/ef205c0e5ea14d77944cbd6904335118/9c91feb708cd4d5a977fc5e3bfa05e63/9c91feb708cd4d5a977fc5e3bfa05e63_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/f33/ef205c0e5ea14d77944cbd6904335118/f33b37e6bbcd49e9936f0713e79497cd/f33b37e6bbcd49e9936f0713e79497cd_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://givingpledge.org/Home.aspx
Title: Hundreds of other billionaires

Search URL Search Domain Scan URL

URL: https://support.fox13now.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/KSTU
Title: FCC Public Files

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fox13newsutah
Title: fox13newsutah

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fox13now/
Title: fox13now

Search URL Search Domain Scan URL

URL: https://twitter.com/fox13
Title: fox13

Search URL Search Domain Scan URL

URL: https://scripps.com/our-brands/local-media/
Title: Scripps Local Media

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/160402/connatix.playspace.dc.js

Request Chain 50

https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1651512972257&ns_c=UTF-8&cv=3.5&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c7=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1651512972257&ns_c=UTF-8&cv=3.5&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c7=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&c9=

Request Chain 177

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDdXVuke6EZZCsW2ireifQ&google_cver=1

Request Chain 189

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YnAWjgRXW.iS0PYjz59qoAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDdXVuke6EZZCsW2ireifQ&google_cver=1&google_hm=2

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELXKeNzqpzD4ParYZP9ed5g&google_cver=1

Request Chain 191

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgxNzI0ODM3MTUzNTQ5NTUzNg%3D%3D

Request Chain 213

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 217

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YnAWkgAGWDgwUgAZ HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=YnAWkgAGWDgwUgAZ&gdpr=1&gdpr_consent=&_test=YnAWkgAGWDgwUgAZ

Request Chain 220

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 226

https://eb2.3lift.com/ebda?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY2MjE5NTIwNzM4Nzk5Nzg1ODAwNw%3D%3D

Request Chain 228

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY2MjE5NTIwNzM4Nzk5Nzg1ODAwNw%3D%3D

Request Chain 230

https://pr-bh.ybp.yahoo.com/sync/triplelift/4662195207387997858007?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-MrAXkNVE2oTa5_e_j82HncDNB7PirTCO6z3hzgmxug--~A&dongle=0883

Request Chain 233

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4662195207387997858007 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4662195207387997858007&dcc=t

Request Chain 234

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 236

https://eb2.3lift.com/ebda?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY2MjE5NTIwNzM4Nzk5Nzg1ODAwNw%3D%3D

Request Chain 238

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY2MjE5NTIwNzM4Nzk5Nzg1ODAwNw%3D%3D

Request Chain 240

https://pr-bh.ybp.yahoo.com/sync/triplelift/4662195207387997858007?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-YDtytoZE2oTxRBudJZjp3io99aFfAcvkgK6MmRIgyw--~A&dongle=0883

Request Chain 243

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4662195207387997858007 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4662195207387997858007&dcc=t

Request Chain 244

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 247

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YnAWjgRXW.iS0PYjz59qoAAA%261195

Request Chain 250

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2817248371535495536

Request Chain 252

https://pixel.advertising.com/ups/58321/sync?redir=true HTTP 302
https://pixel.advertising.com/ups/58321/sync?redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58321/sync?redir=true&apid=UP5fe970b7-ca3e-11ec-b65e-021d038352bc HTTP 302
https://ups.analytics.yahoo.com/ups/58321/sync?redir=true&apid=UP5fe970b7-ca3e-11ec-b65e-021d038352bc&verify=true HTTP 302
https://exchange.consumabletv.com/usersync?ttt=1&cn=5&dpui=UP5fe970b7-ca3e-11ec-b65e-021d038352bc

Request Chain 254

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YnAWjgRXW.iS0PYjz59qoAAA%261195

Request Chain 257

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2817248371535495536

Request Chain 259

https://pixel.advertising.com/ups/58321/sync?redir=true HTTP 302
https://pixel.advertising.com/ups/58321/sync?redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58321/sync?redir=true&apid=UP5fe970b7-ca3e-11ec-b65e-021d038352bc HTTP 302
https://ups.analytics.yahoo.com/ups/58321/sync?redir=true&apid=UP5fe970b7-ca3e-11ec-b65e-021d038352bc&verify=true HTTP 302
https://exchange.consumabletv.com/usersync?ttt=1&cn=5&dpui=UP5fe970b7-ca3e-11ec-b65e-021d038352bc

Request Chain 267

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VZF8LBPJQ-eHVSDsRweL5g&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=VZF8LBPJQ-eHVSDsRweL5g

Request Chain 269

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2P06LTZ-2-F61T&sigv=1&esig=2~623a1d178fe142441f41f723b94ff475d55b5173

Request Chain 270

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJQMDZMVFotMi1GNjFU

Request Chain 272

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/Cts-fQFzcFlRiV2hbmcIEg?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=155260260753572438

Request Chain 273

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzczODkyZDVhMmYwMmEwY2UyOGI5ZjZiZDFkM2RkNDFlOTA5ZjA0NQ

Request Chain 274

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=SS34DchaSjKjgYuoSNofXg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SS34DchaSjKjgYuoSNofXg

281 HTTP transactions
-3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request billionaire-utahn-to-give-away-90-of-his-wealth Show response
www.fox13now.com/news/local-news/ 242 KB
65 KB 317ms
218ms Document
text/html 143.204.98.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-34.fra50.r.cloudfront.net
Software: N/A / Brightspot
Resource Hash: 1b100b2e9f3016d39e6f5fc04026380518f730433d1261e6dbb8f6f673c27cb1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=240
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 02 May 2022 17:36:12 GMT
Server: N/A
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Tb2-p6LUf-ROTeA9aiG3Sv70ad6pgg2E_Qk51FobXFDXgM2FPSNS-g==
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Miss from cloudfront
X-Powered-By: Brightspot

GET
H/1.1 200
OK All.min.400ae66ae5954cba88bc75403510e15b.gz.css
ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/ 116 KB
22 KB 83ms
8ms Stylesheet
text/css 143.204.98.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.400ae66ae5954cba88bc75403510e15b.gz.css
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2bcbc2fead65db06dc805d3ec92e0f95cc32e4d82c1d7f9e2d4bd5ffc7b35984

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 05:55:06 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 07 Apr 2022 18:35:00 GMT
Server: AmazonS3
Age: 1597267
ETag: "f3fd787dc8639d9cb2a7d176b5c65497"
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 21563
X-Amz-Cf-Id: Kw0HcQEUGP5cIpmAX8W2t4s4FE-0jYiRAYcsWnsxHx_Ft-BGYx0JaA==

GET
H2 200 6d6d25e3-5be4-444b-82ae-a8f0bb892234.js Show response
d3plfjw9uod7ab.cloudfront.net/ 116 KB
29 KB 73ms
20ms Script
application/javascript 2600:9000:2156:d600:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d600:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1da4e7292411fa7401ad333d28c2e5bd20dbe89f3ba0428d57d44c48879293f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: B3kn63TQS6kT.ZlvMtLEVysJoRuRl8uN
content-encoding: br
last-modified: Sat, 30 Apr 2022 03:09:32 GMT
server: AmazonS3
age: 29
etag: W/"d8a90e7fca1529654d71205b6c387460"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
date: Mon, 02 May 2022 17:36:12 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: S5KFo4qiOPD5BWgq-hLtcdR-U7_CG6GP_T8Z6BDeTk19bHt8IIRsZQ==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 20 KB
7 KB 62ms
20ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5699a9f1ae7a130fcd36591551ae1443606804654acae67173e1c9dda43848b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 02 May 2022 17:36:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: g2v9xMx/aUUS06TIQnKQZA==
age: 5779
vary: Accept-Encoding
content-length: 6830
x-ms-lease-status: unlocked
last-modified: Mon, 02 May 2022 05:47:57 GMT
server: cloudflare
etag: 0x8DA2BFF4F812930
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2644e308-e01e-009b-44ef-5d55de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7052848d8ceb901e-FRA

GET
H2 200 tsu4adm.css
use.typekit.net/ 21 KB
2 KB 115ms
65ms Stylesheet
text/css 2a02:26f0:3500:7::17d8:4dca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/tsu4adm.css

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

44184c16fd72e51859e402906cfc8eb5cc13161916b42cf46e416bc9e3fe9850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Mon, 02 May 2022 17:36:12 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1740

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
10 KB 61ms
27ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer: https://www.fox13now.com/
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:12 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8418109
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DATDK6GE0M6SF5CS
x-amz-id-2: vSdqg4h3pAZqz7nL6cPevVcCWTj6X2bDQOM9YVaqEso7rJJeqtzPCsqvTOrFCSt6q0N8TZyMusU=
last-modified: Wed, 30 Jun 2021 15:30:31 GMT
server: cloudflare
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKqMjSJlZdIQ4JcK9hGXhCI3cKBzvmMefGhmsd6I8g8hK8ChJXp%2FOWOJtEgRLgSV9Bc09bz53qPsEVIWCbYGzD2rsMaG6xAIswJIDPaRITrcauSfsPn%2Fa%2F2rh%2BUcaZOh23In%2BNvc9YxGHHl0%2BeSM5NR6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 7052848d7e2c916a-FRA

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/eead90a/2147483647/strip/true/crop/600x274+0+0/resize/400x183!/quality/90/ 23 KB
24 KB 10ms
10ms Image
image/png 143.204.98.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/eead90a/2147483647/strip/true/crop/600x274+0+0/resize/400x183!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F00%2F9e%2F66505c3f463b98e45a6637d3fcea%2Fkstu-main-logo.png
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-104.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: d46651a0642c39afc570af89ad0b4373250d4002c05e92282aab4b289c4771d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 17:15:57 GMT
Via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 951615
ETag: 5530a8138966797a635819cda27dfa7c
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA50-C1
X-Robots-Tag: nofollow
Content-Length: 23926
X-Amz-Cf-Id: KCjMvb2lZbbpC4SE_ZIrF9lgX7zPIAulY2Xx6feEnjxYLaeeKBl36g==
Expires: Fri, 21 Apr 2023 17:15:57 GMT

GET
H/1.1 200
OK Blank.gif
www.fox13now.com/styleguide/assets/ 57 B
475 B 12ms
12ms Image
image/gif 143.204.98.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fox13now.com/styleguide/assets/Blank.gif
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-34.fra50.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 11:57:42 GMT
Via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache-Coyote/1.1
Age: 23953110
X-Cache: Hit from cloudfront
Content-Type: image/gif;charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA50-C1
Content-Length: 57
X-Amz-Cf-Id: 6AM91ORceiYUpLuonO8ZHyHW43AyRlnJuwthm9r4Ch-IWvghID8sPA==

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 199 KB
69 KB 106ms
21ms Script
application/x-javascript 92.122.145.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.145.25 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-145-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d13435a48b794b66ebaada6ee378b52822f77c1fd83f3ab71643c2332106e8dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:12 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 16:17:55 GMT
etag: "16-keGzKtGrcfZ9cEAFiM57G5VQ+rg"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 8e9eb09047ccd143a4b62af3c2052286
timing-allow-origin: *, *
content-length: 70100

GET
H/1.1 200
OK logo-scripps.png
assets.scrippsdigital.com/cms/images/ 3 KB
4 KB 100ms
8ms Image
image/png 143.204.98.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.scrippsdigital.com/cms/images/logo-scripps.png
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-18.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: 8lNexGmb6tKD4SPVOeXslwnzBtFWYJoV
Via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Oct 2017 14:04:11 GMT
Server: AmazonS3
Age: 40421
ETag: "f46791d665054bf21da09492d448e1d2"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Date: Mon, 02 May 2022 06:22:31 GMT
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 3532
X-Amz-Cf-Id: z2debLY_4JhqVyG_5aK_v6A5e5WYR3_pogyphis4yncpoqJkO3PWyQ==

GET
H/1.1 200
OK All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js Show response
ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/ 428 KB
99 KB 9ms
8ms Script
text/javascript 143.204.98.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0f18a3c3952280b727ecdf5f62fb2b4754367e287f06e9b3b586f2c07146754

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 18:35:01 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 07 Apr 2022 18:35:00 GMT
Server: AmazonS3
Age: 2156472
ETag: "1b54b00f494965bf27395d87a776043c"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 101167
X-Amz-Cf-Id: VM8HImFemfQ2fv3z1TpDxWXZ093Wn9bHa1LsR7Zilec8nZemp5VenQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 134 KB
42 KB 47ms
22ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5QBX3CF

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62923c234036c66d2e93f8f814592445f9dd19d3b6c77a63e8d34072575675b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42101
x-xss-protection: 0
last-modified: Mon, 02 May 2022 16:05:11 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 02 May 2022 17:36:12 GMT

GET
H2 202 6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/client/impression/ 0
617 B 163ms
122ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/client/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=482280
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbHNJYPc2VIGrGWDpcGpQFXVXf1NVy2Oc0%2B0u5vKt2n568l6ZjYu1m%2BWti2OEAzUUZQPI6uXcrQXmDTV9XB9PWtd0Ij48uLQlB7ro%2BbtVw9566X9vT%2FvLZ8kwhNKIxVTNkrdHLo0dIHQjGt9rBGnXRuKHA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 7052848e9cdd9bf2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: FutaTGuzSloqXMUAlMJi

GET
H2 404 000000.json Show response
cdn.cookielaw.org/consent/000000/ 215 B
652 B 37ms
18ms XHR
application/xml 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/000000/000000.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5926648f31a298f336b654aa3656085350c79e9c1810cb22cb2c24bfc41a2ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 3839c80f-e01e-0031-644a-5e8331000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 7052848e09c09156-FRA
expires: Mon, 02 May 2022 21:36:12 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 135 KB
37 KB 34ms
11ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: 6RTeJ.t3xDSJXjTxhAMtPfr9IcIsozAE
content-encoding: gzip
etag: 4abd427e43cd6822329a2c05539e321f
age: 175
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1F14KFF6JG4R16G7ZCVD
date: Mon, 02 May 2022 17:33:21 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: u7I97xDC-RP9fMlhZnlLfYWpievUV3E4jgT4HmU7aYwi3bpdFmYW8A==

GET
H2 200 bidexchange.js Show response
hbx.media.net/ 599 KB
131 KB 139ms
74ms Script
text/javascript 104.102.28.29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/bidexchange.js?cid=8CU6Q6626&version=5.1&dn=www.fox13now.com

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.102.28.29 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-102-28-29.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

eb8821e4441e234a154be5e4a0d8431dd138e8f3bcbd66a30045f27ef40fb0c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Mon, 02 May 2022 17:36:12 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
timing-allow-origin: *
expires: Mon, 02 May 2022 18:06:12 GMT

GET
H2 200 5776_Scripps_Local_Stations.js Show response
ads.rubiconproject.com/prebid/ 592 KB
115 KB 35ms
7ms Script
text/javascript 96.16.141.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.141.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-141-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ca4fd5efb0d1a70284709d6dde51a8477a28115b5c8a453aafcaf394bd1b5fbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:12 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 21:09:15 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=8205
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 117459
expires: Mon, 02 May 2022 19:52:57 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 42ms
8ms Stylesheet
text/css 2a02:26f0:f7::5c7b:e01b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=tsu4adm&ht=tk&f=137.138.139.140.169.170.171.172.175.176.141.142.143.144.147.148.151.152.153.154.155.156.157.160.161.162.165.166.167.168&a=15199297&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e01b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:12 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 31ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

733b1779d56fb94e7b1edcdcd8df4eaea82331d2db3ccb22c09286b3cec12fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: aoB2+VFQ0pEBh1kSk7JkIQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: wx/9H8glkgUcvKIrFgmqbhAoPVnZ3UrE1XRMHSVoRLG6XzA8PRgz4N/Ls8BKSWl1W/WvRGkk2FtIlD34YIZRMQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 40029ad8a9b0f29b7999bec3c0f49eb4
x-frame-options: DENY
date: Mon, 02 May 2022 17:36:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "bf11e67e8e18ff82262ae801711d6987"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 02 May 2022 17:55:39 GMT

GET
H2 200 ua-sdk.min.js Show response
aswpsdkus.com/notify/v1/ 212 KB
38 KB 32ms
10ms Script
application/javascript 35.227.208.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://aswpsdkus.com/notify/v1/ua-sdk.min.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.208.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.208.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5343d295e7697987c6607001f3bb6d9bf54cfc6db5a77dce8b27dc5e9870066e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:35:58 GMT
content-encoding: gzip
age: 14
x-guploader-uploadid: ADPycdvfwwyPcXqNM4o_4OCHvNZj1RpEu1ZRPBFmR-GXEqbDFHeD2I2atMxNSZneekHIMU1xZWwO2Hi8U7KFaW78Uyz6BQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38303
last-modified: Thu, 31 Mar 2022 16:15:43 GMT
server: UploadServer
etag: "6d60fd0a8328ab90723334e067d116d8"
x-goog-hash: crc32c=HIlLng==, md5=bWD9CoMoq5ByMzTgZ9EW2A==
x-goog-generation: 1648743343088826
cache-control: public,max-age=300,no-transform
x-goog-stored-content-length: 38303
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 02 May 2022 17:40:58 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 58 KB
59 KB 16ms
14ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:12 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5446018
cf-ray: 7052848e5873916a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59572
x-amz-id-2: ns4nZXtKI8TjfxeHEIDjv9b9nhjc05XDFc51BC/gRAyYkVGj6nHb+oqJzGx+CmYVCN/jO7DISGU=
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
server: cloudflare
etag: "18d2347ab2a9f40ca2247cdb03303d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LG8840KKnPr191PHhqfwqAu5p6WLYofJxl5Q66uXwj9dKMqu15191NGIPxX1%2BCGm5%2Bb%2BtAlG5jfAIcCGTphViFPAxjm2EHQiwHhmHNGst8vXFRoZYRz309EqllLcy%2Bpj1ST1SvdUiPtrjIc9Z7qcA05U"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 57GNW1G99JA6YNCM
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 16 KB
16 KB 29ms
8ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:12 GMT
server: nginx
etag: "ef52ad3657e4d4a42c21db6c00d5c7ccc649bc94"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16560

GET
H2 200 l
use.typekit.net/af/8738d8/00000000000000007735e611/30/ 16 KB
17 KB 44ms
23ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8738d8/00000000000000007735e611/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:12 GMT
server: nginx
etag: "a5565f97e4389f39e94f7880b2c8088023e4d88a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16880

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 288 KB
82 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=14f1d9c80355c83fd1013b00a15e1728

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a472aa55e7640db7c87268a02e25a6d394d97f4a86c939d788dd3c283e641ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.fox13now.com/
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: WB+oaklJdRMey760EGQqiw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84334
x-fb-rlafr: 0
x-fb-debug: O4bNLHfLcwDO6mybtlWZw9Lcie5q1RpXsrv1iphN0mDwHpZM1bArLtFMUgTFw/z8Galj7LI2necvXMwrOYEGvQ==
x-fb-content-md5: eee6212a06689e715dea347c262104da
x-frame-options: DENY
date: Mon, 02 May 2022 17:36:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "dc03d8da5ae73b00a584ae5cac0896df"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 02 May 2023 15:15:48 GMT

