www.ksl.com Open in urlscan Pro
64.147.131.201 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Effective URL:
https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Submission: On October 26 via manual (October 26th 2022, 10:24:54 pm UTC) from IN — Scanned from DE

Summary HTTP 234 Redirects Links 71 Behaviour Indicators

Summary

This website contacted 76 IPs in 10 countries across 67 domains to perform 234 HTTP transactions. The main IP is 64.147.131.201, located in Salt Lake City, United States and belongs to DDMINC, US. The main domain is www.ksl.com. The Cisco Umbrella rank of the primary domain is 70753.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 7th 2022. Valid for: a year.

This is the only time www.ksl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 8	64.147.131.201 64.147.131.201	11319 (DDMINC) (DDMINC)
2	18.66.2.120 18.66.2.120	16509 (AMAZON-02) (AMAZON-02)
12	13.32.23.199 13.32.23.199	16509 (AMAZON-02) (AMAZON-02)
21	64.147.131.160 64.147.131.160	11319 (DDMINC) (DDMINC)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	64.147.128.162 64.147.128.162	11319 (DDMINC) (DDMINC)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1 2	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
3	99.86.4.76 99.86.4.76	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:3200:10:ce97:9fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	130.211.32.235 130.211.32.235	15169 (GOOGLE) (GOOGLE)
6	3.124.173.63 3.124.173.63	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
8	108.157.4.6 108.157.4.6	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:de1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.232.40.53 18.232.40.53	14618 (AMAZON-AES) (AMAZON-AES)
2 3	54.247.105.151 54.247.105.151	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
11	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
10	34.252.126.43 34.252.126.43	16509 (AMAZON-02) (AMAZON-02)
2	129.80.94.115 129.80.94.115	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
8	2606:4700:20:... 2606:4700:20::ac43:4591	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	104.22.58.219 104.22.58.219	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:440... 2606:4700:4400::ac40:950d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	34.96.67.224 34.96.67.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
1	34.102.232.42 34.102.232.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.81.202.99 35.81.202.99	16509 (AMAZON-02) (AMAZON-02)
1	64.147.130.148 64.147.130.148	11319 (DDMINC) (DDMINC)
1	13.32.28.197 13.32.28.197	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
4	88.221.168.201 88.221.168.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.248.14 18.66.248.14	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:233... 2606:2800:233:f76:14f7:d635:25c4:c8d7	15133 (EDGECAST) (EDGECAST)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	52.50.22.36 52.50.22.36	16509 (AMAZON-02) (AMAZON-02)
1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1 2	185.86.137.107 185.86.137.107	201081 (SMARTADSE...) (SMARTADSERVER)
2 4	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	23.203.77.3 23.203.77.3	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
7 7	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	72.251.249.9 72.251.249.9	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	216.52.2.19 216.52.2.19	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	138.197.50.103 138.197.50.103	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3 3	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	69.166.1.12 69.166.1.12	27630 (AS-XFERNET) (AS-XFERNET)
3 3	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
4 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 1	44.205.83.43 44.205.83.43	14618 (AMAZON-AES) (AMAZON-AES)
1	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 17	34.247.205.196 34.247.205.196	16509 (AMAZON-02) (AMAZON-02)
3 3	3.122.84.21 3.122.84.21	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
5 5	70.42.32.63 70.42.32.63	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	2606:2800:220... 2606:2800:220:1:248:1893:25c8:1946	15133 (EDGECAST) (EDGECAST)
1 1	44.195.225.141 44.195.225.141	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a05:d018:d29... 2a05:d018:d29:3602:b152:500b:646e:5f14	16509 (AMAZON-02) (AMAZON-02)
1 1	52.23.100.184 52.23.100.184	14618 (AMAZON-AES) (AMAZON-AES)
1	150.136.26.45 150.136.26.45	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	38.91.45.7 38.91.45.7	398989 (DEEPINTENT) (DEEPINTENT)
1 1	104.76.200.221 104.76.200.221	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	34.255.156.219 34.255.156.219	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 2	18.156.32.70 18.156.32.70	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.215.52 124.146.215.52	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	185.86.139.113 185.86.139.113	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	162.254.186.187 162.254.186.187	33695 (SCALEMATRIX) (SCALEMATRIX)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	173.231.178.117 173.231.178.117	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	35.214.174.31 35.214.174.31	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.230.100.254 35.230.100.254	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
234	76