GET
H3 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 62 KB
63 KB 18ms
18ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:12 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8511314
cf-ray: 7052848ece8c696f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63376
x-amz-id-2: KJM7vGebews7bcv5iYcruT+PL+oAd4W/O7pZQSdGmRHGb5Qia9aLNV/LdBckAgmqKIijnpowiyI=
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
server: cloudflare
etag: "f319eac1c755f9929fd856720ce1695e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOi2gO55krpB7LpZIlQHsE414QkfEV2b3GJ%2BiEhxNdYnT7nYBNsg8Hm1AtY7QDPV%2FIOGRv8lJs7VYz6GQxfEa58PAiSdaru5XX74P19PwzgQ0SdtTEADjftxhvAj8o8IjSbG4QP0lNo%2FdGJscNaBDAUX"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 7KZ10SRM43XPBDHW
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 l
use.typekit.net/af/3322cc/00000000000000007735e616/30/ 17 KB
17 KB 34ms
33ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3322cc/00000000000000007735e616/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fdcb74f626ef8f1059c0e3bd503017b8fdda4a54afcc26a4da734f5fd5c7a87a

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:12 GMT
server: nginx
etag: "71f986ad2b4d0b6a0e5a056380e0c8c577137ae8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17212

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 16 KB
17 KB 10ms
9ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:12 GMT
server: nginx
etag: "96c7595dad6bb306bf9cc4c7a3b3d28654c7d636"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16832

OPTIONS
H2 200 /
api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/ Frame 0
0 289ms
102ms Preflight
application/json 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/?type=web
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.fox13now.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Mon, 02 May 2022 17:36:12 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-amz-apigw-id: Rgh2CFL8oAMFoWQ=
x-amz-cf-id: QqT0b_MClRxk7hAf0UMs5qVyKyeHlFw6AfvNYoBNLyVDW93LnLZy2A==
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: ae218171-8469-4aae-919e-646045ae4ed2
x-amzn-trace-id: Root=1-6270168c-0ebd73d731c67a8242c1641b
x-cache: Miss from cloudfront

GET
H/1.1 200
OK weather Show response
www.fox13now.com/ 73 KB
73 KB 13ms
12ms Fetch
application/json 143.204.98.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fox13now.com/weather?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-34.fra50.r.cloudfront.net
Software: N/A / Brightspot
Resource Hash: 6b5fe4b265ab9e750bf17205fbaf793bc79b66464add02890fde2af4e729d4af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 17:35:08 GMT
Via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
Connection: keep-alive
Server: N/A
Age: 64
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: FRA50-C1
X-Robots-Tag: nofollow
X-Amz-Cf-Id: kc89z4vs_ZVksHE8rYysLAE1xMvydkJZvQckWhIk6iQilpb28v9GJg==

GET
H/1.1 200
OK breaking-news-alerts Show response
www.fox13now.com/ 68 KB
68 KB 30ms
12ms Fetch
application/json 143.204.98.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fox13now.com/breaking-news-alerts?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-34.fra50.r.cloudfront.net
Software: N/A / Brightspot
Resource Hash: 65b64c49a86c754ec08d9c80c41cd0ce46edd45294ef43939ab8fdffa71652ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 17:35:07 GMT
Via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
Connection: keep-alive
Server: N/A
Age: 64
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: FRA50-C1
X-Robots-Tag: nofollow
X-Amz-Cf-Id: 3Eiudx5dk3DxEolzvqotIMUnbBsHeCNjag7OxrGURcv60LRxWhsLOQ==

GET
H/1.1 200
OK alerts Show response
www.fox13now.com/weather/ 63 KB
64 KB 34ms
15ms Fetch
application/json 143.204.98.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fox13now.com/weather/alerts?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-34.fra50.r.cloudfront.net
Software: N/A / Brightspot
Resource Hash: c9f567a22fd4d8c6d32167c66f201685aaa09bc9ad88315a27c40ea4b75d0f5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 17:35:08 GMT
Via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
Connection: keep-alive
Server: N/A
Age: 63
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: FRA50-C1
X-Robots-Tag: nofollow
X-Amz-Cf-Id: KlaBtmQnWx53-nQjk-8gEws6nL-jUO0mBlponumkMI2xpNol0NWO8Q==

GET
H/1.1 404
Not Found school-closings-delays Show response
www.fox13now.com/weather/ 61 KB
61 KB 29ms
10ms Fetch
application/json 143.204.98.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fox13now.com/weather/school-closings-delays?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-34.fra50.r.cloudfront.net
Software: N/A / Brightspot
Resource Hash: aee827923165555c5f8351abb465bff467dd2d81a61cde86519fe958df437bf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 17:35:07 GMT
Via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
Connection: keep-alive
Server: N/A
Age: 64
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Error from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: FRA50-C1
X-Robots-Tag: nofollow
X-Amz-Cf-Id: dqdAlgdvuz3XJjS_UBKlawQNxoyh6UUAN0D0ko2-fA51wRNA9bQRbw==

GET
H2 200 / Show response
api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/ 4 KB
5 KB 291ms
291ms Fetch
application/json 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/?type=web
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: /
Resource Hash: 69782b84149d127db6e9407990c66a91fc8d5019f6b5a517a8c280f38dc5e663

Request headers

Authorization: Token bc22df1e0efb4dcb53f2438a4b71da118f05788c
Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 216404a3-8f3d-49f4-bede-1100593892aa
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6270168d-3e11a5d10401088e7540911a
x-amz-apigw-id: Rgh2FFXlIAMF1bw=
content-length: 4430
x-amz-cf-id: BIGkP7oBwFQ_7m1kAhj3pHJhM6uInSkyZ8PExnYN153IiSdF09Xn2w==

GET
H2 200 p.js Show response
cdn.parsely.com/keys/fox13now.com/ 66 KB
23 KB 180ms
8ms Script
application/javascript 143.204.103.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/fox13now.com/p.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-127.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 1e07e272734d4232d604835b00dfb9847c36a95e2fb6a01458590618e2bbcc77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: public
date: Mon, 02 May 2022 04:38:34 GMT
content-encoding: gzip
last-modified: Mon, 22 Feb 2021 19:24:27 GMT
server: nginx
age: 46658
etag: W/"603404eb-10711"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: KmL1NnBw4tWTU1LaAPJTBPwnYlWyo6uVpcZOtrf8Mhm2pJJkLsS2xg==
expires: Tue, 03 May 2022 04:38:34 GMT

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/160402/ Frame CD5A
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/160402/connatix.playspace.dc.js

890 KB
206 KB

14ms
8ms

Script
application/javascript

151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/160402/connatix.playspace.dc.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c73d9cadd6379c9dd0bc8af8544f61abbd4e7d449a4a0740f284e7d0f5b6b92a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:12 GMT
content-encoding: br
last-modified: Mon, 02 May 2022 11:47:52 GMT
age: 19653
etag: "3349b53d4049c5f8250607d5834a8147"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 210839

Redirect headers

location: https://cds.connatix.com/p/160402/connatix.playspace.dc.js
date: Mon, 02 May 2022 17:36:12 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/02cc935/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/ 124 KB
125 KB 23ms
22ms Image
image/jpeg 143.204.98.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/02cc935/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F4e%2F44%2F8b76c25f473093b130f7f52df25a%2Fjeff-t.%20Green.jpg
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-104.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: bd6cafb0d9f0509d461f9b8845027ecb7f5385ee273346f5f44efd2b328afdb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 13:04:56 GMT
Via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 189075
ETag: 8abdd9b88cc8d2da8c2022d32c3e8063
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA50-C1
X-Robots-Tag: nofollow
Content-Length: 127179
X-Amz-Cf-Id: _q2q_tQDa0Rksmn6wWwcHtEaMLdERB2EjS1JDbEqgpXXFTSd6g39lQ==
Expires: Sun, 30 Apr 2023 13:04:57 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/cabd33d/2147483647/strip/true/crop/720x720+280+0/resize/300x300!/quality/90/ 16 KB
17 KB 35ms
9ms Image
image/jpeg 143.204.98.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/cabd33d/2147483647/strip/true/crop/720x720+280+0/resize/300x300!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Ff9%2Fc8%2Fbe6d1e8f4eb2a9ab227d4653983e%2Fjeff-tavss-headshot.jpg
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-104.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: a78eee44a33280cae70b7fade38a0ea36d2d3c34252c8fffe9e5d91aaf463a0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:23:10 GMT
Via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 6628382
ETag: 432c028acf64b6afb081594ce3fc408d
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA50-C1
X-Robots-Tag: nofollow
Content-Length: 16702
X-Amz-Cf-Id: HYIXsdr47z0jX9KM-m4jurBhr_hJhVMLc-br8sRzrxpD7RLz1FAnXg==
Expires: Wed, 15 Feb 2023 00:23:10 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/05aa02d/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/quality/90/ 29 KB
29 KB 38ms
13ms Image
image/jpeg 143.204.98.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/05aa02d/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F0b%2F0c%2F0184c2f44e4783b067c6ee93fcc0%2Ffox13webad.jpg
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-104.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: 2ea4d73c56a292df467ee9e88a8cc18a2374049abe26e079b40770ea5b776339

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 09:38:37 GMT
Via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 13766255
ETag: 38d2580b68aa743689213ed46fa15537
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA50-C1
X-Robots-Tag: nofollow
Content-Length: 29430
X-Amz-Cf-Id: MujA2SLOX_D7os5oIS6Im0s7PmCbuxiGRIdtSY5yMuG8lFa235DXeQ==
Expires: Thu, 24 Nov 2022 09:38:37 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
312 B 11ms
10ms XHR
text/plain 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3295&u=https%3A%2F%2Fwww.fox13now.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:07:21 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server: Server
age: 19730
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.fox13now.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: uigV3G_xAPcOoSQCRJfyy9TopnfhpuHzccqJzybxa-SvS6u8GnxW_w==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 33ms
10ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 56483
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 01:41:20 GMT
server: AmazonS3
date: Mon, 02 May 2022 01:54:50 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Ou8d3BBVH8dP8Uxo43eC2bJ-NbCf4F-p_EvLK20Dg9ew_Tu00_fhHw==

GET
H/1.1 200
OK d3d3LmZveDEzbm93LmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 68ms
11ms XHR
application/json 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmZveDEzbm93LmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 17:36:12 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=38193
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 7d371ce2205e654ce5e81804c829e3db
Content-Length: 15
Expires: Tue, 03 May 2022 04:12:45 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 58ms
16ms Image
image/gif 92.122.145.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.145.25 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-145-25.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:12 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Wed, 01 Jun 2022 17:36:12 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 43ms
23ms Image
image/gif 104.102.28.29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&adt=desktop&cid=8CU6Q6626&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=fox13now.com&servname=ssp-serving-76cb75d7f5-fhxmc&svr=042813_364_042813_327_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001651512972127013651816967989&sspAbBucket=CONTROL&lw=0&dapp=green&itypeid=1&sd=1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=700&gtd=&inid=&ngfundl=1000&rdl=700&a=0&r=209&lper=1&requrl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&kwrf=
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.28.29 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-28-29.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:12 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 02 May 2022 17:36:12 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 49ms
23ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

58eccc8dc67e3ccd3f1308bbc829c292407a5d80d2920d7cc85704c1973b52c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28552
x-xss-protection: 0
server: sffe
etag: "1202 / 805 of 1000 / last-modified: 1651490203"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 02 May 2022 17:36:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QBX3CF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 82
date: Mon, 02 May 2022 17:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 02 May 2022 19:34:50 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 37ms
11ms Script
application/javascript 108.157.4.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 03:22:42 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 51210
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 4rU-JXsY8GT_VWY7DfBCyCf2eiZaI9qyP2oKw6bbZ5lxcYDGZ4bqOg==

GET
H2 200 scripps.js Show response
tru.am/scripts/custom/ 737 B
1 KB 55ms
23ms Script
application/javascript 2606:4700:20::ac43:4af5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/custom/scripps.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QBX3CF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4af5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f027d6553533e963630b1d0992d5ca83562645cbb955de496b40c41eddd1978e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash: crc32c=sr7fhA==, md5=s01bXr0Uhj5Os3tr1X6KBQ==
date: Mon, 02 May 2022 17:36:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 434341
x-guploader-uploadid: ADPycduhFbIhDuZtW8qt1oHeheC1bhrx2XryEQ_FtZalRmvRDDOvFv4-wbEeLCg68adGbOFjueIYKoVN5SzhboCp_3U
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 24 Feb 2022 16:52:24 GMT
server: cloudflare
etag: W/"b34d5b5ebd14863e4eb37b6bd57e8a05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKyUrcyYHwX9ImhVjlbr8EQ2JxNLpR7hp9x7TzmOwXWOGUZQmN6kRHFL1xQ0BYNl3dFJKhREQ9w8vy9PVm3E%2B%2BWHq7YgVDMdG65FL0BWV95noQT0G0XTSxCP9OU%2FobbYuSqZ8A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1645721544432200
content-type: application/javascript
cache-control: public, max-age=31536000
x-goog-stored-content-length: 737
cf-ray: 70528490cf7e9bcb-FRA
expires: Thu, 27 Apr 2023 16:55:05 GMT

GET
H2 200 partlycloudy.png
static.ewscloud.com/weathercenter/prod/static/weathericons/daytime/ 3 KB
3 KB 103ms
26ms Image
image/png 2600:9000:2156:6a00:10:618e:d880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewscloud.com/weathercenter/prod/static/weathericons/daytime/partlycloudy.png
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6a00:10:618e:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7614a5bfcdf62a6df3f66e16104af543749f263f4de8f24f533434f89b1b7be7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: GFIXwVNfhlJu4e8lqWebCkIIusjgOAVg
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Wed, 02 Mar 2022 05:52:24 GMT
server: AmazonS3
age: 173
etag: "95dcda7cca4c271fe8fabda3683b55d4"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
date: Mon, 02 May 2022 17:33:20 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 2966
x-amz-cf-id: zDjLlLkNn3Kn5CzhyfYHOjD3Uff7GIEk-XawRfIrKcjWhmrhInB1qA==

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 48 KB
18 KB 46ms
9ms Script
text/javascript 143.204.98.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-53.fra50.r.cloudfront.net
Software: Caddy /
Resource Hash: 55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:34:13 GMT
content-encoding: gzip
server: Caddy
age: 119
etag: "bf83-flSXooGsmrmYNlxSK09toJAtNHc"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: FRA50-C1
content-length: 18458
x-amz-cf-id: y8xgaKazkxgUkgzL-kvrgnu8lrneOb_ixTGuE_56Nk8eCyNH4NT1bA==
expires: Tue, 03 May 2022 05:34:13 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 387ms
95ms Image
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1651512972212&plid=3798900&idsite=fox13now.com&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&sref=&sts=1651512972207&slts=0&title=Billionaire+Utahn+to+give+away+90%25+of+his+wealth&date=Mon+May+02+2022+17%3A36%3A12+GMT%2B0000+(GMT)&action=pageview&pvid=99688391&u=pid%3D5e38545e07939cb7549f5c311b7b7698
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-161-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 17:36:13 GMT
Cache-Control: no-cache
Last-Modified: Monday, 02-May-2022 17:36:13 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 25ms
8ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:07:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 02 May 2022 18:07:32 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1651512972257&ns_c=UTF-8&cv=3.5&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c7=https%3A%2F%2Fwww.fox13now.com%2Fne...
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1651512972257&ns_c=UTF-8&cv=3.5&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c7=https%3A%2F%2Fwww.fox13now.com%2Fn...

0
190 B

15ms
15ms

Image
text/plain

108.157.4.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1651512972257&ns_c=UTF-8&cv=3.5&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c7=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&c9=
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Server: 108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-121.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 2__RndCb-EbXk52PWXao8U_jBDMPV1MGbSRqshLnXw2qnMgxjgmEKA==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=6036471&ns__t=1651512972257&ns_c=UTF-8&cv=3.5&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c7=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&c9=
date: Mon, 02 May 2022 17:36:13 GMT
via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
content-length: 0
x-amz-cf-id: 3ZhG27YGGFS9WG94Wd-6PwSsqN_s0MvozqkiHYPDPk95wxjtUrSV5A==
x-cache: Miss from cloudfront

GET
H3 200 pubads_impl_2022042801.js Show response
securepubads.g.doubleclick.net/gpt/ 367 KB
125 KB 26ms
8ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

0b8a17793a0291b59ff3b8553ec9fe1d3cccc8cf1b482a408184d3a2f4d1405f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 15:10:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8752
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127788
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 08:38:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 02 May 2023 15:10:21 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 160 B
135 B 36ms
18ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.fox13now.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

369e6a30a7cb1cb086adaacf21d68376bdca00de64098f901cdc18b43e89d02c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0
expires: Mon, 02 May 2022 17:36:13 GMT

GET
H3 200 ta-pagesocial-sdk.js Show response
tru.am/scripts/ 27 KB
11 KB 41ms
26ms Script
text/javascript 2606:4700:20::ac43:4af5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/custom/scripps.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4af5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dbc3f1a033b6733e96a5af1bc89d6f8ab68a5d533dcad72d56bd019e3b5b6b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash: crc32c=189alg==, md5=Aq8QqpKO913oQSpg0Lh6TA==
date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 382047
x-guploader-uploadid: ADPycdteKMcILpZDA1hj2v1dN2Cr_TTrCNg4WnacevW_cmoKyXGO1HdjxJq3Ntok2PB6PvWJU6zrXPdA1kMq7CjoaEI
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 11 Nov 2020 17:32:38 GMT
server: cloudflare
etag: W/"02af10aa928ef75de8412a60d0b87a4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onGrHXN%2BF7oTf3T6OWkebjRAFvORSQCxPC4yuiCfUkFc6X%2BifVrs0i8aVpmlpld4qhQU3kV6ACoTsObVrRiJKWgTbo4Q1C%2Br4HV%2F%2BXmnPOdZAa3pT%2B1qFdqa1o%2FugbLA%2B4FWYA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1605115958819708
content-type: text/javascript
cache-control: public, max-age=2678400
x-goog-stored-content-length: 27827
cf-ray: 705284916d1c6987-FRA
expires: Thu, 28 Apr 2022 08:28:46 GMT

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 3 KB
2 KB 308ms
100ms Script
text/javascript 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=93071080908900221012000735608128938580506128290892702602080993181089&nc=0&tsf=0&tsfmi=&pv=0&cb=1651512972358&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=4117521382&at=&bid=e30%3D&di=W1siZWYiLDgwODhdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImdvb2dsZSBpbmMu%0D%0AIChnb29nbGUpXCIsXCJyXCI6XCJhbmdsZSAoZ29vZ2xlLCB2dWxrYW4gMS4yLjAgKHN3aWZ0c2hh%0D%0AZGVyIGRldmljZSAoc3ViemVybykgKDB4MDAwMGMwZGUpKSwgc3dpZnRzaGFkZXIgZHJpdmVyKVwi%0D%0ALFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJv%0D%0AbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixc%0D%0AImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6MTQsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0%0D%0AIHdlYmdsXCIsXCJzZWZcIjoxMDUxNjk0MDg5LFwic2VjXCI6XCJcIn0iXSxbLTEsIi0iXSxbLTIs%0D%0AIjgsZVlHOVgxL1gxdFpsUzIyZDUxeDhZTlk5TXhKUUVNQ2RVQkhKTDg2TDIzQUNHVWhCSXdJU1NF%0D%0ARUFjSUpmUmVBZ1FJRUZvSW5kQ3h3UVhqaG8yNzE5Nm1Nak92L3I4NzB1eHFGeCJdLFstMywiW1wi%0D%0AaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBhZW9qb2ZvaG9lZmdpZWhqYWlc%0D%0AIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3%0D%0AXCI6W1wiMFwiLFwiY2hyb21lXCIsXCJjb3JlXCIsXCJfX2NvcmUtanNfc2hhcmVkX19cIixcImds%0D%0Ab2JhbFwiLFwiU3lzdGVtXCIsXCJhc2FwXCIsXCJPYnNlcnZhYmxlXCIsXCJzZXRJbW1lZGlhdGVc%0D%0AIixcImNsZWFySW1tZWRpYXRlXCIsXCJyZWdlbmVyYXRvclJ1bnRpbWVcIixcIl9iYWJlbFBvbHlm%0D%0AaWxsXCIsXCJTY3JpcHBzQWRMaWJcIixcImRheXNTaW5jZVB1Ymxpc2hlZFwiLFwiZGF0ZVB1Ymxp%0D%0Ac2hlZFwiLFwicHVibGlzaGVkVGltZVwiLFwibW9kaWZpZWRUaW1lXCIsXCJnZXRDb29raWVcIixc%0D%0AImd0bU9ialwiLFwiY2FsbExldHRlcnNcIixcImpzVGFnc1wiLFwianNQdWJsaXNoRGF0ZVwiLFwi%0D%0AanNVcGRhdGVEYXRlXCIsXCJqc0lzQnJlYWtpbmdcIixcImpzSXNBbGVydFwiLFwianNBdXRob3Jz%0D%0AXCIsXCJqc0hhc1ZpZGVvXCIsXCJqc1NlY3Rpb25cIixcImpzUGFnZVR5cGVcIixcImpzRGlzYWJs%0D%0AZVByZXJvbGxBZHNcIixcImpzRGlzYWJsZURpc3BsYXlBZHNcIixcImpzRGlzYWJsZUlubGluZVZp%0D%0AZGVvQWRzXCIsXCJqc0ZuYW1lXCIsXCJkYXRhTGF5ZXJcIixcIngwMF8weDFmODZcIixcIngwMF8w%0D%0AeDdlOGFcIixcIl9TY2FubmVyXCIsXCJvblJlYWR5XCIsXCJPbmVUcnVzdFN0dWJcIixcIk9wdGFu%0D%0Ab25XcmFwcGVyXCIsXCJkZGxzXCIsXCJhZHNPblBhZ2VcIixcIklTX0NNU1wiLFwiX2Rpc2FibGVc%0D%0AIixcIkFkRGVidWdnZXJcIixcIlNjcmlwcHNVdGlsc1wiLFwiU3RpY2t5UmlnaHRSYWlsXCIsXCJz%0D%0AVXNlckh1YlwiLFwiQWRUYXJnZXRpbmdQYXJhbXNcIixcIkR5bmFtaWNUYXJnZXRpbmdQYXJhbXNc%0D%0AIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwi%0D%0ALSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwi%0D%0ALFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0%0D%0AbGVcIixcIm9nOmRlc2NyaXB0aW9uXCIsXCJkZXNjcmlwdGlvblwiLFwicGFyc2VseS10aXRsZVwi%0D%0AXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIntcIm9cIjowLjAwOTQ3ODY3Mjk4NTc4%0D%0AMTk5MX0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxb%0D%0ALTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAs%0D%0AMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIxMDE2OTAxNS4xNjUx%0D%0ANTEyOTcyIl0sWy0yMSwiYVc2bHJFNU4iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJd%0D%0ALFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjoyMTcwMDAwMCxcInVqaHNcIjox%0D%0AOTMwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDEwLDAsXCI0Z1wiLG51bGxd%0D%0AIl0sWy0yOCwiZW4tVVMiXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIsMCwyLDAs%0D%0AMCwyLDIsMiwyLDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiMiJd%0D%0ALFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2NTE1MTI5NzIzNDgsMF0iXSxbLTM2LCJbXCI0%0D%0ALzNcIixcIjQvM1wiXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgsImksLTEsLTEsMSwwLDEs%0D%0AMCw3NywyMSwyMjcsMzA1LDAsNTU3LjIsNTU3LjIsMTA3OCwxMDc4Il0sWy0zOSwiW1wiMjAwMzAx%0D%0AMDdcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUs%0D%0AOCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzMiXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJd%0D%0ALFstNDMsIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUs%0D%0AIi0iXSxbLTQ2LCIwIl0sWy00NywiRXRjL1Vua25vd24sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00%0D%0AOCwiMCwwIl0sWy00OSwiLSJdLFsiYm5jaCIsNjZdXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A325%2C%22y%22%3A2654%2C%22w%22%3A610%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=o6exf5Sb8h&sdd=%7B%7D&pto=1089
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 19adaa2fa9b335ddb51340079364b18ab1497903963d60791a58e10389124d0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 1581
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/160402/ Frame CD5A 0
47 KB 8ms
7ms Other
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/160402/hls.5b3b785f487abbe00eee.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: br
last-modified: Mon, 02 May 2022 11:47:53 GMT
age: 19653
etag: "182f65d040bfb9544bd8f71472475672"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48258

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/160402/ 99 KB
13 KB 8ms
7ms Stylesheet
text/css 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/160402/connatix.playspace.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 874cc1315f35963fb2488576f0c83489e22edfe22f6ce355e7e87e65063bbf7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: br
last-modified: Mon, 02 May 2022 11:47:52 GMT
age: 19653
etag: "132acf023a5a30ef72888d6e359a6663"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 13634

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 62ms
22ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-27022641-1&cid=10169015.1651512972&jid=1893475992&gjid=1137295235&_gid=807165008.1651512972&_u=aHBAiEAjBAAAAE~&z=490809436

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 02 May 2022 17:36:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 53ms
21ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-29479748-9&cid=10169015.1651512972&jid=1462987015&gjid=451680008&_gid=807165008.1651512972&_u=aHDAiEAjBAAAAE~&z=848443902

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 02 May 2022 17:36:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 48ms
21ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-40066851-1&cid=10169015.1651512972&jid=1960978484&gjid=1252024516&_gid=807165008.1651512972&_u=aHDAiEAjBAAAAE~&z=722899242

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 02 May 2022 17:36:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1697838251&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ul=en-us&de=UTF-8&dt=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHBAiEAjB~&jid=1893475992&gjid=1137295235&cid=10169015.1651512972&tid=UA-27022641-1&_gid=807165008.1651512972&gtm=2wg4r05QBX3CF&cd20=20211016&cd21=Jeff%20Tavss&cd22=&cd23=Local%20News&cd24=Homepage%20Showcase%2CLocal%20News%2CInstagram&cd25=false&cd26=&cd30=&cd31=true&z=268434292

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 May 2022 18:55:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81645
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1697838251&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ul=en-us&de=UTF-8&dt=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAiEAjBAAAAE~&jid=1462987015&gjid=451680008&cid=10169015.1651512972&tid=UA-29479748-9&_gid=807165008.1651512972&gtm=2wg4r05QBX3CF&cd20=20211016&cd21=Jeff%20Tavss&cd22=&cd23=Local%20News&cd24=Homepage%20Showcase%2CLocal%20News%2CInstagram&cd25=false&cd26=&cd30=&cd31=true&z=2031810224

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 May 2022 18:55:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81645
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1697838251&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ul=en-us&de=UTF-8&dt=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAiEAjBAAAAE~&jid=1960978484&gjid=1252024516&cid=10169015.1651512972&tid=UA-40066851-1&_gid=807165008.1651512972&gtm=2wg4r05QBX3CF&cd20=20211016&cd21=Jeff%20Tavss&cd22=&cd23=Local%20News&cd24=Homepage%20Showcase%2CLocal%20News%2CInstagram&cd25=false&cd26=&cd30=&cd31=true&z=1681317541

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 May 2022 18:55:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81645
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
535 B 50ms
48ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&pid=e1Loxe8TLE606&cb=0&ws=1600x1200&v=7.75.0&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INVIEW%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22MAD_RIGHT_RAIL%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: 4XXB82DNE5KSTKC70DVT
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: EZ6ez5FPO1LLhbOf_E_yPyY2DfXhyWYKA13EZ6CKv7lelrZJayFLOQ==

GET
H2 200 arj Show response
ewscripps-d.openx.net/w/1.0/ 73 B
380 B 57ms
25ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=80d1c852-8cff-495d-b7c1-c8086d6fe0c5%2C942d1d63-18d2-4853-a396-27d16fb13fbe&nocache=1651512972491&aus=728x90%7C300x600%2C300x250&divids=MAD_INVIEW%2CMAD_RIGHT_RAIL&aucs=%252F6088%252Fssp.kstu%252Finview-bottom%2C%252F6088%252Fssp.kstu%252Fnews%252Flocal_news%252Fdetail&auid=544041562%2C544041559
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: 682fd3b06408cf80bcbe7e1032e91737373efd7335d8a578fe073c157db59ba7

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.fox13now.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 298 B
484 B 101ms
13ms XHR
application/json 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: fe0bde94840de6bce7c3f8ef0a050d3af8e7813a03ac08e20f5d15505fab9017

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:13 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 298
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 436 B
2 KB 201ms
122ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=1954138%3B1954136&size_id=2%3B15&alt_size_ids=%3B10&rf=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tg_i.aupname=%2F6088%2Fssp.kstu%26mad_inview%3B%2F6088%2Fssp.kstu%26mad_right_rail&tg_i.pbadslot=%2F6088%2Fssp.kstu%2Finview-bottom%3B%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&tk_flint=dmpbjs_v6.11.0&x_source.tid=80d1c852-8cff-495d-b7c1-c8086d6fe0c5%3B942d1d63-18d2-4853-a396-27d16fb13fbe&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.16167785469429607
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 398e0dfde23d15562581d151db0ef7a00fd03035936a4dd83a113c49295937a7

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:13 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.fox13now.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 436
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
986 B 271ms
94ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.fox13now.com
date: Mon, 02 May 2022 17:36:13 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 KB
2 KB 287ms
211ms XHR
application/json 34.248.81.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1651512972499&to=0&aun=MAD_INVIEW&gpid=%2F6088%2Fssp.kstu%2Finview-bottom&t=ryx2glbx&pi=3&maxw=728&maxh=90&si=113233&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.11.0%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=10240
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.81.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-81-187.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6eb9289e8f8be25e50aab4b132f8f14f5122b72b312d107ad26e2adbceeb39f7

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 KB
2 KB 289ms
212ms XHR
application/json 34.248.81.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1651512972500&to=0&aun=MAD_RIGHT_RAIL&gpid=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&t=ryx2glbx&pi=3&maxw=300&maxh=600&si=113232&bf=300x600%2C300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.11.0%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=10240
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.81.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-81-187.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 43a664199b8feeac29e3117b618ab9ef8a96a215237c11b7d0b26ff4f644a2ad

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 141ms
90ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698600179795af3a05c97ef2b009d&pos=8a9695310179795afced5c9919250098&cmd=bid&secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 3b85d50bcf6030e3ca50c35243e8cdf98cb270a021422bd806d1ee1680fadf61

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
293 B 108ms
58ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698600179795af3a05c97ef2b009d&pos=8a9691c501797961dc1a6230492e002e&cmd=bid&secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 0415c74d4763642e665ed14556d347dad0ec2517c5a095da2141be855fd802e5

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
content-length: 62

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
352 B 125ms
96ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bpL-ZIByur67OuaKj0P0Le
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 5b771470e8bc028ed5c94b82f21eb6f3c941d093d6aebadb1dd93bf580e2521c

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
170 B 137ms
108ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bmBWNoByur67OuaKj0P0Le
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 5b771470e8bc028ed5c94b82f21eb6f3c941d093d6aebadb1dd93bf580e2521c

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 255 B
1 KB 177ms
141ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d423390d393a77e15c6a77da83acdfbb9d8262d19d8d93501c05a825f0e107c1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:13 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a39e30c9-7805-4d61-80ca-738a89c447c6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.fox13now.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 255
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
507 B 281ms
250ms XHR
application/json 3.67.60.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.11.0&referrer=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tmax=2000

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.67.60.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-67-60-21.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:13 GMT
accept-ch: user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 story Show response
capi.connatix.com/core/ Frame CD5A 6 KB
3 KB 157ms
142ms XHR
application/x-protobuf 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=160402
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7b7fa1aba567848d1083a63d849942b4d73673a8b9c96668bdbad58612db0bf1

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-max-age: 86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 3226

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 74ms
49ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27022641-1&cid=10169015.1651512972&jid=1893475992&_u=aHBAiEAjBAAAAE~&z=1233966893

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 69ms
45ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27022641-1&cid=10169015.1651512972&jid=1893475992&_u=aHBAiEAjBAAAAE~&z=1233966893

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
533 B 60ms
59ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&pid=e1Loxe8TLE606&cb=1&ws=1600x1200&v=7.75.0&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INLINE%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22MAD_HEADER%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22994x30%22%2C%2210x1%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: XASZ8GXX49YCCE4WV882
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: G1B7NodSBdzhJoX5sYC6Q-fe0MwHs5GIuaQ1Fz28nKm8z8kWc_0OLA==

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 300 B
485 B 61ms
14ms XHR
application/json 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: cc25082cad83b67bd4f23160f591b3d15dbf9eaddd6825bc5a2122bd1903a4d6

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:13 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 300
expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 105ms
87ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691c501797961dc1a628788a90038&pos=8a9691c501797961dc1a6291573e005c&cmd=bid&secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 881a468b01d58bbe9a181d2afd895e58c654062571eef232f20742a12668d700

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
content-length: 62

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 449 B
2 KB 200ms
160ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=2090360%3B1954132&size_id=15%3B2&alt_size_ids=%3B55%2C57&rf=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tg_i.aupname=%2F6088%2Fssp.kstu%26mad_inline%3B%2F6088%2Fssp.kstu%26mad_header&tg_i.pbadslot=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&tk_flint=dmpbjs_v6.11.0&x_source.tid=2a803148-8a0b-48ac-8eba-4df46dcc86e0%3Bfc161cf9-68b0-442c-8b46-aa6ea126587d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.6768867462218686
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c1a02d5882714625fc7d5895544ee7776c267ad80af48e1847f10cf9dd18aefe

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:13 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.fox13now.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 449
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
ewscripps-d.openx.net/w/1.0/ 73 B
145 B 26ms
25ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=fc161cf9-68b0-442c-8b46-aa6ea126587d&nocache=1651512972536&aus=970x250%2C728x90%2C970x90&divids=MAD_HEADER&aucs=%252F6088%252Fssp.kstu%252Fnews%252Flocal_news%252Fdetail&auid=544041554
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: 1b2e7ca896b2c6dc5d1930c45c4835d7e6cfe63239e9784a7f3efe35e706cd8e

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.fox13now.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
508 B 82ms
81ms XHR
application/json 3.67.60.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.11.0&referrer=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tmax=2000

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.67.60.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-67-60-21.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:13 GMT
accept-ch: sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
986 B 272ms
135ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.fox13now.com
date: Mon, 02 May 2022 17:36:13 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 KB
2 KB 240ms
202ms XHR
application/json 34.248.81.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1651512972538&to=0&aun=MAD_INLINE&gpid=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&pubId=13797&pi=3&maxw=300&maxh=250&si=217149&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.11.0%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=10240
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.81.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-81-187.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4bdeb9e5df9135dafe1b06d9afc3d9417ee8d6e9f81e9987f1169dba8b4dcda8

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 KB
2 KB 196ms
158ms XHR
application/json 34.248.81.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1651512972538&to=0&aun=MAD_HEADER&gpid=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&t=ryx2glbx&pi=3&maxw=970&maxh=250&si=113230&bf=970x250%2C728x90%2C970x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.11.0%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=10240
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.81.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-81-187.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a12c1a558db4b1e81617d339f8635c532a9fc0095bb673ef01c0f27ea2a24e9f

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
825 B 67ms
39ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c3e224c9f404df7213023634a6855fc7dca9218aa5af375929e17d216b97e64b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:13 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7312556a-760e-486c-9f29-47f08ed0478b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.fox13now.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 96ms
96ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bgZdFqByur67OuaKj0P0Le
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: a679a5f4598f89af7a321f47ba64209e112fd972f974ae79f01a8d2f4ba8b5b0

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H2 200 blockedDomains_6.bin Show response
lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/ Frame CD5A 90 B
327 B 51ms
14ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/blockedDomains_6.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bbc303150996575a6b7e0b472780241c2b91c7f45e4701fc43747598ef010e83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 21:44:27 GMT
age: 330637
etag: "bd245048e7572962d7a7cdfc3aa6405f"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 90

GET
H2 200 insights.bin Show response
ins.connatix.com/df1f7fdf76884268b7ec61841c4afa1f/ Frame CD5A 144 B
353 B 53ms
15ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/df1f7fdf76884268b7ec61841c4afa1f/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d1f9c5c64d175a8bc389afa09401c72262f33961d56241d00902c2a397eac4e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 20:36:34 GMT
age: 161592
etag: "5d0f23b2700a2d2ff3e3f3fc4cba4e1f"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 116