8 64.147.131.201 (Salt Lake City, United States) 2 redirects

ASN11319 (DDMINC, US)
PTR: ksl.com

www.ksl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
news-api.ksl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.2.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-120.txl50.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.32.23.199 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-199.fra56.r.cloudfront.net

d3njgrq4uvb497.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 64.147.131.160 (Salt Lake City, United States)

ASN11319 (DDMINC, US)
PTR: img.bonnint.net

static.ksl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.ksl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.147.128.162 (Salt Lake City, United States)

ASN11319 (DDMINC, US)

media.ksl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-76.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:3200:10:ce97:9fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.durationmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

prebidads.revcatch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.32.235 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 235.32.211.130.bc.googleusercontent.com

static.rubyblu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.124.173.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com

data.privacy.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 108.157.4.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-6.dus51.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:de1 (United States)

ASN13335 (CLOUDFLARENET, US)

app.protectsubrev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.232.40.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-40-53.compute-1.amazonaws.com

be.durationmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.247.105.151 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-105-151.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.252.126.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-126-43.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 129.80.94.115 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

deseret.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::ac43:4591 (United States)

ASN13335 (CLOUDFLARENET, US)

pages.protectsubrev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.protectsubrev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.58.219 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

media.twiliocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::ac40:950d (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

ksl-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.siftscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.232.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com

hexagon-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.202.99 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-202-99.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.147.130.148 (Salt Lake City, United States)

ASN11319 (DDMINC, US)
PTR: messages-microservice.ksl.com

messages-microservice.ksl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.28.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-14.dus51.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:f76:14f7:d635:25c4:c8d7 (United States)

ASN15133 (EDGECAST, US)

ad-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.22.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-22-36.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.107 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.77.3 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.211.116 (Frankfurt am Main, Germany) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.19 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.197.50.103 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

x.yieldlift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (Amsterdam, Netherlands) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.85.234 (Schiphol, Netherlands) 3 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.205.83.43 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-83-43.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 34.247.205.196 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.122.84.21 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-84-21.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 70.42.32.63 (United States) 5 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:220:1:248:1893:25c8:1946 (United States)

ASN15133 (EDGECAST, US)

www.example.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.225.141 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-225-141.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:b152:500b:646e:5f14 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.23.100.184 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-100-184.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.76.200.221 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.156.219 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-156-219.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.32.70 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-32-70.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.52 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.254.186.187 (Escondido, United States) 1 redirects

ASN33695 (SCALEMATRIX, US)
PTR: www.abcbymebath.com

demand.trafficroots.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.128.147 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.178.117 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-delivery-9.sys.adgear.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.174.31 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 31.174.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.230.100.254 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 254.100.230.35.bc.googleusercontent.com