GET
H2 200 imp.gif
obs.cheqzone.com/tracker/ 43 B
79 B 92ms
92ms Image
image/gif 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136fefc234e84e8d9e9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60635f578afe6d4b1474fbd498fbd39e821da61c45085052aae2d05f91e46042dc95b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1908f77f6ba195157aead9eb17de50ae04eb9b1dc148d5cc79d62427d4cc66ca6f82d3baf3dbbce34d2ff42be5eafa785660bcd665c5b116b5131553d408098084d3888fbc9227c32c90c6f5ae53df5f5b1aa35e649593c01577d3bf20f156e6c51acc22fe7b131e029a37e4598690aa78bcd038905ca9cfcbcb69ce010478e84b585773532d96a06ea109d5c18869a99970ecdd22d783eaf03283b7f24e2b7e83e7504fd6bb0a5112f3a3f522f562c4f718b0fd79eb3af52cc414855dcaa13cda4571f9f6cb2522783552764f0405b6f3d839c008b6595c017ca9f710818a120fe2aa9de6ae66a9eef8ff86f1b3f2494920f8428eaa5a6f805f781dd762416c6af67fb36b1ac4efdd7e8966d73996ad2ccfd5118b281d2b3276090180d2b6c9367a49885d1487d9dda7a2890647d8e5ff0ec98a2d3f818c452e63bdd39c033da564c54d951aae&cb=1651512972710&cri=o6exf5Sb8h
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:13 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 396ms
86ms XHR
application/json 64.202.112.255
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1651512972711&sessionId=0325c329-467a-a3bd-4c67-69da57d4c669&url=www.fox13now.com&cheqSource=1&cheqEvent=0&exitReason=4
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:13 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 8af77bce76db67649ec3c8425a70cabb
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 8 KB
3 KB 164ms
121ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&idx=0&rand=31630&key=NANOWDGT01&widgetJSId=AR_11&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clss=5bMTKfEjWaBw25NUFXyd2IsT18iziEVJ%2BDQZxMlxWJ8L0iEzCdkP%2FqV3Ohkxjdf7VT40t4Kinke49H6m&px=325&py=2703&vpd=1503&cw=610&activeTab=true&darkMode=false&settings=true&recs=true&version=2000692&sig=aW6lrE5N&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ddc53662bf62d8109510f975196794936006c340e663a089685acdfb4ac9bf98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1651512973.496064,VS0,VE114
accept-ranges: bytes
x-served-by: cache-lga21965-LGA, cache-hhn4041-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 5e9a846b2ab16dac26bddeebad366692
content-encoding: gzip
content-length: 2461
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK sr Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame CD5A 0
317 B 418ms
100ms XHR
application/x-protobuf 18.221.123.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/sr?v=160402
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.221.123.94 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-221-123-94.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 27ms
26ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

a246a166ebf9f6c28338ae10ebcfe6566d5bd52f9e6a02a6f3fbde5a7d73cc4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28552
x-xss-protection: 0
server: sffe
etag: "1202 / 858 of 1000 / last-modified: 1651490203"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 02 May 2022 17:36:13 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame CD5A 376 KB
126 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128368
x-xss-protection: 0
expires: Mon, 02 May 2022 17:36:13 GMT

GET
H2 200 b1ab96d8-1b4a-474a-824d-179772428f1b.bin Show response
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ Frame CD5A 7 KB
1 KB 22ms
7ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/b1ab96d8-1b4a-474a-824d-179772428f1b.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 580961a03df02992e3246b5d618f1935a41715df91cb96686456842b0fc102e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
last-modified: Mon, 02 May 2022 00:52:52 GMT
age: 59605
etag: "2cd26fbbab3309ffbf0bfa5c69f47867"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 1307

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 41ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.fox13now.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 52ms
28ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.fox13now.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 133 KB
45 KB 389ms
388ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2289476893603779&correlator=156533234994635&eid=31067239%2C31067354%2C44763404&output=ldjh&gdfp_req=1&vrg=2022042801&ptt=17&impl=fifs&iu_parts=6088%2Cssp.kstu%2Cinview-bottom%2Cnews%2Clocal_news%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2F5&prev_iu_szs=728x90%2C300x600%7C300x250&ifi=1&adks=173361388%2C3237403784&didk=1836905583~2389685870&sfv=1-0-38&ecs=20220502&fsapi=false&prev_scp=categories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26temp%3D50-59%26weather%3Dcloudy%26amznbid%3D2%26amznp%3D2%7Ccategories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26temp%3D50-59%26weather%3Dcloudy%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1651512972843&lmt=1651512972&dlt=1651512971593&idt=853&biw=1600&bih=1200&adxs=-12245933%2C975&adys=-12245933%2C897&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0%7C300x30&msz=1600x-1%7C300x30&fws=644%2C4&ohw=1600%2C1070&ga_vid=10169015.1651512972&ga_sid=1651512973&ga_hid=1697838251&ga_fc=true&btvi=-1%7C0&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

18ac8d4d5ed20f07306198ab32db84bca42957ed1476fcaba14ac5d1c232e22f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46135
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4A16 6 KB
4 KB 95ms
14ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 17:36:13 GMT
expires: Tue, 02 May 2023 17:36:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
14 KB 67ms
67ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2289476893603779&correlator=3073035138026208&eid=31067239%2C31067354%2C44763404&output=ldjh&gdfp_req=1&vrg=2022042801&ptt=17&impl=fifs&iu_parts=6088%2Cssp.kstu%2Cnews%2Clocal_news%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%2C970x250%7C728x90%7C970x90%7C994x30%7C10x1&ifi=3&adks=1130257580%2C1666007649&didk=1833655910~1580683054&sfv=1-0-38&ecs=20220502&fsapi=false&prev_scp=categories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26temp%3D50-59%26weather%3Dcloudy%26amznbid%3D2%26amznp%3D2%7Ccategories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26temp%3D50-59%26weather%3Dcloudy%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1651512972862&lmt=1651512972&dlt=1651512971593&idt=853&biw=1600&bih=1200&adxs=325%2C-12245933&adys=2082%2C-12245933&ucis=3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&frm=20&vis=1&scr_x=0&scr_y=0&psz=610x30%7C1500x0&msz=610x30%7C970x0&fws=4%2C132&ohw=1070%2C1600&ga_vid=10169015.1651512972&ga_sid=1651512973&ga_hid=1697838251&ga_fc=true&btvi=1%7C-1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

08185d715323a9d85a1cf56b3051b4f7b1a6ed4e6778aa3ebdd5ad366a845905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14019
x-xss-protection: 0
google-lineitem-id: 5808548132,5808548132
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138366867669,138366867672
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK ao Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame CD5A 0
317 B 381ms
100ms XHR
application/x-protobuf 18.221.123.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/ao?v=160402
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.221.123.94 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-221-123-94.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
494 B 54ms
54ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&pid=e1Loxe8TLE606&cb=2&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22id%22%3A%22Connatix_Instream_Video%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: 79MYAK5XQK399C8FJQXH
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: xtmTD_J_2UzGA2vMYUpwyAMCOcV816xCLvFdqENt1kkT6w0BX7Tkew==

POST
H/1.1 200
OK g Show response
capi-tier-2-us-east-2.connatix.com/rtb/ Frame CD5A 322 B
562 B 571ms
275ms XHR
application/x-protobuf 18.221.123.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=160402
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.221.123.94 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-221-123-94.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 9cafffd2ec0ba717288a3f96d350a82a6d0ed8b89fc08feb5389106bd764dc25

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 264

POST
H/1.1 200
OK ps Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame CD5A 0
317 B 390ms
98ms XHR
application/x-protobuf 18.221.123.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/ps?v=160402
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.221.123.94 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-221-123-94.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 f6baa5fc-8886-440a-9db4-c38f8a3cb887.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 32 KB
31 KB 31ms
12ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/f6baa5fc-8886-440a-9db4-c38f8a3cb887.jpg?crop=600:410,smart&width=600&height=410&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 61b97e3c5a9341f70c36bb1252aa7a33de3a7b111493f9d6b6ae69e8961fd5ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: br
age: 60110
etag: "uLdQZ95ixC98gnBFx97X+W7QmY0pCTwcgVwkXLX4jak"
access-control-max-age: 86400
fastly-io-info: ifsz=85093 idim=1280x720 ifmt=jpeg ofsz=32749 odim=600x410 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 31997

GET
H2 200 f6baa5fc-8886-440a-9db4-c38f8a3cb887.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 29 KB
28 KB 30ms
12ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/f6baa5fc-8886-440a-9db4-c38f8a3cb887.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 819e5ed6193610d1204aa6ffd591e31a4a6bf3f263d416f8e1a11dabe45f1364

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: br
age: 60110
etag: "pmoVe8i+IFrualtOBpon67iPsVyWjh1XvVOX1196tPc"
access-control-max-age: 86400
fastly-io-info: ifsz=85093 idim=1280x720 ifmt=jpeg ofsz=29202 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 28483

GET
H2 200 80985990-024b-4de8-9455-b672d3eb02b7.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 27 KB
26 KB 30ms
12ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/80985990-024b-4de8-9455-b672d3eb02b7.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c679c5e725893da0461190852bcb25fe023b9d01cb188622e711a89424159510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: br
age: 60110
etag: "E4hnBudJjyM4jnED4s9bctJjXbAAqPTANXcddhFdLSs"
access-control-max-age: 86400
fastly-io-info: ifsz=75955 idim=1280x720 ifmt=jpeg ofsz=27401 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 26654

GET
H2 200 939e461e-6e6a-472b-a7d0-8745d1ec8d3b.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 14 KB
13 KB 29ms
11ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/939e461e-6e6a-472b-a7d0-8745d1ec8d3b.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d08019d740a977b51645ff931dcce8de0fb4fc53864a5274d026adce3799101e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: br
age: 60110
etag: "8JiFK8sWpQgJFf1oolsoN8ueKkuAM9WRLYJYydJrwnM"
access-control-max-age: 86400
fastly-io-info: ifsz=48042 idim=1280x720 ifmt=jpeg ofsz=14228 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 13339

GET
H2 200 0be6c3e4-bf70-4847-ac03-86561cf80ba8.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 30 KB
30 KB 29ms
12ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/0be6c3e4-bf70-4847-ac03-86561cf80ba8.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5607ad5eec2c8207f27a8e873fe408b52156a2542a842529004ad1d2826b8a52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: br
age: 60110
etag: "NrP/KWXdpQIFBcj8oBnNlMRQIW4e/br2XUdvZHt7Pkw"
access-control-max-age: 86400
fastly-io-info: ifsz=299700 idim=1920x1080 ifmt=jpeg ofsz=30478 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 30093

GET
H2 200 d74861fc-82ef-4bc0-9dae-a3b7ffcda5cb.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 16 KB
15 KB 29ms
12ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/d74861fc-82ef-4bc0-9dae-a3b7ffcda5cb.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3f43dc8206d29c644ee28bc5d82e97f0b26f99cb78a41b00a272edf17324bbff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: br
age: 60110
etag: "s/tJo6fuinyoNEginRuZ2Gnx6ZR8L5dHAwq5oQU9NEM"
access-control-max-age: 86400
fastly-io-info: ifsz=107578 idim=1280x720 ifmt=jpeg ofsz=16138 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 15615

GET
H2 206 e0b4ae5f-ca8d-4eca-9068-5109c238c2cd_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 1 MB
0 14ms
11ms Media
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/e0b4ae5f-ca8d-4eca-9068-5109c238c2cd_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
last-modified: Mon, 02 May 2022 00:50:32 GMT
age: 60110
etag: "962e620a99bf90cb6c3a8c75088a2c3e"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1100315/1100316
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1100316

GET
H2 206 b491fd35-877f-443d-858b-0a78a0ec5f5f_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 940 KB
0 13ms
11ms Media
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/b491fd35-877f-443d-858b-0a78a0ec5f5f_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
last-modified: Mon, 02 May 2022 00:52:52 GMT
age: 60110
etag: "f8ca07e5d2ae0ef9299f04fc065d6201"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-962814/962815
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 962815

GET
H2 206 742399af-83a0-4e59-91a4-2e8a8939f91a_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 1 MB
0 12ms
10ms Media
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/742399af-83a0-4e59-91a4-2e8a8939f91a_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
last-modified: Mon, 02 May 2022 00:50:45 GMT
age: 60110
etag: "51d4500383732544cedd4800a0481cdd"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1140938/1140939
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1140939

GET
H2 206 a88d62bb-e117-413c-a2ed-d68c11a835cb_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 396 KB
0 12ms
10ms Media
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/a88d62bb-e117-413c-a2ed-d68c11a835cb_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
last-modified: Mon, 02 May 2022 00:51:26 GMT
age: 60110
etag: "b978146296d99b7ec6dc505088faacb2"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1070951/1070952
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1070952

GET
H2 206 f549b098-3d66-411e-91fa-b7043d3bcf82_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 1008 KB
0 19ms
18ms Media
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/f549b098-3d66-411e-91fa-b7043d3bcf82_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
last-modified: Mon, 02 May 2022 00:51:45 GMT
age: 60110
etag: "b5bb452b724e6fd6cf994b81d3044b20"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1032580/1032581
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1032581

GET
H2 200 6d6d25e3-5be4-444b-82ae-a8f0bb892234.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame C3D1 102 KB
26 KB 96ms
94ms Script
application/javascript 2600:9000:2156:d600:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d600:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 894bd4636346f9710907258043cf9936f4fcb1cf7d36bde7c1100351aae5ba96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: bG0a1Iic1cNEQ0vVtF.bEEpn65ckOQQM
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 14:34:00 GMT
server: AmazonS3
age: 3581
etag: W/"4e703f7c81ff1913b8ac915fa4da2a5d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Mon, 02 May 2022 16:47:55 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: PclH9VwOgJ0vc9L_hTqcgpHKE6eqYfJ8bjDSZyPEHWbKk6-Yxt1T5Q==

GET
H2 200 15486753121950169319
tpc.googlesyndication.com/simgad/ Frame C3D1 64 KB
64 KB 43ms
9ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15486753121950169319

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d536966adfb264a5bf8db50aa3cdad7b8ee1abab313d1a6dfaa6bcdf7461a3d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:57:10 GMT
x-content-type-options: nosniff
age: 275943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65157
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 16:37:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 29 Apr 2023 12:57:10 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/ Frame C3D1 3 KB
2 KB 41ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:33:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 17:33:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C3D1 120 KB
37 KB 76ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 May 2022 17:36:13 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C3D1 0
0 317ms
15ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBi_9RoKJS4VHNfpzw2ZgI6M1bS215NrpV5mtZsNmaGbNMLmDLm90IAqyC9FQO2aI83zdlzTOGSpVeHkJxk6MGTu8WBA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 277ms
9ms Preflight 3.126.73.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.73.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-73-74.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.fox13now.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Mon, 02 May 2022 17:36:13 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 6d6d25e3-5be4-444b-82ae-a8f0bb892234.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame FF56 102 KB
26 KB 67ms
66ms Script
application/javascript 2600:9000:2156:d600:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d600:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 894bd4636346f9710907258043cf9936f4fcb1cf7d36bde7c1100351aae5ba96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: bG0a1Iic1cNEQ0vVtF.bEEpn65ckOQQM
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 14:34:00 GMT
server: AmazonS3
age: 3581
etag: W/"4e703f7c81ff1913b8ac915fa4da2a5d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Mon, 02 May 2022 16:47:55 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 97VOGPToe3rA4RBlNsPr_cYfBvikVC0eNwKe1rCHXoRaSZk3uil9lw==

GET
H2 200 15687135567848454657
tpc.googlesyndication.com/simgad/ Frame FF56 48 KB
48 KB 55ms
21ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15687135567848454657

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f81c4b32e0d523fe22b671c2cbd5bc0285ff19e5a2deb58a00d84077fe6cb8a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 01 May 2022 02:55:46 GMT
x-content-type-options: nosniff
age: 139227
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49490
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 16:37:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 01 May 2023 02:55:46 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/ Frame FF56 3 KB
1 KB 41ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:33:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 17:33:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF56 120 KB
37 KB 84ms
52ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 May 2022 17:36:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FF56 0
0 308ms
16ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQCRtfwTWJA94QwBrLUZ-Rn9gCCNSUmo_6BQ8tRFSQXF77F2gvVkpMpTCAuwsDVrZUk7b3b6oEGpVLJ-p4z4rYmLDjx6w
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

POST
H2 202 event Show response
prebid-a.rubiconproject.com/ 61 B
236 B 8ms
8ms XHR
application/json 3.126.73.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.73.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-73-74.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 02 May 2022 17:36:14 GMT
content-length: 61
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 202ms
87ms Fetch
application/json 64.202.112.255
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=54242074a315f5bf4a16a572ffec977e&pvId=54242074a315f5bf4a16a572ffec977e&sid=848723&pid=38984&idx=0&wId=339&pad=0&org=0&tm=951&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=3544&wRV=2000692&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=1&rtt=280&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:13 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: fbc6032750f6701877613a47550054ed
Content-Length: 4
Expires: 0

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000692/module/ 37 KB
14 KB 20ms
18ms Script
application/x-javascript 92.122.145.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000692/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.145.25 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-145-25.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 556ea8be84a3bba47fb218fefab370e8f0dd0e3887728c38e1565e77e559c812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 16:16:18 GMT
server: AkamaiNetStorage
etag: "a1975d11f3f08ccfb83e02427aae8988:1651164205.893668"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13492
expires: Mon, 02 May 2022 21:36:13 GMT

GET
H3 200 bridge3.512.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C86F 630 KB
205 KB 25ms
9ms Document
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 284178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209474
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 10:39:55 GMT
expires: Sat, 29 Apr 2023 10:39:55 GMT
last-modified: Thu, 21 Apr 2022 16:19:01 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame CD5A 44 KB
17 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 02 May 2022 17:36:13 GMT

GET
H3 200 bridge3.512.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3CD3 630 KB
205 KB 9ms
9ms Document
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 284178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209474
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 10:39:55 GMT
expires: Sat, 29 Apr 2023 10:39:55 GMT
last-modified: Thu, 21 Apr 2022 16:19:01 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.512.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame BA8E 630 KB
205 KB 9ms
7ms Document
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 284178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209474
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 10:39:55 GMT
expires: Sat, 29 Apr 2023 10:39:55 GMT
last-modified: Thu, 21 Apr 2022 16:19:01 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 51BD 37 KB
13 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 16:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 02 May 2022 17:47:12 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D2F0 37 KB
13 KB 16ms
10ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 16:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 02 May 2022 17:47:12 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7203 37 KB
13 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 16:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 02 May 2022 17:47:12 GMT

GET
H3 202 6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame C3D1 0
552 B 148ms
129ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=802868
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgqpKTGCI4fdl4UipwBivX%2FJRsV56NKFcwjQPotg%2BEDvPIl6IOrsAUk2mkrydyyt31n0Ktwxf7xP0uQ9dUsVR1tfQLCIj0ASMoqE0%2BDsddRDw1HSas7NLQtQPcnga%2FlGrYGVmwcB6s5TORyXJHozU5lqzg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 705284973ac49107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: FutaTL8OPn_ZIAMCH_vB

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C3D1 0
0 43ms
43ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjsLKRa8yRLamQjgKGSXDeQQGdP3ujd4SId1QV1SZGq_VwZ6ylfhftc1nSPwg-1jnglxHLmR5bjQda9bQFk7Idhbr7qCOcOV6NoevoTTPAtOsyqF_7Sxfr1kIQVtkbeiKQIfWlOOa4Udt07hbNrRIHipXHGLMNk75xreXLTHkcCCEsDXbLTjegU_a3yFjTzG3UTQda4D_3IqAHz8Vz5Ri_bbI3rtXsG8l55hg5PqwMzp-8A1P2jXAbD67_7WDHoQS_URIOieGaoLbDHgxyUgeu14siGJpOsAQMYT4_geLSzA9A4aHSV-cDQW_F-zumvjheP6ZNHWajDg&sai=AMfl-YRwlmK4c2DgnfHCxyD8W0HJu7SP-7m_bIXaGtQem71UMtM012RjJdVFMQJYuX7kOFoKtlgBYd_TqJrYJSfmDnhPccdK4XlPaA7WOiK5QbWd2BnyJ2NX8gxcHcMPvfQ&sig=Cg0ArKJSzDJiPrNxKvzNEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 17:36:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 02 May 2022 17:36:13 GMT