pixel.rubyblu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	ksl.com 2 redirects www.ksl.com — Cisco Umbrella Rank: 70753 static.ksl.com — Cisco Umbrella Rank: 88781 img.ksl.com — Cisco Umbrella Rank: 82659 media.ksl.com — Cisco Umbrella Rank: 155287 news-api.ksl.com — Cisco Umbrella Rank: 72555 messages-microservice.ksl.com — Cisco Umbrella Rank: 89105	381 KB
24	googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 147 1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	303 KB
18	gumgum.com 1 redirects g2.gumgum.com — Cisco Umbrella Rank: 1430 usersync.gumgum.com — Cisco Umbrella Rank: 2144	6 KB
15	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 84 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	162 KB
12	cloudfront.net d3njgrq4uvb497.cloudfront.net	419 KB
11	rubiconproject.com 2 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 929 eus.rubiconproject.com — Cisco Umbrella Rank: 596 pixel.rubiconproject.com — Cisco Umbrella Rank: 347 token.rubiconproject.com — Cisco Umbrella Rank: 682 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 852	22 KB
11	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 1663 public.servenobid.com — Cisco Umbrella Rank: 3473	8 KB
10	protectsubrev.com app.protectsubrev.com — Cisco Umbrella Rank: 41592 pages.protectsubrev.com — Cisco Umbrella Rank: 42916	58 KB
8	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 1699	220 KB
8	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2866 data.privacy.ensighten.com — Cisco Umbrella Rank: 8193	71 KB
7	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 232 secure.adnxs.com — Cisco Umbrella Rank: 438	7 KB
7	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 470 ads.pubmatic.com — Cisco Umbrella Rank: 495 image6.pubmatic.com — Cisco Umbrella Rank: 671 image8.pubmatic.com — Cisco Umbrella Rank: 590	32 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1212 q.stripe.com — Cisco Umbrella Rank: 7555 m.stripe.com — Cisco Umbrella Rank: 1150	97 KB
6	yahoo.com 5 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 294 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426	2 KB
6	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542	4 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	96 KB
6	cookiepro.com cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 6432	105 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 78	1 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32 region1.google-analytics.com — Cisco Umbrella Rank: 2668	21 KB
5	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 863 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 640	2 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	213 KB
5	durationmedia.net tag.durationmedia.net — Cisco Umbrella Rank: 6490 be.durationmedia.net — Cisco Umbrella Rank: 6605	35 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356	1 KB
4	technoratimedia.com deseret.technoratimedia.com — Cisco Umbrella Rank: 124218 ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 2666 sync.technoratimedia.com — Cisco Umbrella Rank: 1204	8 KB
3	outbrain.com 3 redirects sync.outbrain.com — Cisco Umbrella Rank: 832	1000 B
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	2 KB
3	a-mo.net 3 redirects prebid.a-mo.net — Cisco Umbrella Rank: 924	2 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 543	2 KB
3	lijit.com 2 redirects ce.lijit.com — Cisco Umbrella Rank: 918 ap.lijit.com — Cisco Umbrella Rank: 599	2 KB
3	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 313 s.amazon-adsystem.com — Cisco Umbrella Rank: 296	46 KB
3	openx.net 2 redirects ksl-d.openx.net — Cisco Umbrella Rank: 132986 us-u.openx.net — Cisco Umbrella Rank: 409	58 KB
3	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 508	730 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	215 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 657	700 B
2	emxdgt.com 2 redirects cs.emxdgt.com — Cisco Umbrella Rank: 1055	529 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 578	633 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 681	623 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 560	1 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1274	17 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6045 adservice.google.de — Cisco Umbrella Rank: 8724	1 KB
2	rubyblu.com static.rubyblu.com — Cisco Umbrella Rank: 90162 pixel.rubyblu.com — Cisco Umbrella Rank: 110992	8 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com — Cisco Umbrella Rank: 7140	55 KB
1	ad4m.at ad4m.at — Cisco Umbrella Rank: 9937
1	loopme.me csync.loopme.me — Cisco Umbrella Rank: 890	40 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1435	283 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 584	98 B
1	trafficroots.com 1 redirects demand.trafficroots.com — Cisco Umbrella Rank: 3537	633 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1201	694 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 462	661 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 538	388 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 504	755 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 891	44 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 934	465 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 723	581 B
1	example.com www.example.com — Cisco Umbrella Rank: 19393
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 729	513 B
1	disqus.com 1 redirects ssp.disqus.com — Cisco Umbrella Rank: 1707	471 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 373	140 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 983	500 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 740	735 B
1	yieldlift.com 1 redirects x.yieldlift.com — Cisco Umbrella Rank: 3611	277 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 777
1	hexagon-analytics.com hexagon-analytics.com — Cisco Umbrella Rank: 5254	297 B
1	siftscience.com cdn.siftscience.com — Cisco Umbrella Rank: 7554	20 KB
1	twiliocdn.com media.twiliocdn.com — Cisco Umbrella Rank: 20180	119 KB
1	revcatch.com prebidads.revcatch.com — Cisco Umbrella Rank: 55026	7 KB
1	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 435	127 KB
234	67