GET
H3 202 6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame FF56 0
592 B 133ms
126ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=724425
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxhCUqz8ZjNS%2FXqLQygBqKza%2BLH5Se7PhfqGpdSqldsgxRe9dXpb2EvUao7eTu4n%2B1bh6CjIc3o%2FCDvj%2BJS66fu9bYrzUW4jYX9vgt0IFLA1xOlcjRR6T81BQxMDqDLB2X8ZFsa2Q%2BbgbrqKTQ4HKWGKVw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 705284973ac19107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: FutaTL7dt5RdolYCTDNh

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FF56 0
0 43ms
43ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMiArqnnE5__TKR14ro0dxr43MdFxfMqFZ2ydhaI1oV7-7n2s128Uspk2sIy82D5Fxxkuadr9OzfaE1pe12lzynlN6lNZCFHbotARcTg4RGAaWbvHuTxjYJUcPVmIOUgf6u2fPU1mnlQWWFmI6rsq0cv4i3ajEz9-lsXouujzfaF9UkHSLMj3Rgpw31lk_e2t1Wa9J03ob_6RyhsOI5AQ4KLgEVVVe8EmvX_Yrp5Y9X4HkzWm6Bt68-DeCHlyJ2E-eUroVVmvMZvyjesh73CSfmI2myqA8ryZUAOM_Kl1HILyROV3znVD3vXp8BjjniTqm5Xufd22l2Q&sai=AMfl-YRWe-7FFhmFoxtpYa5DGt_yboSgWGDIkw_fzqkRaV-YAbKkvDXywxCAUMaZzxzFooSMUQ-6Q5JRMmv0BiXFo9ZN6-xUZD2lsQx3P2zWEQSMNnZMYFU_xMM2ldTQpLk&sig=Cg0ArKJSzPCka1NFBOqbEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 17:36:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 02 May 2022 17:36:13 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C3D1 0
0 43ms
43ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXOkX4HzEy9N26QskPCEX6_9X2FBwo6KuKxhOamCDCqOXwBUk3A_ktxZkiQociHdQJmfqa7FTSB_h7xDqhLqyoodJwibq60uhQ15zgHLAHmJdeXT15lpSnHEvDmPEoT_C8U_4zvZNw0FmFQsOy1eby-c39L5Ps609vlPkxJAYk5lEm3cUTrTuRX0Fuq7R4XIeMm6ymuhydwgOQc9DbV09m4Zse-fE9aF1YxM6G0jcy0l-71QPxZXP3I5g_IZFA6If7KQkktQs-RnQXuQ0QlR5iUihXwE0m-6nHPE94xDi9ybYrSj4j6pINSX4u9UJBHJuDDr8UZ4xi2Y0u&sai=AMfl-YQAYEbYQaOw3BC2C05DWLfxOjW5rC7rWz5P3mGD8Z2dCfybyLePlLUy_x137-eH7mGq1KQ_eiIIDfIE88v0XC4FteqEUj2P6CeRNHxa_J_2P9NeBV9MS-jDIcu-d7g&sig=Cg0ArKJSzHqS1wyEHnR2EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 17:36:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 02 May 2022 17:36:14 GMT

GET
DATA 200
OK truncated
/ Frame C3D1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e292c91fb15681f0c7a6f608ecdd8d7c254eb4f5eddd968cf3b7b164d6703c18

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FF56 0
0 42ms
42ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJTVZfVOl4OOv0CNP6BBacojf4G0RvrBYhxKXbemQgdYMDevMzoJOn7LUwfW-YjQ4bBF2Fhl3OufgJQLNAm6wmOUihDzY2gNzXiiNGwXFggVOzNwaNg3wBbraxK1rZaM4_zJ4FK6yGXK__f1KKTi_ZlBWTBH37yKrcjigzo5VGkv7DuCRpTV8zO9AocTckhHBjOjSteDVdlGiAq_Xm65O4Pzyo5HQyAxrB7UP8gqu2etbr2_bZr0wBk2ttN0kEHtxVz8uNuWlqDSYMmHyVpvKZGfr1vY6V23jTwAbjZerjRlRQShyaTJoppupsLbtSqvwxynK9Lv7tl0AM&sai=AMfl-YQx6iCLd-FbHYDEsskvYH4evWb9cs4FqAKScY9PKfeTdA4KaQoHb2zjF2DiDXwmRRsOqXBqdHYoVMWuZ3jVN2-1DNOY1-D8uyI8-0rY4Rq3sQDJPUkdXpNo2gCuXq8&sig=Cg0ArKJSzPNbqWDrP934EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 17:36:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 02 May 2022 17:36:14 GMT

GET
DATA 200
OK truncated
/ Frame FF56 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6825fb204353117112675b7bc797d0b5532b5ee27e59c4271d7e1f88ce95c28a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 9 KB
2 KB 214ms
207ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&settings=true&recs=true&widgetJSId=AR_11&key=NANOWDGT01&version=2000692&apv=false&sig=aW6lrE5N&format=html&rand=1859&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NTQyNDIwNzRhMzE1ZjViZjRhMTZhNTcyZmZlYzk3N2U=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=no_abtest&clss=5bMTKfEjWaBw25NUFXyd2IsT18iziEVJ%2BDQZxMlxWJ8L0iEzCdkP%2FqV3Ohkxjdf7VT40t4Kinke49H6m&dpr=1&cw=610&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000692/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f5c4c44a3bf0896103ad153f498797871c1f22dd43d3eac10ef9ce7cbd838d7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:14 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1651512974.065372,VS0,VE200
accept-ranges: bytes
x-served-by: cache-lga21942-LGA, cache-hhn4041-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: a4a03e1c4511084554e8b7bbc48ebb37
content-encoding: gzip
content-length: 1631
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK 3f4c2c0c-c9c6-4829-aea7-d44ce71a11e4
https://www.fox13now.com/ Frame C3D1 785 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.fox13now.com/3f4c2c0c-c9c6-4829-aea7-d44ce71a11e4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 785
Content-Type: application/javascript

GET
BLOB 200
OK 6da2b454-c441-4e47-a9b8-d13fc19ff962
https://www.fox13now.com/ Frame FF56 785 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.fox13now.com/6da2b454-c441-4e47-a9b8-d13fc19ff962
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 785
Content-Type: application/javascript

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame 984C 222 KB
62 KB 143ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104684
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Sun, 01 May 2022 12:31:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 01 May 2023 12:31:30 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 984C 16 KB
6 KB 154ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104683
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Sun, 01 May 2022 12:31:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 01 May 2023 12:31:31 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 984C 96 KB
29 KB 156ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 284696
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Fri, 29 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 29 Apr 2023 10:31:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 984C 5 KB
2 KB 159ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 284696
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 29 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 29 Apr 2023 10:31:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 984C 42 KB
13 KB 160ms
26ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104684
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Sun, 01 May 2022 12:31:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 01 May 2023 12:31:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 984C 8 KB
1 KB 150ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 May 2022 17:05:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 02 May 2022 17:36:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 May 2022 17:36:14 GMT

GET
H3 200 container.html Show response
1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C28B 6 KB
3 KB 27ms
8ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 17:36:13 GMT
expires: Tue, 02 May 2023 17:36:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 984C 2 KB
2 KB 132ms
9ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 01 May 2022 20:16:06 GMT
x-content-type-options: nosniff
server: cafe
age: 76808
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 11660698925711390587
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Mon, 02 May 2022 20:16:06 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 984C 295 B
319 B 130ms
8ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 42760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 03 May 2022 05:43:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 984C 0
0 16ms
15ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSUztTIWqL_psGarjM-HmnFItOHf7_g-pc7rSQoJsDuExORTZzmkyIwtS--jXu3ft_1iJcrBMAL7nYq3i-ooAzvlpSRIg
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 984C 0
0 50ms
50ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3aP6jRZwYpnIJ-KC9u8PwsOzqAKdzeX1aZPdq8vUD9_U64iPGhABIOaUhRhglaKVgqAHoAGr1bS7AsgBAeACAKgDAcgDCqoEqAJP0JLUhDG5JtjuVMwdgyoo3r3IGpEdXpSDWt70buSSAHcRiqXvrPaTGcAMUgM2E4uX6yhxNoCRggypKtBOoEzy1Yf8om3_WwucCCrp9A38Agf0bIkCquTbAF8E9QvGbfgSqWrqahz17ucvSohAcOUMyk7hh07w5Me70CnAE0Ez3FxDM6Q-IMS77h4v3xQO3AalSzxuZgr9XAul2pxQYLETnWU6i-u49gGMGgorp61gYTO9f49x5OBqA4qRMtK5xz5W2ZxHufefPdgmpKv1o7jW4loF19hvwGeqawh289BT9Yr5nz8USVcGcghTgTmD8GNahbANJ9Rp57xdLOnotbtX1EKK6KkdwD-0wQ78MoAjcsCHylSsbLM9t5y9PEJ2Hmiz6bG2Jhmey8AEzbOnlbUD4AQBkgUECAQYAZIFBAgFGASAB8W0k8kBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ-e8c0ggJCIjhgBAQARgdgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTg0MTQ2MjcyODAwNTQ1OTMYrYsR&sigh=ITWRRtQTmfs&uach_m=[UACH]
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

POST
H2 202 event Show response
prebid-a.rubiconproject.com/ 61 B
236 B 8ms
8ms XHR
application/json 3.126.73.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.73.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-73-74.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 02 May 2022 17:36:14 GMT
content-length: 61
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 9ms
8ms Preflight 3.126.73.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.73.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-73-74.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.fox13now.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Mon, 02 May 2022 17:36:14 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK g Show response
capi-tier-2-us-east-2.connatix.com/rtb/ Frame CD5A 0
317 B 99ms
98ms XHR
application/x-protobuf 18.221.123.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=160402
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.221.123.94 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-221-123-94.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Mon, 02 May 2022 17:36:14 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
DATA 200
OK truncated
/ Frame 984C 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ebf1c39cd23649c034338045b6c7ec1847236fbe8b7151ee06ba94720454568

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 984C 28 KB
28 KB 35ms
9ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 501754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:13:40 GMT

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000692/module/ 503 B
666 B 18ms
18ms Script
application/x-javascript 92.122.145.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000692/module/singleAnimationOnFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.145.25 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-145-25.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2a79e90edbe846d09a8e7b14eade333cfb73e19980f78ca2102a9b6958329860

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:14 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 16:16:18 GMT
server: AkamaiNetStorage
etag: "c323911dccd1c289d978ec5fed69d2da:1651164199.684355"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 338
expires: Mon, 02 May 2022 21:36:14 GMT

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 86ms
86ms Fetch
application/json 64.202.112.255
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=08d092c6c88926dede12b9f8bde6171c&pvId=54242074a315f5bf4a16a572ffec977e&sid=848723&pid=38984&idx=2&wId=974&pad=0&org=0&tm=1802&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=3574&wRV=2000692&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=523&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:14 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 6c1e6bce5420903324c25277d0440764
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 86ms
86ms Fetch
application/json 64.202.112.255
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=b7237f2c329973791f6ad3ba71f29f3b&pvId=54242074a315f5bf4a16a572ffec977e&sid=848723&pid=38984&idx=3&wId=975&pad=0&org=0&tm=1804&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=3574&wRV=2000692&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=523&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:14 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: adbdfc3295e5c10231c866e370864990
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 171ms
87ms Fetch
application/json 64.202.112.255
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=bd41cfcd634f2c7d9694aa7df8b8b358&pvId=54242074a315f5bf4a16a572ffec977e&sid=848723&pid=38984&idx=4&wId=974&pad=0&org=0&tm=1806&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=3574&wRV=2000692&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=523&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:14 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: b51e66f071556765fa1adbed335e1f3e
Content-Length: 4
Expires: 0

GET
H2 200 6d6d25e3-5be4-444b-82ae-a8f0bb892234.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame C28B 102 KB
26 KB 9ms
8ms Script
application/javascript 2600:9000:2156:d600:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by: Host: 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
URL: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d600:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 894bd4636346f9710907258043cf9936f4fcb1cf7d36bde7c1100351aae5ba96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: bG0a1Iic1cNEQ0vVtF.bEEpn65ckOQQM
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 14:34:00 GMT
server: AmazonS3
age: 3582
etag: W/"4e703f7c81ff1913b8ac915fa4da2a5d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Mon, 02 May 2022 16:47:55 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: GuidPi6n0tgjdHsd2PU8lNTZ7PC0B_RCFBglJ4sW4HorlT6HzevfrA==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C28B 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CpZpvy2jNvK7xfS9Mx_5z3jt85yVJXQ_O9kMn0gCIeSwek6H-0a8Kfn05wF4Ab12goS4HUmPFCIirhL9GybwehNRGYZWWtSf3bl_DqVNqB-pjB_Ig

Requested by

Host: 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
URL: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/ Frame C28B 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
URL: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:33:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 17:33:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C28B 120 KB
36 KB 36ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
URL: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 May 2022 17:36:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/ Frame C28B 15 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
URL: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 17:34:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C28B 0
0 17ms
16ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTP0aeVEfBtihGXvP05eOMp17IPn8uZKO-t1ZWxcs37UDzRexDN_2XzH-9jWiwDSlHH3nEAreHfFCVnvGTVQzdVfcyR8g
Requested by: Host: 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
URL: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 984C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

64ms
63ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

date: Mon, 02 May 2022 17:36:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 202 6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame C28B 0
549 B 119ms
117ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=598900
Requested by: Host: 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
URL: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjzsopo8jhO2DwVGnrSkmi5QAtGA1JwmWbqwz2DSwi92e5FUxCUfp0t%2FuUMXbTG382kDp8lRBjwCj3XdzihJmPqmz6ylYNfsDRdYUN36wJ3TkGxIAn7JVSi%2FW3hodVEkGitpVRTsy2336kW0MQfYdyQFfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 7052849bdba69107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: FutaTOn-CPaawsAAWQXR

GET
BLOB 200
OK b42cb1cf-a095-4a20-b7e9-96fbd6188879
https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/ Frame C28B 785 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/b42cb1cf-a095-4a20-b7e9-96fbd6188879
Requested by: Host: 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
URL: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 785
Content-Type: application/javascript

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 70B0 624 B
733 B 50ms
20ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGInDncEBMAE&v=APEucNWouRXJWq82ausJ-L4Miw3N3qgKS1lvwVqK6NUCNXqS7jgfGPeM9KUsyTdnvKN5xL1YSUCEiuCf13Ctoors8avlu-cJW9Ju-siwQSEjcJLJZGIzee-_kec_GupKZKkJFfYJvZmcInNyMFaZ6n8uMf6b7IokzNc4rfSlgnK-dlCgRPpSqgY

Requested by

Host: 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
URL: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 17:36:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame C28B 106 KB
37 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/
Origin: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 13:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14969
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 May 2022 13:26:45 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220428/r20110914/elements/html/ Frame C28B 6 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220428/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
URL: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 421
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 17:29:13 GMT

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220428/r20110914/ Frame C28B 19 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220428/r20110914/abg_lite_fy2019.js

Requested by

Host: 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
URL: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 17:32:39 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C28B 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
URL: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 16:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521708
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 16:41:06 GMT

GET
DATA 200
OK truncated
/ Frame C28B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ce1db0351462b2e1bbf5112d81dd48cadfacb1e9e4cbea2207c441e78eb2511

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8851140725476658159/ Frame D171 6 KB
2 KB 27ms
8ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8851140725476658159/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30a9437a61cb0f44994dccdc0478aab9679c626d5d9da498b5cc00e808d23226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 154520
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2390
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 22:40:54 GMT
expires: Sun, 30 Apr 2023 22:40:54 GMT
last-modified: Wed, 09 Mar 2022 08:07:52 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C28B 0
622 B 75ms
51ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXw2IpNxhrbBwoGWXkB1yrr5oXEPgj5lFFZVau5cZceVe0DzlcHeB-dPUAoQYrHCMsgsEgv_w3i6NuX2oW9Y5_A20TtHqPVPAsGswL37p6TB-Us0iwmgDJYZ0T_FFSvuzGmg1iZRST3nvonzhYYF6DQ6SuTMMD-F-QBPENT7ZHkIs1RxNjJlEQdMbqGoDmsh4Tnjn5khHHyr-XqIFiVcbbZ4fw3ScVEdBSjRQG_ZLXydksVINSPAo6C8EJdRFlmluOQB7i8h8ifZbNGb5xkDFa3Vwh4G0_lkpkK_8ixGcyMfqiy_tiOntyrqFmjdSS7W3yST9sUF2-REc9zDHxdP3Jfm8VRKtfDYLBeU4xOXQUhgtl12_CuSBFa805VxhOljogVDL33inIQrKw44pwC5Qadot91s-hPVb54YnAEismfsk9tcvo-hUxcW7h1-FLDd7LQmFFV_zaQjdbORXrrcWvm8hQGsFIAnDlXrZfOYYHzFAEZGstCpRlYR2-MnJ9MQw_W3CdLrmQJ6rb8X_wmpnKizE7FXLbPYh8eZNYoPAaJzDgPiuk25jEAGBmg7qho3tRA-kGLT0eEWDCrN6fJOpubf3wZWAbK9EQaQvs4c97H0rTmzbBRuwmxHTsIVU_MjU4w5H-3wD-R5Y2rbDvxY62aii6c1nCDzW8Xl1f2hLFp8hwCiPT5QPOfHapk6XLCa_AmKYcTMDCbOr98YdRaSjsSsQkzdOGoAG40J4kEMSk-TxuremRb6RZCYByotTq5tfIlyya_h7df4hMeouJAPAF6yIPGaHCQo6ZwHwRlckXR3KKI-7KTUuWKAXAlkmckNUt_qlau0cSPTZWhK-9B3qdpAHEWqREkyGrO4ivaYlWGx215CEEhV1lsBT0oBfYtDCU7sQEKOyh2nH20_upOyAqGnxNiTnNFUR2Nmcy2oc-D8iZPyr30o3k9E6Er3EjfOE_MplGh-UhvHQjd7OZ7uWSzyb7G907uMUNUAXVjp_DAqsse_cOsyYXBNo25gCmk9qd5vzp4SyfQrjydrq-FqpZClf7bQE14b4MK6Of3DdL-cjqNvOyIaWuIqEACwVFw_mcEd0BZ8OlCp-8knEN0t0xs9os1YphBaGX4h6BrHDnm0YLX87VLPwHoaGHnkG_OcFMo7colx6YTnnxBcpdNaMVDgi5Krxp-Vn2oyFJQVS4ILuLp6P5WOLhMNjU4bJH4G-35PJjbh-V4lY&sai=AMfl-YSACDCKW4yXOAp-ofIy1PWmQz-pbiOOMGPQmzDnUPH51ZHK_3oRZTtylhoEfmzJFhA_MNI32UsnH2MSZrcoIMhU6MVincYEjeW-Hy96uKd1sYcy1rrO0xf-pWglVlRvI9vsi3SatBpI1lpgRAQNbGIzCY-3jVkAz9khWnWEXcpORsRx6rVjTKCtz6bdN1ZgClkphWyB8ajypbPzVHqd6yzYyXWUfcHHwshXke2qUx1qEB3tB2wXsNMQxbJFDqKEzrzNWP048WOND0rckZqqZS95ue6b4eqYO05u_eZs9-c_XDt1VVxPglpOK6sGiwkBTHiL5m7eUOjyG10lAHP6OspWLUM3ZNoi89jhM2AaEzTPt-VHwCu0wvjLhvj6KC7YXWycXcCYMNKcYHaSq7-mKQ&sig=Cg0ArKJSzBYxDHWpI6tTEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=115&cbvp=1&cstd=112&cisv=r20220428.11432&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 02 May 2022 17:36:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 70B0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDdXVuke6EZZCsW2ireifQ&google_cver=1

43 B
1014 B

17ms
14ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDdXVuke6EZZCsW2ireifQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGInDncEBMAE&v=APEucNWouRXJWq82ausJ-L4Miw3N3qgKS1lvwVqK6NUCNXqS7jgfGPeM9KUsyTdnvKN5xL1YSUCEiuCf13Ctoors8avlu-cJW9Ju-siwQSEjcJLJZGIzee-_kec_GupKZKkJFfYJvZmcInNyMFaZ6n8uMf6b7IokzNc4rfSlgnK-dlCgRPpSqgY
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 May 2022 17:36:14 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDdXVuke6EZZCsW2ireifQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 70B0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YnAWjgRXW.iS0PYjz59qoAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDdXVuke6EZZCsW2ireifQ&google_cver=1&google_hm=2

43 B
894 B

15ms
15ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDdXVuke6EZZCsW2ireifQ&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGInDncEBMAE&v=APEucNWouRXJWq82ausJ-L4Miw3N3qgKS1lvwVqK6NUCNXqS7jgfGPeM9KUsyTdnvKN5xL1YSUCEiuCf13Ctoors8avlu-cJW9Ju-siwQSEjcJLJZGIzee-_kec_GupKZKkJFfYJvZmcInNyMFaZ6n8uMf6b7IokzNc4rfSlgnK-dlCgRPpSqgY
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 May 2022 17:36:14 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDdXVuke6EZZCsW2ireifQ&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 70B0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELXKeNzqpzD4ParYZP9ed5g&google_cver=1

43 B
1010 B

16ms
15ms

Image
image/gif

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELXKeNzqpzD4ParYZP9ed5g&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGInDncEBMAE&v=APEucNWouRXJWq82ausJ-L4Miw3N3qgKS1lvwVqK6NUCNXqS7jgfGPeM9KUsyTdnvKN5xL1YSUCEiuCf13Ctoors8avlu-cJW9Ju-siwQSEjcJLJZGIzee-_kec_GupKZKkJFfYJvZmcInNyMFaZ6n8uMf6b7IokzNc4rfSlgnK-dlCgRPpSqgY

Protocol

HTTP/1.1

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:14 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1683c601-b5aa-45ce-8975-8c6bd4b40677
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELXKeNzqpzD4ParYZP9ed5g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 70B0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgxNzI0ODM3MTUzNTQ5NTUzNg%3D%3D

170 B
243 B

17ms
17ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgxNzI0ODM3MTUzNTQ5NTUzNg%3D%3D

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:14 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c20b66fc-ff9f-4ac9-863d-3ea57bb56dc1
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgxNzI0ODM3MTUzNTQ5NTUzNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2EF2 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 387104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 06:04:30 GMT
expires: Fri, 28 Apr 2023 06:04:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D171 236 KB
63 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8851140725476658159/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8851140725476658159/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 02 May 2022 17:36:14 GMT

GET
H3 200 avoury-always-on-300x600.js Show response
s0.2mdn.net/sadbundle/8851140725476658159/ Frame D171 86 KB
10 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8851140725476658159/avoury-always-on-300x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8851140725476658159/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41a28d458bc0e66416f4017910f067d9e6ae0ca802102f2555b90a53927b3a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8851140725476658159/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 22:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154520
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10280
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 08:07:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 22:40:54 GMT

GET
H3 200 e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2EF2 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 15:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13654
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 May 2023 15:44:58 GMT

GET
H3 200 avoury_always_on_300x600_atlas_P_1.png
s0.2mdn.net/sadbundle/8851140725476658159/images/ Frame D171 121 KB
121 KB 9ms
9ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8851140725476658159/images/avoury_always_on_300x600_atlas_P_1.png

Requested by

Host: 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
URL: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bb33fe0810edd73998b4b4e6e0a5a488d7c2b1decc621be59a2e1d8c4b87f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8851140725476658159/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 22:40:54 GMT
x-content-type-options: nosniff
age: 154520
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124238
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 08:07:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 22:40:54 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C28B 0
26 B 63ms
44ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXw2IpNxhrbBwoGWXkB1yrr5oXEPgj5lFFZVau5cZceVe0DzlcHeB-dPUAoQYrHCMsgsEgv_w3i6NuX2oW9Y5_A20TtHqPVPAsGswL37p6TB-Us0iwmgDJYZ0T_FFSvuzGmg1iZRST3nvonzhYYF6DQ6SuTMMD-F-QBPENT7ZHkIs1RxNjJlEQdMbqGoDmsh4Tnjn5khHHyr-XqIFiVcbbZ4fw3ScVEdBSjRQG_ZLXydksVINSPAo6C8EJdRFlmluOQB7i8h8ifZbNGb5xkDFa3Vwh4G0_lkpkK_8ixGcyMfqiy_tiOntyrqFmjdSS7W3yST9sUF2-REc9zDHxdP3Jfm8VRKtfDYLBeU4xOXQUhgtl12_CuSBFa805VxhOljogVDL33inIQrKw44pwC5Qadot91s-hPVb54YnAEismfsk9tcvo-hUxcW7h1-FLDd7LQmFFV_zaQjdbORXrrcWvm8hQGsFIAnDlXrZfOYYHzFAEZGstCpRlYR2-MnJ9MQw_W3CdLrmQJ6rb8X_wmpnKizE7FXLbPYh8eZNYoPAaJzDgPiuk25jEAGBmg7qho3tRA-kGLT0eEWDCrN6fJOpubf3wZWAbK9EQaQvs4c97H0rTmzbBRuwmxHTsIVU_MjU4w5H-3wD-R5Y2rbDvxY62aii6c1nCDzW8Xl1f2hLFp8hwCiPT5QPOfHapk6XLCa_AmKYcTMDCbOr98YdRaSjsSsQkzdOGoAG40J4kEMSk-TxuremRb6RZCYByotTq5tfIlyya_h7df4hMeouJAPAF6yIPGaHCQo6ZwHwRlckXR3KKI-7KTUuWKAXAlkmckNUt_qlau0cSPTZWhK-9B3qdpAHEWqREkyGrO4ivaYlWGx215CEEhV1lsBT0oBfYtDCU7sQEKOyh2nH20_upOyAqGnxNiTnNFUR2Nmcy2oc-D8iZPyr30o3k9E6Er3EjfOE_MplGh-UhvHQjd7OZ7uWSzyb7G907uMUNUAXVjp_DAqsse_cOsyYXBNo25gCmk9qd5vzp4SyfQrjydrq-FqpZClf7bQE14b4MK6Of3DdL-cjqNvOyIaWuIqEACwVFw_mcEd0BZ8OlCp-8knEN0t0xs9os1YphBaGX4h6BrHDnm0YLX87VLPwHoaGHnkG_OcFMo7colx6YTnnxBcpdNaMVDgi5Krxp-Vn2oyFJQVS4ILuLp6P5WOLhMNjU4bJH4G-35PJjbh-V4lY&sai=AMfl-YSACDCKW4yXOAp-ofIy1PWmQz-pbiOOMGPQmzDnUPH51ZHK_3oRZTtylhoEfmzJFhA_MNI32UsnH2MSZrcoIMhU6MVincYEjeW-Hy96uKd1sYcy1rrO0xf-pWglVlRvI9vsi3SatBpI1lpgRAQNbGIzCY-3jVkAz9khWnWEXcpORsRx6rVjTKCtz6bdN1ZgClkphWyB8ajypbPzVHqd6yzYyXWUfcHHwshXke2qUx1qEB3tB2wXsNMQxbJFDqKEzrzNWP048WOND0rckZqqZS95ue6b4eqYO05u_eZs9-c_XDt1VVxPglpOK6sGiwkBTHiL5m7eUOjyG10lAHP6OspWLUM3ZNoi89jhM2AaEzTPt-VHwCu0wvjLhvj6KC7YXWycXcCYMNKcYHaSq7-mKQ&sig=Cg0ArKJSzBYxDHWpI6tTEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=231&vt=11&dtpt=116&dett=3&cstd=112&cisv=r20220428.11432&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 17:36:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 avoury_always_on_300x600_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/8851140725476658159/images/ Frame D171 107 KB
107 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8851140725476658159/images/avoury_always_on_300x600_atlas_NP_1.jpg

Requested by

Host: 1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
URL: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c31a0c341168ec61b520e833507409eb780fd29f61ac05ac0caf5c51c0ab27fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8851140725476658159/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 22:40:54 GMT
x-content-type-options: nosniff
age: 154520
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109583
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 08:07:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 22:40:54 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 59ms
42ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022042801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbacadedcc7c91c40b121b43fc0b78bb3a6aa144668c085b8d3c7f8315b8ec2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 17:36:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10554
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FF56 42 B
64 B 51ms
49ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvR2_xPhn5OFs5sJlQL7lXScblarZGr-KcEQI4gZkI9Q30gGqhK4SF4jWqbP7FyuJt4MyXkevpmG95CkUyTfLjDHOQNhJXGk0ZG7IsQDWSEIPQXBhTq&sig=Cg0ArKJSzETCurxvILjiEAE&id=lidar2&mcvt=1028&p=224,436,314,1164&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20220427&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1666007649&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651512972980&rpt=290&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 charter.woff2
s0.2mdn.net/sadbundle/8851140725476658159/ Frame D171 53 KB
53 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8851140725476658159/charter.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd81384f187e42628894eed4bb384acd8209a3980c45c3ab285ac154f28bf9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8851140725476658159/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 22:40:54 GMT
x-content-type-options: nosniff
age: 154521
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54205
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 08:07:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 22:40:54 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 May 2022 17:36:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EF2 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVjbvjRZwYprIJ-KC9u8PwsOzqAIAAAAAOAHgBAI&bg=!FhWlFVHNAAZNIUvJbSE7ACkAdvg8WpOy31JyWjYqLVO0xLCwU6ZN5Fk9Xx40-ce4f4b7hFYDYNdV1QIAAAD3UgAAAANoAQeZAx3JeL87vZr3mbNS8t_XixQIkPmsVD9iO8oUnZIaFhVJvQRplBSt0wgJIhVQYrudE7_1jOsfkD9s52YZg0eeSRc-zjP0T3EAFeXCUjDED5tFRccKPlVHr9M80egUECQmfwU3FfhVaVaXg-FLncZi1JwzxjMJHsVXNk0tVkzdyodNY1972hWkm9QwXsPH6i8p61p2cbbAcLp-J0qOeVS9_5-bTOGcp1ba_K7ipVwWmzdjEfRWgdz6112anh__-xCKrNyjpjRuGaCPQ9D-euFCLoxaeSmQ52coSC5731rDSizKYKdxy5ZyMeBjk-4wM-0ZObeuWMKaYt-6AC9LtIcE8kfY2r2lVnIRiQJGFdrrtrq2c3LhRrD9zzwFRD0YGaGc7jfB_k2asrM1yWMTzzkUMGk4EzupDztUgNWocRwOIbc0Y_r2qsmDOt8a1mIfteM2TgLaFKy_54sY_7SLMOeaY92kLIWIytPBJ6vHTa9JbJvFCo5_W_mWDdoAvlvI4_vePzuK1lThXQ-JcEI-LYsZVEbfRs9Mxt_TuxxW64EwqxY_aZ9PGENnSHTvM7973DGwhR_pZFywyjxLP__qmOa2JL4F-wm2pFzzlRVDJ3weM4pZlKmwkSLp8NlkyhOiwYAPlGs5FTIzogZGoEpRpWyaleNVd03WIa3gIH80E-ay6l99srSy_qVpPdq-lDhy5Lgm5fUy6pD_NDdIUhYAxGfeFxRwzm89-zcT_hmPeKBuGSjOjqF3i4zLquzBK6tDt3Kxn7D_HyvcibhKPrca3tajEx8wr3j2PAZE_WO0dd8EATm_M8ALenTt4MnxyoKHaEjPQJHj7COTcismv2X6t1wEV8Ql0oXmF1Z7NLDuo8kzdBbp3ZtR17-ICLENoPePrp1KWRtyDIcuxH4TzBW34ky-Q-VjFB1pBhMojCe6pUG1tcF_5ElaJd8aPIMKH1HdYNi_KtpWLQ51OtZIHcvUVDRIq5aEgFgz26407Nef8-ipNrBl7QrsjtfrTeC_43P0khZqttUXOinfhFbj70D5aqt15YG4TsV8VAiWaMrwhO-pag

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 45EA 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 16:51:45 GMT
expires: Tue, 02 May 2023 16:51:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 873E 783 B
534 B 18ms
18ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f38918a02f441dd9d22606fbf251409e687e3665a5b0fe2b1df47b649c03c7e2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QxeCxjlpFmjuxHxqpEZwKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-QxeCxjlpFmjuxHxqpEZwKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 17:36:15 GMT
expires: Mon, 02 May 2022 17:36:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js Show response
pagead2.googlesyndication.com/bg/ Frame 45EA 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 15:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13654
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 May 2023 15:44:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 873E 0
0 48ms
47ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022042801&jk=2289476893603779&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 45EA 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?G01Kzw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 984C 42 B
64 B 43ms
42ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzM7VwiBc_lCazW3Pl2QN-H3vI_c5-4scutYWpWaoVoytyLblE9bv8N6_WZ_PW6fnkfUjrndL1TXTIveu_GdgjI_BoZz0vzWFneaH3wD7Y63OZCI3UW1rzxbRx&sai=AMfl-YS6lwBiXXtBD9PN9bvIkFGBHkkpbjwb3G3QfxiTTFGg3J7WnYGDo-e4ZTT_7kXbTN0gnGvPpvlFqOYh2aESMZgL7UEQ57B93mLKH_RsN4jlF32_VuMWW0I62wxzaVcp&sig=Cg0ArKJSzFzYHbEuO2oIEAE&id=ampim&o=436,1106&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=582&tls=1582&g=100&h=100&tt=1582&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=173361388

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C28B 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-2afuJcSKLRCdgAnGw4bok1_AJWaKdc0y_1ZxS3yFKNh1fKPW3WkfxmrBa2x19VsX8nLP9uyqJFllTVJ2X5G7C3d__laGufQ1inRTn6ajCFO_Vq64ZZSWS467&sai=AMfl-YR_IDcEdmontA2mTbsmMj8QKgf_ybe_0wL6e4J6jEPEoGU5Si_JElieYNHhGqa4xMTY6Ax-nHrbk8HayDXhpJf8iCDwIbhjddJ_Ss5LRb7By88CLAEPrCxIEFhGm699&sig=Cg0ArKJSzMrn7a5degDdEAE&cid=CAASKORoYOmmZjNPHbYJ-qSJGJhyyjw20VIa_trPMmcWWOtCv4g4EXiB090&id=lidar2&mcvt=1000&p=1041,1234,1081,1275&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3237403784&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651512973432&rpt=590&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
52ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022042801&jk=2289476893603779&bg=!09Cl0JTNAAZNIUvJbSE7ACkAdvg8WhnN2D0VILKardLy5sUaX085dcfaGnLLLjDSkPd2ynHmPDce1AIAAABnUgAAAAJoAQeZAt_pjaJjhY7v7Q5T3N0BbyLNpmarmWfUhE660PuTSKVeddFfVWPJLiL-o5FQ_JSsxza08gzx3S6VIf7hYvrVeohD23_cdKHHoZjYcCCHAKlskbfxa7AdfbhlxRuJ2twn-PtdGsPIl_xr4yJgyUa5928DBVKwfUsngNVt2NDmR2mwoVqn74XnZzI1trpRRWYxhEfYQ4ERaFKya0F6jGbCIX2834bHvV4EdF-1G3JLjc-QK_bf2BlRa3TrQ8RdRQ9G2NujFvbQAYcAmSKZNzyO4LJAnbbbCAJn-Sh5CqxkOFKIgOvI0KGP1kvVTFWDAXtNoxQC08l4Hp3hifnZTghOz2YRfu6e0U2H9FkTXjC__Jcq0-V20WSy-CYv_vWBWi7OukPk-l1voAIhkpDflHB-PW0ptXhEg1KLLCR9Pdapz5jH46hUGZoxkVeszhIw-zHupiv9EV-7arsBkfVOSydTAM5eM1A1zjfX0rDbExa-ONSfnZVOwCa5f6_BrtDzMxbeR808jHgogVTVnpfwM9HVx_zAxK-LE9ns2Jw6IfVIhHbCgHuNVu16PdoYQ6MeqddBYOhgtAFVR6Ldm0zsQsLa7Dstgfd62UGjQjmW6aVy5ocsmcAc7jh0m2nHRaSFRtdpv0NNOEd1szObtLRCsz-sugYZHOh2jTkdJELC2C3k4vf3nJSQbVVqPRvtbMt_BaHeb699sRMoUy4Vj00Hm4ddM5C4bPThx30CBUAxy7V0jQYk8gtSo8i5V2cXx26nGVbF162BcpVW2C5f-Y29ybhB0swV1CCcMkMQhavXL2vV4AZuiexEk_JZ-iCzHZehz_Z3aEYjRgHrvruOyBO4y7IyPF3KJ9wJhXWNgrA_fW00D-Y3l9i7rg6IJQSYzyLGnQk4y0XE-YImPrXCBqpL0SrkXWc-MDFLvxxmN76G2efI-dWngtkGNROLHOFX6J3en-u6wpb23aPQ_WC0LivrgB4GQsQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

POST
H/1.1 200
OK abt Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame CD5A 0
317 B 167ms
167ms XHR
application/x-protobuf 18.221.123.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/abt?v=160402
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.221.123.94 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-221-123-94.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Mon, 02 May 2022 17:36:18 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2

200

sync Show response
eb2.3lift.com/ Frame E1A5
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1022 B