	Domain	Requested by
17	usersync.gumgum.com	1 redirects g2.gumgum.com
15	tpc.googlesyndication.com	www.ksl.com tagan.adlightning.com 1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com
15	static.ksl.com	www.ksl.com static.ksl.com
12	d3njgrq4uvb497.cloudfront.net	www.ksl.com d3njgrq4uvb497.cloudfront.net
11	securepubads.g.doubleclick.net	www.ksl.com www.googletagservices.com 1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com
10	ads.servenobid.com	www.ksl.com public.servenobid.com g2.gumgum.com ssbsync.smartadserver.com ssum-sec.casalemedia.com
8	tagan.adlightning.com	www.ksl.com tagan.adlightning.com 1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com
7	pagead2.googlesyndication.com	www.ksl.com tpc.googlesyndication.com www.googletagservices.com
7	www.ksl.com	2 redirects www.ksl.com
6	s0.2mdn.net	tagan.adlightning.com s0.2mdn.net
6	cookie-cdn.cookiepro.com	www.ksl.com
6	app.protectsubrev.com	www.ksl.com
6	data.privacy.ensighten.com	www.ksl.com
6	img.ksl.com	www.ksl.com d3njgrq4uvb497.cloudfront.net
5	ib.adnxs.com	5 redirects
5	www.google.com	www.ksl.com tagan.adlightning.com
5	www.googletagservices.com	www.ksl.com tagan.adlightning.com 1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com
4	ups.analytics.yahoo.com	4 redirects
4	match.adsrvr.org	public.servenobid.com g2.gumgum.com ssum-sec.casalemedia.com
4	eus.rubiconproject.com	public.servenobid.com g2.gumgum.com eus.rubiconproject.com
4	ssum-sec.casalemedia.com	2 redirects public.servenobid.com ssum-sec.casalemedia.com
4	ads.pubmatic.com	www.ksl.com public.servenobid.com g2.gumgum.com
4	pages.protectsubrev.com	www.ksl.com
4	be.durationmedia.net	www.ksl.com
4	www.google-analytics.com	www.ksl.com
3	rtb-csync.smartadserver.com	ssbsync.smartadserver.com
3	cm.g.doubleclick.net	2 redirects g2.gumgum.com
3	sync.outbrain.com	3 redirects
3	x.bidswitch.net	3 redirects
3	prebid.a-mo.net	3 redirects
3	sync.1rx.io	3 redirects
3	q.stripe.com	www.ksl.com
3	match.prod.bidr.io	2 redirects www.ksl.com
3	js.stripe.com	www.ksl.com js.stripe.com
3	www.googletagmanager.com	www.ksl.com
2	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	token.rubiconproject.com	eus.rubiconproject.com
2	creativecdn.com	2 redirects
2	cs.emxdgt.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	ad.360yield.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
2	us-u.openx.net	2 redirects
2	secure.adnxs.com	2 redirects
2	ce.lijit.com	2 redirects
2	pixel.rubiconproject.com	public.servenobid.com eus.rubiconproject.com
2	secure-assets.rubiconproject.com	2 redirects
2	ssbsync.smartadserver.com	1 redirects public.servenobid.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com	www.ksl.com
2	deseret.technoratimedia.com	www.ksl.com
2	region1.google-analytics.com	www.ksl.com
2	cdn.mouseflow.com	1 redirects www.ksl.com
2	nexus.ensighten.com	www.ksl.com
1	pixel.rubyblu.com	www.ksl.com
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	ad4m.at	ssum-sec.casalemedia.com
1	csync.loopme.me	ssum-sec.casalemedia.com
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	id.rlcdn.com	ssbsync.smartadserver.com
1	demand.trafficroots.com	1 redirects
1	tg.socdm.com	1 redirects
1	sync.mathtag.com	1 redirects
1	bh.contextweb.com	1 redirects
1	stags.bluekai.com	1 redirects
1	match.deepintent.com	g2.gumgum.com
1	sync.technoratimedia.com	g2.gumgum.com
1	sync.ipredictive.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	www.example.com	g2.gumgum.com
1	cms.quantserve.com	1 redirects
1	image8.pubmatic.com	public.servenobid.com
1	ssp.disqus.com	1 redirects
1	eb2.3lift.com	public.servenobid.com
1	sync.go.sonobi.com	public.servenobid.com
1	p.rfihub.com	1 redirects
1	x.yieldlift.com	1 redirects
1	ap.lijit.com	public.servenobid.com
1	onetag-sys.com	public.servenobid.com
1	g2.gumgum.com	public.servenobid.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ad-cdn.technoratimedia.com	www.ksl.com
1	public.servenobid.com	www.ksl.com
1	c.amazon-adsystem.com	www.ksl.com
1	messages-microservice.ksl.com	www.ksl.com
1	m.stripe.com	m.stripe.network
1	hexagon-analytics.com
1	cdn.siftscience.com	www.ksl.com
1	adservice.google.com	www.ksl.com
1	adservice.google.de	www.ksl.com
1	ksl-d.openx.net	www.ksl.com
1	news-api.ksl.com	www.ksl.com
1	media.twiliocdn.com	www.ksl.com
1	www.google.de	www.ksl.com
1	hbopenbid.pubmatic.com	www.ksl.com
1	stats.g.doubleclick.net	www.ksl.com
1	static.rubyblu.com	www.ksl.com
1	prebidads.revcatch.com	www.ksl.com
1	tag.durationmedia.net	www.ksl.com
1	media.ksl.com	www.ksl.com
1	imasdk.googleapis.com	www.ksl.com
234	103