9ms
9ms

Document
text/html

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 551a67adb8ef25abbf1f37a6e6723ff86d30dd7d3fd6d31c5b205c4d9d571cfe

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 455
content-type: text/html; charset=utf-8
date: Mon, 02 May 2022 17:36:18 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Mon, 02 May 2022 17:36:18 GMT
location: /sync?&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame A172 0
91 B 65ms
23ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 02 May 2022 17:36:18 GMT
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 00AF 0
0 1091ms
100ms Document
text/plain 67.202.105.23

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bgZdFqByur67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 -, , ASN (),
Reverse DNS
Software: 33XP003 /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Mon, 02 May 2022 17:36:19 GMT
server: 33XP003
x-33x-status: 2000208

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame A5E2 0
80 B 63ms
24ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 02 May 2022 17:36:18 GMT
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1

200
OK

usersync Show response
usersync.gumgum.com/ Frame 07B9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YnAWkgAGWDgwUgAZ
https://usersync.gumgum.com/usersync?b=atm&i=YnAWkgAGWDgwUgAZ&gdpr=1&gdpr_consent=&_test=YnAWkgAGWDgwUgAZ

35 B
296 B

140ms
30ms

Document
image/gif

34.241.235.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=YnAWkgAGWDgwUgAZ&gdpr=1&gdpr_consent=&_test=YnAWkgAGWDgwUgAZ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.235.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-235-173.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
content-length: 35
content-type: image/gif
date: Mon, 02 May 2022 17:36:18 GMT
expires: 0
pragma: no-cache
server: envoy
x-envoy-upstream-service-time: 0
x-region: ireland

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Mon, 02 May 2022 17:36:18 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=YnAWkgAGWDgwUgAZ&gdpr=1&gdpr_consent=&_test=YnAWkgAGWDgwUgAZ
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4051-HHN
x-timer: S1651512979.727163,VS0,VE0

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 55D4 70 B
264 B 98ms
31ms Document
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 02 May 2022 17:36:18 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 28EF 52 KB
17 KB 61ms
8ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 46188
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 02 May 2022 17:36:18 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 01 May 2022 04:46:28 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 3, 610062
X-Served-By: cache-lga21948-LGA, cache-hhn4057-HHN
X-Timer: S1651512979.630355,VS0,VE0

GET
H2

200

sync Show response
eb2.3lift.com/ Frame AA16
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1022 B

8ms
8ms

Document
text/html

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 551a67adb8ef25abbf1f37a6e6723ff86d30dd7d3fd6d31c5b205c4d9d571cfe

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 455
content-type: text/html; charset=utf-8
date: Mon, 02 May 2022 17:36:18 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Mon, 02 May 2022 17:36:18 GMT
location: /sync?&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 2000248.html Show response
sync.serverbid.com/ss/ Frame 4C33 2 KB
942 B 52ms
10ms Document
text/html 18.66.248.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.serverbid.com/ss/2000248.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-32.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35247b5335f31105e6a22498ceaf264f88dbdd2ecc64114afe2fe3c9eeff5035

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13442
content-encoding: br
content-type: text/html
date: Mon, 02 May 2022 13:52:17 GMT
etag: W/"b3c2f14ab62b70ce357a703cb70f1a0d"
last-modified: Sun, 01 May 2022 08:00:04 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-amz-cf-id: qHEzLoXiJ1580ll2s6kv2uEXx5HqpQVavLnvn21TyWRwgj9mD71xzw==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 554F 52 KB
17 KB 59ms
8ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 46188
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 02 May 2022 17:36:18 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 01 May 2022 04:46:28 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 3, 635350
X-Served-By: cache-lga21948-LGA, cache-hhn4035-HHN
X-Timer: S1651512979.632249,VS0,VE0

GET
H2 200 2000248.html Show response
sync.serverbid.com/ss/ Frame E63E 2 KB
943 B 50ms
11ms Document
text/html 18.66.248.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.serverbid.com/ss/2000248.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-32.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35247b5335f31105e6a22498ceaf264f88dbdd2ecc64114afe2fe3c9eeff5035

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13442
content-encoding: br
content-type: text/html
date: Mon, 02 May 2022 13:52:17 GMT
etag: W/"b3c2f14ab62b70ce357a703cb70f1a0d"
last-modified: Sun, 01 May 2022 08:00:04 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-amz-cf-id: Xdxn1EY_okzLAXesB9MuH36cL2W2lK5fdkIZFKr-TVKVVXHKEnYOjw==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 3A5F 281 B
554 B 35ms
9ms Document
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 02 May 2022 17:36:18 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame AA16 70 B
265 B 33ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA16
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY2MjE5NTIwNzM4Nzk5Nzg1ODAwNw%3D%3D

170 B
188 B

20ms
18ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY2MjE5NTIwNzM4Nzk5Nzg1ODAwNw%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY2MjE5NTIwNzM4Nzk5Nzg1ODAwNw%3D%3D
date: Mon, 02 May 2022 17:36:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame AA16 170 B
188 B 19ms
18ms Image
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA16
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY2MjE5NTIwNzM4Nzk5Nzg1ODAwNw%3D%3D

170 B
188 B

29ms
22ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY2MjE5NTIwNzM4Nzk5Nzg1ODAwNw%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY2MjE5NTIwNzM4Nzk5Nzg1ODAwNw%3D%3D
date: Mon, 02 May 2022 17:36:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame AA16 0
386 B 197ms
170ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4662195207387997858007&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:17 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 15832A7A6B1B46FB909AE943826C3443 Ref B: FRAEDGE1111 Ref C: 2022-05-02T17:36:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXeCtRwwAM9rzYmKxFPsA==

GET
H2

200

xuid
eb2.3lift.com/ Frame AA16
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/4662195207387997858007?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-MrAXkNVE2oTa5_e_j82HncDNB7PirTCO6z3hzgmxug--~A&dongle=0883

37 B
355 B

12ms
12ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-MrAXkNVE2oTa5_e_j82HncDNB7PirTCO6z3hzgmxug--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Mon, 02 May 2022 17:36:18 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-MrAXkNVE2oTa5_e_j82HncDNB7PirTCO6z3hzgmxug--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame AA16 43 B
220 B 327ms
8ms Image
image/gif 35.156.115.11

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=4662195207387997858007&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.115.11 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 17:36:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame AA16 42 B
595 B 76ms
31ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=4662195207387997858007&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:18 GMT
etag: "8120eaf0ff3ad81:0"
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 334A868F7176465FB5D4C111EE966478 Ref B: FRA31EDGE0621 Ref C: 2022-05-02T17:36:18Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame AA16
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4662195207387997858007
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4662195207387997858007&dcc=t

0
0

133ms
96ms

Image
text/html

209.54.180.144

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4662195207387997858007&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Server: 209.54.180.144 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: DB9Y29P3JKAXRDPD675M
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4662195207387997858007&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame AA16
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Mon, 02 May 2022 17:36:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E1A5 70 B
264 B 31ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E1A5
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY2MjE5NTIwNzM4Nzk5Nzg1ODAwNw%3D%3D

170 B
188 B

21ms
19ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY2MjE5NTIwNzM4Nzk5Nzg1ODAwNw%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY2MjE5NTIwNzM4Nzk5Nzg1ODAwNw%3D%3D
date: Mon, 02 May 2022 17:36:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame E1A5 170 B
188 B 19ms
17ms Image
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E1A5
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY2MjE5NTIwNzM4Nzk5Nzg1ODAwNw%3D%3D

170 B
188 B

26ms
19ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY2MjE5NTIwNzM4Nzk5Nzg1ODAwNw%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY2MjE5NTIwNzM4Nzk5Nzg1ODAwNw%3D%3D
date: Mon, 02 May 2022 17:36:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame E1A5 0
921 B 143ms
119ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4662195207387997858007&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:17 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A37E88FC1BCC417D9666211B479245C3 Ref B: FRAEDGE1111 Ref C: 2022-05-02T17:36:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXeCtRwwfN7ar2kwW+6bQ==

GET
H2

200

xuid
eb2.3lift.com/ Frame E1A5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/4662195207387997858007?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-YDtytoZE2oTxRBudJZjp3io99aFfAcvkgK6MmRIgyw--~A&dongle=0883

37 B
355 B

11ms
11ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-YDtytoZE2oTxRBudJZjp3io99aFfAcvkgK6MmRIgyw--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Mon, 02 May 2022 17:36:18 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-YDtytoZE2oTxRBudJZjp3io99aFfAcvkgK6MmRIgyw--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame E1A5 43 B
220 B 326ms
8ms Image
image/gif 35.156.115.11

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=4662195207387997858007&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.115.11 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 17:36:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame E1A5 42 B
285 B 75ms
32ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=4662195207387997858007&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:18 GMT
etag: "8120eaf0ff3ad81:0"
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A5CFE71FD6264CE69FF27F287928CCAE Ref B: FRA31EDGE0621 Ref C: 2022-05-02T17:36:18Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame E1A5
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4662195207387997858007
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4662195207387997858007&dcc=t

0
0

97ms
96ms

Image
text/html

209.54.180.144

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4662195207387997858007&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Server: 209.54.180.144 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8CQRSF0Q2484EAHM9WXN
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4662195207387997858007&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame E1A5
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

9ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Mon, 02 May 2022 17:36:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3A5F 32 KB
10 KB 10ms
9ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 491c72842bd45dd8c53beef1cfd7915feb6627d5d2dcfac183626d3acc0da32f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 17:36:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=32324
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9542
Expires: Tue, 03 May 2022 02:35:02 GMT

GET
H2 204 um
cs.emxdgt.com/ Frame E63E 0
59 B 115ms
15ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:18 GMT
content-length: 0
content-type: text/html

GET
H2

200

usersync
x.serverbid.com/ Frame E63E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YnAWjgRXW.iS0PYjz59qoAAA%261195

35 B
392 B

327ms
94ms

Image
image/gif

54.163.129.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YnAWjgRXW.iS0PYjz59qoAAA%261195
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol: H2
Server: 54.163.129.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:19 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YnAWjgRXW.iS0PYjz59qoAAA%261195
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 306
Expires: Mon, 02 May 2022 17:36:18 GMT

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame E63E 0
474 B 57ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:18 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame E63E 0
277 B 71ms
18ms Image
text/plain 216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 02 May 2022 17:36:18 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

usersync
x.serverbid.com/ Frame E63E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2817248371535495536

35 B
394 B

337ms
93ms

Image
image/gif

54.163.129.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2817248371535495536
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol: H2
Server: 54.163.129.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:19 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:18 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 56c53a04-7a67-4bd2-99cc-ebe78a132356
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2817248371535495536
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 prebid
rtb.openx.net/sync/ Frame E63E 43 B
135 B 67ms
22ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:18 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ijmogl4rik13ip54kia4f3tsmaq414oj

GET
H2

200

usersync
exchange.consumabletv.com/ Frame E63E
Redirect Chain

https://pixel.advertising.com/ups/58321/sync?redir=true
https://pixel.advertising.com/ups/58321/sync?redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58321/sync?redir=true&apid=UP5fe970b7-ca3e-11ec-b65e-021d038352bc
https://ups.analytics.yahoo.com/ups/58321/sync?redir=true&apid=UP5fe970b7-ca3e-11ec-b65e-021d038352bc&verify=true
https://exchange.consumabletv.com/usersync?ttt=1&cn=5&dpui=UP5fe970b7-ca3e-11ec-b65e-021d038352bc

35 B
394 B

532ms
100ms

Image
image/gif

3.218.106.221

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.consumabletv.com/usersync?ttt=1&cn=5&dpui=UP5fe970b7-ca3e-11ec-b65e-021d038352bc
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol: H2
Server: 3.218.106.221 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:19 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

location: https://exchange.consumabletv.com/usersync?ttt=1&cn=5&dpui=UP5fe970b7-ca3e-11ec-b65e-021d038352bc
date: Mon, 02 May 2022 17:36:18 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 um
cs.emxdgt.com/ Frame 4C33 0
22 B 111ms
15ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:18 GMT
content-length: 0
content-type: text/html

GET
H2

200

usersync
x.serverbid.com/ Frame 4C33
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YnAWjgRXW.iS0PYjz59qoAAA%261195

35 B
394 B

308ms
94ms

Image
image/gif

54.163.129.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YnAWjgRXW.iS0PYjz59qoAAA%261195
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol: H2
Server: 54.163.129.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:19 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YnAWjgRXW.iS0PYjz59qoAAA%261195
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 306
Expires: Mon, 02 May 2022 17:36:18 GMT

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 4C33 0
478 B 60ms
18ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:18 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 4C33 0
277 B 79ms
14ms Image
text/plain 216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 02 May 2022 17:36:18 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

usersync
x.serverbid.com/ Frame 4C33
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2817248371535495536

35 B
394 B

328ms
94ms

Image
image/gif

54.163.129.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2817248371535495536
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol: H2
Server: 54.163.129.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:19 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:18 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8e746477-4355-4864-a245-b7a136b940a7
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2817248371535495536
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 4C33 43 B
351 B 56ms
17ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:17 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 5dnigb54c8b817fvikhgsh3toj4o1ik7

GET
H2

200

usersync
exchange.consumabletv.com/ Frame 4C33
Redirect Chain

https://pixel.advertising.com/ups/58321/sync?redir=true
https://pixel.advertising.com/ups/58321/sync?redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58321/sync?redir=true&apid=UP5fe970b7-ca3e-11ec-b65e-021d038352bc
https://ups.analytics.yahoo.com/ups/58321/sync?redir=true&apid=UP5fe970b7-ca3e-11ec-b65e-021d038352bc&verify=true
https://exchange.consumabletv.com/usersync?ttt=1&cn=5&dpui=UP5fe970b7-ca3e-11ec-b65e-021d038352bc

35 B
393 B

532ms
100ms

Image
image/gif

3.218.106.221

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.consumabletv.com/usersync?ttt=1&cn=5&dpui=UP5fe970b7-ca3e-11ec-b65e-021d038352bc
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol: H2
Server: 3.218.106.221 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:19 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

location: https://exchange.consumabletv.com/usersync?ttt=1&cn=5&dpui=UP5fe970b7-ca3e-11ec-b65e-021d038352bc
date: Mon, 02 May 2022 17:36:18 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1BCA 15 KB
6 KB 32ms
8ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=56872
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 02 May 2022 17:36:18 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 03 May 2022 09:24:10 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame E63E 63 B
391 B 96ms
31ms Fetch
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 91fe968f2829bc5b2804fd52c7ac151bcd6501491b694aeeba28ed922ea2a559

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:18 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sync.serverbid.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Wed, 01 Jun 2022 17:36:18 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5D71 15 KB
6 KB 28ms
10ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=56872
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 02 May 2022 17:36:18 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 03 May 2022 09:24:10 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 4C33 63 B
392 B 92ms
30ms Fetch
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 91fe968f2829bc5b2804fd52c7ac151bcd6501491b694aeeba28ed922ea2a559

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:18 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sync.serverbid.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Wed, 01 Jun 2022 17:36:18 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 28EF 0
737 B 44ms
32ms Script
text/html 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:18 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2eb53fb5-5451-4245-af9e-499a609d053d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 554F 0
737 B 36ms
16ms Script
text/html 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:18 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d241cb03-7479-486a-be5a-e4d324ae88eb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET PugMaster
image6.pubmatic.com/AdServer/ Frame 1BCA 0
0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3A5F
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VZF8LBPJQ-eHVSDsRweL5g&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=VZF8LBPJQ-eHVSDsRweL5g

43 B
797 B

179ms
179ms

Image
image/gif

52.94.222.140

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=VZF8LBPJQ-eHVSDsRweL5g

Protocol

HTTP/1.1

Server

52.94.222.140 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: JEH010242MPCPN7Q6X6K
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=VZF8LBPJQ-eHVSDsRweL5g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 3A5F 70 B
264 B 33ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 3A5F
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2P06LTZ-2-F61T&sigv=1&esig=2~623a1d178fe142441f41f723b94ff475d55b5173

0
194 B

384ms
8ms

Image
text/plain

2a00:1288:80:807::2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2P06LTZ-2-F61T&sigv=1&esig=2~623a1d178fe142441f41f723b94ff475d55b5173

Protocol

Server

2a00:1288:80:807::2 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:36:19 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2P06LTZ-2-F61T&sigv=1&esig=2~623a1d178fe142441f41f723b94ff475d55b5173
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A5F
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJQMDZMVFotMi1GNjFU

170 B
188 B

21ms
20ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJQMDZMVFotMi1GNjFU

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJQMDZMVFotMi1GNjFU
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 3A5F 0
0 52ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 3A5F
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/Cts-fQFzcFlRiV2hbmcIEg?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=155260260753572438

0
239 B

42ms
10ms

Image
image/gif

69.173.144.139

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=155260260753572438
Protocol: HTTP/1.1
Server: 69.173.144.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

date: Mon, 02 May 2022 17:36:18 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=155260260753572438
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A5F
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzczODkyZDVhMmYwMmEwY2UyOGI5ZjZiZDFkM2RkNDFlOTA5ZjA0NQ

170 B
188 B

19ms
19ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzczODkyZDVhMmYwMmEwY2UyOGI5ZjZiZDFkM2RkNDFlOTA5ZjA0NQ

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 17:36:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzczODkyZDVhMmYwMmEwY2UyOGI5ZjZiZDFkM2RkNDFlOTA5ZjA0NQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3A5F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=SS34DchaSjKjgYuoSNofXg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SS34DchaSjKjgYuoSNofXg