This site contains links to these domains. Also see Links.

Domain
www.ksltv.com
live.ksl.com
studio5.ksl.com
www.ksloutdoors.com
www.readtoday.com
ksltv.com
kslnewsradio.com
www.thememories.com
classifieds.ksl.com
myaccount.ksl.com
support.ksl.com
cars.ksl.com
homes.ksl.com
jobs.ksl.com
services.ksl.com
www.deseretdigital.com
www.cnn.com
www.facebook.com
twitter.com
www.instagram.com
publicfiles.fcc.gov
deseretdigital.com
deseretmediacompanies.com
www.adlightning.com
googleads.g.doubleclick.net
www.cookiepro.com
onetrust.com

Subject Issuer	Validity	Valid
*.ksl.com Go Daddy Secure Certificate Authority - G2	`2022-06-07` - `2023-06-17`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-07` - `2023-10-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-10-19` - `2023-01-11`	3 months	crt.sh
*.durationmedia.net Amazon	`2022-09-16` - `2023-10-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-21` - `2023-05-21`	a year	crt.sh
ads.rubyblu.com GTS CA 1D4	`2022-10-02` - `2022-12-31`	3 months	crt.sh
*.privacy.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-14` - `2023-02-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.adlightning.com Amazon	`2022-06-09` - `2023-07-07`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
ads.servenobid.com Amazon	`2022-05-29` - `2023-06-27`	a year	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-15` - `2023-09-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2022-04-19` - `2023-04-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.siftscience.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-07` - `2023-01-20`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-06` - `2022-12-07`	3 months	crt.sh
*.hexagon-analytics.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-04`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-01-26`	4 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.servenobid.com Amazon	`2022-02-06` - `2023-03-07`	a year	crt.sh
*.gumgum.com Amazon	`2022-05-06` - `2023-06-04`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon	`2022-02-15` - `2023-03-16`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
loopme.com R3	`2022-09-26` - `2022-12-25`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
www.rubyblu.com R3	`2022-10-19` - `2023-01-17`	3 months	crt.sh

This page contains 31 frames:

Primary Page: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Frame ID: 280F839A2A3EF7F93A5428C8FFE0C00F
Requests: 113 HTTP requests in this frame

Frame: https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E1F139FBAF100ED4BDDDA6FDED5EDCA3
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: A36980BBB39F5D32C8D70065A081931B
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: F59D5C49DB6036C8CEEAEF0CA5C67716
Requests: 4 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js
Frame ID: F7EA94A86539431079598732B3BCC5C3
Requests: 10 HTTP requests in this frame

Frame: https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4C0070CAC09164E83D6B1748C239F926
Requests: 9 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js
Frame ID: 821CBC690BE16A8696334690FFD7F5B8
Requests: 9 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js
Frame ID: CAC87C67C5E9A3E47775F60A48A7CDA5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 23C22755F7E6EE2B66C0BAEAB2813F6E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 498C57AD0BB3D45DE70B264160561490
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/265412/5216352632/1664547595231/index.html
Frame ID: 9F4A9620E669695ECD4DFA9D35C8E134
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0BCD1B41355E6B9FD73F061F1643682C
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: EF7D23B050D1ABBEC6991312267E516B
Requests: 13 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.16.0
Frame ID: 3CA7BEB6DBF62BAB898D9B812BD0A375
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 3FB793AF4577648363EC3B0A1463184F
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 03A2E54A6270571D990E4A183780163F
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: F2D316377FCCCF2E45E1401FD721376C
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 0B4164038CE1C54A29F3DA53471F6921
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 9E50C3021663ECE46A91C81588437FCF
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: A338086F9694AA95BF0A76B7284DCD2E
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 959DBDE91C0CC065EEF875F8D7615848
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=2dec6359-b3b2-4d00-9997-d3c98eee5cad&gdpr=0&gdpr_consent=
Frame ID: 272EF7FCFCF90AB90DB4C5F38E5139DA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y1mzsgAAAYTV9QAr&gdpr=0&gdpr_consent=&_test=Y1mzsgAAAYTV9QAr
Frame ID: F597428EA4D5B015AF6DB11B72CA0476
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xODUzY2E5Yy00OWE0LTQwMjYtYTlhZS04YzMxMGRlODNkNjg=&gdpr=0&gdpr_consent=
Frame ID: 5D91A309FABADD7D88D5B1C6C622D1F3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 802AFE4F094B18E5266CC9F71B397FD2
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: CE1CC835C70A7EB397CE3198B8AF462C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=7261830710824795818brt50861666823090036653f1
Frame ID: B667C9D02AE6CA051EEC71055BFE41AE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y1mzssCo8YAAADrLbV4AAAAA
Frame ID: C1774C7CA8B4797B35EADB177293E6E3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y1mzseaCGB828-ByG7t99QAA%265164
Frame ID: 91F533EDF6F46A539F6A6D3A46807E1F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=Ti1ekD0aDn4Z61advGj0&pi=gumgum&tc=1
Frame ID: 1250A23B3811727D723E683986B0A3E9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 3BB8F614B68F40D427E386EBC96B064E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Iran says it will sue US, alleging 'direct involvement' in protests | KSL.comKSL homepageKSL homepageaccount - logged outSupportKSL homepageKSL homepageclose sub menucheck marksearchaccount - logged outSupportBack ButtonSearch IconFilter IconArrow

Page URL History Show full URLs

http://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-pro... HTTP 301
https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-pro... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sift (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.sift(?:science)?\.com/s\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Page Statistics