43 B
556 B

100ms
100ms

Image
image/gif

209.54.180.144

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SS34DchaSjKjgYuoSNofXg

Protocol

HTTP/1.1

Server

209.54.180.144 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 5WABMS0QTQY94JSSBY03
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SS34DchaSjKjgYuoSNofXg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 28EF 0
737 B 24ms
24ms Script
text/html 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:19 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7dae3999-65f1-48fc-ae85-be6c76995d4f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 554F 0
737 B 17ms
16ms Script
text/html 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 17:36:19 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c3f789ad-5fcc-4910-ac20-fab42cdc3653
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=33619824&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 04:54:48	Name: sync Value: CgoIoQEQqtngrogwCgoIgQIQqtngrogwCgoI4gEQqtngrogwCgoI5gEQqtngrogwCgoIhwIQqtngrogwCgkICRCq2eCuiDAKCQg6EKrZ4K6IMAoJCAsQqtngrogwCgoIjAIQqtngrogwCgkIXxCq2eCuiDA=
www.fox13now.com/	1969-12-31 23:59:59	Name: mnet_session_depth Value: 1%7C1651512972128
.fox13now.com/	1970-01-20 02:45:14	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth%22%2C%22sref%22:%22%22%2C%22sts%22:1651512972207%2C%22slts%22:0}
.fox13now.com/	1970-01-20 12:14:36	Name: _parsely_visitor Value: {%22id%22:%22pid=5e38545e07939cb7549f5c311b7b7698%22%2C%22session_count%22:1%2C%22last_session_ts%22:1651512972207}
.fox13now.com/	1970-01-20 20:16:24	Name: _ga Value: GA1.2.10169015.1651512972
.fox13now.com/	1970-01-20 02:46:39	Name: _gid Value: GA1.2.807165008.1651512972
.scorecardresearch.com/	1970-01-20 20:02:00	Name: UID Value: 175335027200fc900940d861651512973
.fox13now.com/	1970-01-20 02:45:13	Name: _dc_gtm_UA-27022641-1 Value: 1
.fox13now.com/	1970-01-20 02:45:13	Name: _dc_gtm_UA-29479748-9 Value: 1
.fox13now.com/	1970-01-20 02:45:13	Name: _dc_gtm_UA-40066851-1 Value: 1
.adnxs.com/	1970-01-20 04:54:48	Name: icu Value: ChgIxIZ3EAoYASABKAEwja3AkwY4AUABSAEQja3AkwYYAA..
.adnxs.com/	1970-01-20 04:54:48	Name: uuid2 Value: 2817248371535495536
.gumgum.com/	1970-01-20 11:30:48	Name: cs Value: true
.gumgum.com/	1970-01-20 03:28:24	Name: loc Value: SfolTs1ZIlP87AqGOszKmJNVTm8h7j3-iCHmf51pN31TlSyiQDMo7sYsnK63aSbQsanL5a3VZa-vIajS1hPOyNksLPPEPOmXlOOTPqsrP1c
.rubiconproject.com/	1970-01-20 11:30:48	Name: khaos Value: L2P06LTZ-2-F61T
.rubiconproject.com/	1970-01-20 11:30:48	Name: audit Value: 1\|naVuGyos1qrR8wq17LRIi14C1LCtWBX9mfsNIvv6QtrmRNeXP/he0emxgwNbkEM2v3x9nf74OVJjzOjwT/dn4eBxGCOXoSK1La0KTFi9hDCma+WVcS1g3g==
.gumgum.com/	1970-01-20 11:30:48	Name: vst Value: e_b89b54af-3e7b-4ec3-a483-d6f6c724f615
e.serverbid.com/	1970-01-20 11:30:48	Name: azk Value: ue1-sb1-76e367c3-effe-411f-9486-7a59be669b5f
.doubleclick.net/	1970-01-20 12:06:48	Name: IDE Value: AHWqTUkE_JkT_U3nD-dSnhkVV1h2ysxnbF_qrEP0ac2YzfYolIeYDB3b-Pvy4VceDGo
.fox13now.com/	1970-01-20 12:06:48	Name: __gads Value: ID=c18759ccf866347b-22d7defd89cd008b:T=1651512973:S=ALNI_Mavfd4jF4lJN9iityM35dJ1569cIA
.doubleclick.net/	1970-01-20 02:45:16	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 11:30:48	Name: CMID Value: YnAWjgRXW.iS0PYjz59qoAAA
.casalemedia.com/	1970-01-20 04:54:48	Name: CMPS Value: 5183
.adnxs.com/	1970-01-20 04:54:48	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%y@q<w!!@wnfH8K6pQK`!5=E<L5?%K/dI9?S[o(2AeC_W50t-=k4/`%0Ch0)NbZcD%nugO%v4VB%nmCG)v$''
.casalemedia.com/	1970-01-20 04:54:48	Name: CMPRO Value: 1195
.casalemedia.com/	1970-01-20 11:30:48	Name: CMRUM3 Value: 2d6270168e2760CAESENDdXVuke6EZZCsW2ireifQ
.3lift.com/	1970-01-20 04:54:48	Name: tluid Value: 4662195207387997858007
.everesttech.net/	1970-01-20 11:30:48	Name: everest_g_v2 Value: g_surferid~YnAWkgAGWDgwUgAZ
.casalemedia.com/	1970-01-20 02:46:39	Name: CMST Value: YnAWjmJwFpIA
.bing.com/	1970-01-20 12:06:48	Name: MUID Value: 05B9B5BE69896A710B9BA42668026B15
.advertising.com/	1970-01-20 11:32:15	Name: APID Value: UP5fe970b7-ca3e-11ec-b65e-021d038352bc
.ads.pubmatic.com/	1970-01-20 02:46:39	Name: KCCH Value: YES
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 02:46:39	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2336:u=1:x=1:i=1651512978:t=1651599378:v=2:sig=AQEv5C5cWIZC12a7uYRbLI4i3eeXGqyl"
.yahoo.com/	1970-01-20 11:31:10	Name: A3 Value: d=AQABBJIWcGICEE1DBeP0b0Q9zriYgpxzfXsFEgEBAQFocWJ5YgAAAAAA_eMAAA&S=AQAAAkEgcnbvYQSdH_v2iJP3b1o
.analytics.yahoo.com/	1970-01-20 11:30:48	Name: IDSYNC Value: 1901~24nt
.linkedin.com/	1970-01-20 20:17:06	Name: bcookie Value: "v=2&4bd89176-24cc-491a-87dc-310e23bf69a4"
.linkedin.com/	1970-01-20 20:12:27	Name: li_gc Value: MTswOzE2NTE1MTI5Nzg7MjswMjE/j8VuqiEzpBfKJZaOofZT6ZrMOkkc5zplXi9St9eFmQ==
.amazon-adsystem.com/	1970-01-20 08:36:34	Name: ad-id Value: A4vIUK82t03Jgbd5aHHqmEU\|t

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.cookielaw.org/consent/000000/000000.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.fox13now.com/weather/school-closings-delays?_renderer=json Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1304d4711b736d562794bc7849eda14a.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
ads.rubiconproject.com
ads.yahoo.com
adservice.google.com
adservice.google.de
analyticssystems.net
ap.lijit.com
api.ewscloud.com
assets.scrippsdigital.com
aswpsdkus.com
b1sync.zemanta.com
c.amazon-adsystem.com
c.bing.com
c2shb.ssp.yahoo.com
capi-tier-2-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.ampproject.org
cdn.cookielaw.org
cdn.parsely.com
cds.connatix.com
cm.g.doubleclick.net
connect.facebook.net
cs.emxdgt.com
d3plfjw9uod7ab.cloudfront.net
dsum-sec.casalemedia.com
e.serverbid.com
eb2.3lift.com
eus.rubiconproject.com
ewscripps-d.openx.net
ewscripps.brightspotcdn.com
exchange.consumabletv.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hblg.media.net
hbx.media.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
lit.connatix.com
log.outbrainimg.com
match.adsrvr.org
mv.outbrain.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
px.ads.linkedin.com
rtb.openx.net
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.ewscloud.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.go.sonobi.com
sync.serverbid.com
tcheck.outbrainimg.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tru.am
u.openx.net
ups.analytics.yahoo.com
use.fontawesome.com
use.typekit.net
usersync.gumgum.com
vid.connatix.com
web.hb.ad.cpe.dotomi.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.fox13now.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.serverbid.com
image6.pubmatic.com
104.102.28.29
104.92.74.8
108.157.4.121
134.209.131.220
142.250.184.194
142.250.186.34
142.250.74.194
143.204.103.127
143.204.95.188
143.204.98.10
143.204.98.104
143.204.98.18
143.204.98.34
143.204.98.53
151.101.114.132
151.101.193.108
151.101.194.49
151.101.66.137
178.162.133.149
18.195.155.181
18.221.123.94
18.66.248.32
185.33.221.14
209.54.180.144
216.52.2.48
23.35.229.181
23.35.236.201
23.35.236.247
2600:1f18:e8a:cd02:882c:d916:bae1:7722
2600:9000:2156:6a00:10:618e:d880:93a1
2600:9000:2156:d600:13:a391:88c0:21
2602:803:c003:200::21
2606:4700:20::ac43:4af5
2606:4700:3032::ac43:cb69
2606:4700::6810:9440
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:801::200a
2a00:1450:4001:802::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:827::2006
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:830::2004
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9d
2a02:26f0:3500:7::17d8:4dca
2a02:26f0:f7::5c7b:e01b
2a02:fa8:8806:20::2100
2a03:2880:f01c:216:face:b00c:0:3
2a05:d018:d29:3601:cc00:50b5:a5a9:66b7
2a06:98c1:3121::7
3.126.56.137
3.126.73.74
3.218.106.221
3.67.60.21
34.149.20.76
34.194.161.83
34.241.235.173
34.248.81.187
35.156.115.11
35.227.208.151
35.227.252.103
35.244.159.8
35.244.174.68
35.71.131.137
52.28.203.152
52.59.71.183
52.94.222.140
54.163.129.198
64.202.112.255
67.202.105.23
69.173.144.139
69.173.144.165
70.42.32.95
76.223.111.18
92.122.145.25
96.16.141.156
033c762ae0c46ea55f536da52ca696657f694addc621d84d418da6ae4fafc87f
0415c74d4763642e665ed14556d347dad0ec2517c5a095da2141be855fd802e5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08185d715323a9d85a1cf56b3051b4f7b1a6ed4e6778aa3ebdd5ad366a845905
0a472aa55e7640db7c87268a02e25a6d394d97f4a86c939d788dd3c283e641ab
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a17793a0291b59ff3b8553ec9fe1d3cccc8cf1b482a408184d3a2f4d1405f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24
18ac8d4d5ed20f07306198ab32db84bca42957ed1476fcaba14ac5d1c232e22f
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
19adaa2fa9b335ddb51340079364b18ab1497903963d60791a58e10389124d0a
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
1b100b2e9f3016d39e6f5fc04026380518f730433d1261e6dbb8f6f673c27cb1
1b2e7ca896b2c6dc5d1930c45c4835d7e6cfe63239e9784a7f3efe35e706cd8e
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1da4e7292411fa7401ad333d28c2e5bd20dbe89f3ba0428d57d44c48879293f0
1e07e272734d4232d604835b00dfb9847c36a95e2fb6a01458590618e2bbcc77
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880
2a79e90edbe846d09a8e7b14eade333cfb73e19980f78ca2102a9b6958329860
2bcbc2fead65db06dc805d3ec92e0f95cc32e4d82c1d7f9e2d4bd5ffc7b35984
2ce1db0351462b2e1bbf5112d81dd48cadfacb1e9e4cbea2207c441e78eb2511
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2ea4d73c56a292df467ee9e88a8cc18a2374049abe26e079b40770ea5b776339
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
30a9437a61cb0f44994dccdc0478aab9679c626d5d9da498b5cc00e808d23226
35247b5335f31105e6a22498ceaf264f88dbdd2ecc64114afe2fe3c9eeff5035
369e6a30a7cb1cb086adaacf21d68376bdca00de64098f901cdc18b43e89d02c
398e0dfde23d15562581d151db0ef7a00fd03035936a4dd83a113c49295937a7
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3b85d50bcf6030e3ca50c35243e8cdf98cb270a021422bd806d1ee1680fadf61
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f43dc8206d29c644ee28bc5d82e97f0b26f99cb78a41b00a272edf17324bbff
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41a28d458bc0e66416f4017910f067d9e6ae0ca802102f2555b90a53927b3a8e
43a664199b8feeac29e3117b618ab9ef8a96a215237c11b7d0b26ff4f644a2ad
44184c16fd72e51859e402906cfc8eb5cc13161916b42cf46e416bc9e3fe9850
491c72842bd45dd8c53beef1cfd7915feb6627d5d2dcfac183626d3acc0da32f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bdeb9e5df9135dafe1b06d9afc3d9417ee8d6e9f81e9987f1169dba8b4dcda8
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5343d295e7697987c6607001f3bb6d9bf54cfc6db5a77dce8b27dc5e9870066e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551a67adb8ef25abbf1f37a6e6723ff86d30dd7d3fd6d31c5b205c4d9d571cfe
556ea8be84a3bba47fb218fefab370e8f0dd0e3887728c38e1565e77e559c812
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30
5607ad5eec2c8207f27a8e873fe408b52156a2542a842529004ad1d2826b8a52
580961a03df02992e3246b5d618f1935a41715df91cb96686456842b0fc102e4
58eccc8dc67e3ccd3f1308bbc829c292407a5d80d2920d7cc85704c1973b52c6
5b771470e8bc028ed5c94b82f21eb6f3c941d093d6aebadb1dd93bf580e2521c
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5
5ebf1c39cd23649c034338045b6c7ec1847236fbe8b7151ee06ba94720454568
61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf
61b97e3c5a9341f70c36bb1252aa7a33de3a7b111493f9d6b6ae69e8961fd5ad
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62923c234036c66d2e93f8f814592445f9dd19d3b6c77a63e8d34072575675b7
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
65b64c49a86c754ec08d9c80c41cd0ce46edd45294ef43939ab8fdffa71652ea
6825fb204353117112675b7bc797d0b5532b5ee27e59c4271d7e1f88ce95c28a
682fd3b06408cf80bcbe7e1032e91737373efd7335d8a578fe073c157db59ba7
69782b84149d127db6e9407990c66a91fc8d5019f6b5a517a8c280f38dc5e663
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b5fe4b265ab9e750bf17205fbaf793bc79b66464add02890fde2af4e729d4af
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6eb9289e8f8be25e50aab4b132f8f14f5122b72b312d107ad26e2adbceeb39f7
733b1779d56fb94e7b1edcdcd8df4eaea82331d2db3ccb22c09286b3cec12fd3
7614a5bfcdf62a6df3f66e16104af543749f263f4de8f24f533434f89b1b7be7
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b7fa1aba567848d1083a63d849942b4d73673a8b9c96668bdbad58612db0bf1
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
819e5ed6193610d1204aa6ffd591e31a4a6bf3f263d416f8e1a11dabe45f1364
81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e
82ce6f78393591d0772de03794159ba8591de3a3af54b8ddd0e0ebee8aad54e9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
874cc1315f35963fb2488576f0c83489e22edfe22f6ce355e7e87e65063bbf7c
881a468b01d58bbe9a181d2afd895e58c654062571eef232f20742a12668d700
894bd4636346f9710907258043cf9936f4fcb1cf7d36bde7c1100351aae5ba96
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8dbc3f1a033b6733e96a5af1bc89d6f8ab68a5d533dcad72d56bd019e3b5b6b5
91fe968f2829bc5b2804fd52c7ac151bcd6501491b694aeeba28ed922ea2a559
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bb33fe0810edd73998b4b4e6e0a5a488d7c2b1decc621be59a2e1d8c4b87f77
9cafffd2ec0ba717288a3f96d350a82a6d0ed8b89fc08feb5389106bd764dc25
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a12c1a558db4b1e81617d339f8635c532a9fc0095bb673ef01c0f27ea2a24e9f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a246a166ebf9f6c28338ae10ebcfe6566d5bd52f9e6a02a6f3fbde5a7d73cc4c
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a679a5f4598f89af7a321f47ba64209e112fd972f974ae79f01a8d2f4ba8b5b0
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78eee44a33280cae70b7fade38a0ea36d2d3c34252c8fffe9e5d91aaf463a0c
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aee827923165555c5f8351abb465bff467dd2d81a61cde86519fe958df437bf2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc303150996575a6b7e0b472780241c2b91c7f45e4701fc43747598ef010e83
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd6cafb0d9f0509d461f9b8845027ecb7f5385ee273346f5f44efd2b328afdb3
bd81384f187e42628894eed4bb384acd8209a3980c45c3ab285ac154f28bf9a0
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
c1a02d5882714625fc7d5895544ee7776c267ad80af48e1847f10cf9dd18aefe
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c31a0c341168ec61b520e833507409eb780fd29f61ac05ac0caf5c51c0ab27fd
c3e224c9f404df7213023634a6855fc7dca9218aa5af375929e17d216b97e64b
c5926648f31a298f336b654aa3656085350c79e9c1810cb22cb2c24bfc41a2ec
c679c5e725893da0461190852bcb25fe023b9d01cb188622e711a89424159510
c73d9cadd6379c9dd0bc8af8544f61abbd4e7d449a4a0740f284e7d0f5b6b92a
c9f567a22fd4d8c6d32167c66f201685aaa09bc9ad88315a27c40ea4b75d0f5e
ca4fd5efb0d1a70284709d6dde51a8477a28115b5c8a453aafcaf394bd1b5fbf
cc25082cad83b67bd4f23160f591b3d15dbf9eaddd6825bc5a2122bd1903a4d6
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08019d740a977b51645ff931dcce8de0fb4fc53864a5274d026adce3799101e
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d13435a48b794b66ebaada6ee378b52822f77c1fd83f3ab71643c2332106e8dc
d1f9c5c64d175a8bc389afa09401c72262f33961d56241d00902c2a397eac4e7
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d423390d393a77e15c6a77da83acdfbb9d8262d19d8d93501c05a825f0e107c1
d46651a0642c39afc570af89ad0b4373250d4002c05e92282aab4b289c4771d8
d536966adfb264a5bf8db50aa3cdad7b8ee1abab313d1a6dfaa6bcdf7461a3d4
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42
ddbfb6686c9180afd17138b97efe096a93406e21d1cc7cfc0f4bda98fc38fca6
ddc53662bf62d8109510f975196794936006c340e663a089685acdfb4ac9bf98
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e292c91fb15681f0c7a6f608ecdd8d7c254eb4f5eddd968cf3b7b164d6703c18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa
eb8821e4441e234a154be5e4a0d8431dd138e8f3bcbd66a30045f27ef40fb0c3
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f027d6553533e963630b1d0992d5ca83562645cbb955de496b40c41eddd1978e
f0f18a3c3952280b727ecdf5f62fb2b4754367e287f06e9b3b586f2c07146754
f38918a02f441dd9d22606fbf251409e687e3665a5b0fe2b1df47b649c03c7e2
f5699a9f1ae7a130fcd36591551ae1443606804654acae67173e1c9dda43848b
f5c4c44a3bf0896103ad153f498797871c1f22dd43d3eac10ef9ce7cbd838d7b
f81c4b32e0d523fe22b671c2cbd5bc0285ff19e5a2deb58a00d84077fe6cb8a6
fbacadedcc7c91c40b121b43fc0b78bb3a6aa144668c085b8d3c7f8315b8ec2b
fdcb74f626ef8f1059c0e3bd503017b8fdda4a54afcc26a4da734f5fd5c7a87a
fe0bde94840de6bce7c3f8ef0a050d3af8e7813a03ac08e20f5d15505fab9017

www.fox13now.com Open in urlscan Pro 143.204.98.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

281 Requests

86 %HTTPS

38 %IPv6

54 Domains

99 Subdomains

82 IPs

7 Countries

4013 kBTransfer

15091 kBSize

39 Cookies

19 Outgoing links

Redirected requests

281 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.fox13now.com Open in urlscan Pro
143.204.98.34 Public Scan

Screenshot
Live screenshot

Full Image

281
Requests

86 %
HTTPS

38 %
IPv6

54
Domains

99
Subdomains

82
IPs

7
Countries

4013 kB
Transfer

15091 kB
Size

39
Cookies

281 HTTP transactions
-3 data transactions