234
Requests

87 %
HTTPS

24 %
IPv6

67
Domains

103
Subdomains

76
IPs

10
Countries

2937 kB
Transfer

8977 kB
Size

79
Cookies

71 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ksltv.com/
Title: TV

Search URL Search Domain Scan URL

URL: https://live.ksl.com/
Title: Watch Live

Search URL Search Domain Scan URL

URL: https://www.ksltv.com/meet-our-team
Title: Meet Our Team

Search URL Search Domain Scan URL

URL: https://www.ksltv.com/category/contests/
Title: Contests & Promotions

Search URL Search Domain Scan URL

URL: https://www.ksltv.com/category/kslinvestigates/
Title: KSL Investigators

Search URL Search Domain Scan URL

URL: https://www.ksltv.com/category/high-5/
Title: High 5

Search URL Search Domain Scan URL

URL: https://studio5.ksl.com/
Title: Studio 5

Search URL Search Domain Scan URL

URL: https://www.ksloutdoors.com/
Title: Outdoors with Adam Eakle

Search URL Search Domain Scan URL

URL: https://www.ksltv.com/category/wednesdays-child/
Title: Wednesday's Child

Search URL Search Domain Scan URL

URL: http://www.readtoday.com/
Title: Read Today

Search URL Search Domain Scan URL

URL: https://ksltv.com/ksl-tv-program-guide/
Title: Program Guide

Search URL Search Domain Scan URL

URL: https://kslnewsradio.com/
Title: Radio

Search URL Search Domain Scan URL

URL: https://kslnewsradio.com/listen/
Title: Listen Live

Search URL Search Domain Scan URL

URL: https://kslnewsradio.com/schedule/
Title: KSL Schedule

Search URL Search Domain Scan URL

URL: https://kslnewsradio.com/category/podcasts
Title: Podcasts

Search URL Search Domain Scan URL

URL: https://kslnewsradio.com/meet-our-team/
Title: Meet Our Team

Search URL Search Domain Scan URL

URL: https://kslnewsradio.com/category/contests
Title: Contests & Promotions

Search URL Search Domain Scan URL

URL: https://kslnewsradio.com/subscribe-to-the-ksl-newsradio-newsletter/
Title: Newsletter Signup

Search URL Search Domain Scan URL

URL: https://www.thememories.com/ksl/obituaries
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://www.thememories.com/ksl/obituaries/create-life-story
Title: Create Life Story

Search URL Search Domain Scan URL

URL: https://www.thememories.com/ksl/obituaries/account
Title: My Life Stories

Search URL Search Domain Scan URL

URL: https://classifieds.ksl.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://myaccount.ksl.com/listings?vertical=Classifieds
Title: My Listings

Search URL Search Domain Scan URL

URL: https://myaccount.ksl.com/favorites?section=Classifieds
Title: Favorites

Search URL Search Domain Scan URL

URL: https://myaccount.ksl.com/alerts?vertical=Classifieds
Title: Saved Searches

Search URL Search Domain Scan URL

URL: https://myaccount.ksl.com/messages?section=Classifieds&meOthers=All
Title: NewMessages

Search URL Search Domain Scan URL

URL: https://classifieds.ksl.com/sell
Title: Add Listing

Search URL Search Domain Scan URL

URL: https://classifieds.ksl.com/resources
Title: Resources

Search URL Search Domain Scan URL

URL: https://support.ksl.com/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://cars.ksl.com/
Title: Cars

Search URL Search Domain Scan URL

URL: https://myaccount.ksl.com/listings?vertical=Cars
Title: My Listings

Search URL Search Domain Scan URL

URL: https://myaccount.ksl.com/favorites?section=Cars
Title: Favorites

Search URL Search Domain Scan URL

URL: https://myaccount.ksl.com/alerts?vertical=Cars
Title: Saved Searches

Search URL Search Domain Scan URL

URL: https://myaccount.ksl.com/messages?section=Cars&meOthers=All
Title: NewMessages

Search URL Search Domain Scan URL

URL: https://cars.ksl.com/sell
Title: Add Listing

Search URL Search Domain Scan URL

URL: https://cars.ksl.com/resources
Title: Resources

Search URL Search Domain Scan URL

URL: https://homes.ksl.com/
Title: Homes

Search URL Search Domain Scan URL

URL: https://myaccount.ksl.com/listings?vertical=Homes
Title: My Listings

Search URL Search Domain Scan URL

URL: https://myaccount.ksl.com/favorites?section=Homes
Title: Favorites

Search URL Search Domain Scan URL

URL: https://myaccount.ksl.com/alerts?vertical=Homes
Title: Saved Searches

Search URL Search Domain Scan URL

URL: https://myaccount.ksl.com/messages?section=Homes&meOthers=All
Title: NewMessages

Search URL Search Domain Scan URL

URL: https://homes.ksl.com/sell/sell-choice
Title: Add Listing

Search URL Search Domain Scan URL

URL: https://jobs.ksl.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://myaccount.ksl.com/listings?vertical=Jobs
Title: My Listings

Search URL Search Domain Scan URL

URL: https://myaccount.ksl.com/favorites?section=Jobs
Title: Favorites

Search URL Search Domain Scan URL

URL: https://myaccount.ksl.com/alerts?vertical=Jobs
Title: Saved Searches

Search URL Search Domain Scan URL

URL: https://jobs.ksl.com/edit
Title: Add Listing

Search URL Search Domain Scan URL

URL: https://jobs.ksl.com/resources
Title: Resources

Search URL Search Domain Scan URL

URL: https://services.ksl.com/
Title: Services

Search URL Search Domain Scan URL

URL: https://myaccount.ksl.com/listings?vertical=Services
Title: My Listings

Search URL Search Domain Scan URL

URL: https://classifieds.ksl.com/services/sell
Title: List a Business

Search URL Search Domain Scan URL

URL: https://services.ksl.com/faq
Title: Support

Search URL Search Domain Scan URL

URL: https://www.deseretdigital.com/advertising
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://www.cnn.com/specials/asia/japan
Title: Tokyo

Search URL Search Domain Scan URL

URL: https://support.ksl.com/hc/en-us/articles/1260800721790-Terms-of-Use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.facebook.com/kslcom
Title: 

Search URL Search Domain Scan URL

URL: https://twitter.com/KSLcom
Title: 

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kslcom
Title: 

Search URL Search Domain Scan URL

URL: https://support.ksl.com/hc/en-us/articles/1260800774449-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.deseretdigital.com/careers
Title: Careers with KSL.com

Search URL Search Domain Scan URL

URL: https://support.ksl.com/hc/en-us/articles/1260800669529-Privacy-Statement
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://support.ksl.com/hc/en-us/articles/1260800721610-DMCA-Notice
Title: DMCA Notice

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/ksl-tv
Title: KSL-TV FCC Public File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/fm-profile/ksl-fm
Title: KSL FM Radio FCC Public File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/am-profile/ksl
Title: KSL AM Radio FCC Public File

Search URL Search Domain Scan URL

URL: http://deseretdigital.com/
Title: Deseret Digital Media

Search URL Search Domain Scan URL

URL: http://deseretmediacompanies.com/
Title: Deseret Media Company

Search URL Search Domain Scan URL

URL: https://www.adlightning.com/

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/pcs/click?xai=OjssRD2tp9HSl_l0MgYY35bSWKQWzRh-YOBcn7z59UJ7JfAHHXxHlEORhmfA3yi3ycrmW-qWt83Fy-hisfacU1aw0H-ioOhYXc_K-hrZrcquINfabzryZptGraqPH_ema7GDl_5J0lkSUc8SGEKxGaFI7kuwj6TBRJJwxgziDuopCLkYJBvE12K-1kVWBmpSoWvpbLOmpA_2bsK5_YhKzdq1Pg38b0qo_POvqG8C-unT9BKs-FZvTCazKJH5AvycgnGS9fV6ERn3gXINp0Suh6B7UFV7stmVeMQjAhj8kro7InsX2y6wTD4&sai=AMfl-YRnHdvw7amgnFVpsmpXvsIbaJkbTfWVsVGwFFIrKe8uH7XuKGXXYvPlmxO8jdBZgV-R7IPX5zB&sig=Cg0zBOEDlf8FoGB&fbs_aeid=[gw_fbsaed]&adurl=https://www.stgeorgefor.com/&nm=4&nx=11&ny=0&mb=2

Search URL Search Domain Scan URL

URL: https://www.cookiepro.com/products/cookie-consent/

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests HTTP 301
https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.ksl.com/ensighten_news HTTP 307
https://nexus.ensighten.com/deseretdigital/ksl-com/Bootstrap.js

Request Chain 31

https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5.js HTTP 301
https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5_eu.js

Request Chain 48

https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.xv5vphvgz5o7 HTTP 303
https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.xv5vphvgz5o7&_bee_ppp=1

Request Chain 168

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Request Chain 169

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 172

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=1818209918264144733

Request Chain 173

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=FjDgrRZHjWXsarNlQ0KNADTS

Request Chain 175

https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
https://ads.servenobid.com/sync?pid=314&uid=80f64e3a-9296-4467-b3e5-9a4cdf35bd4f

Request Chain 176

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1666823089895 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3782942007

Request Chain 177

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5144588521870695983

Request Chain 179

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4239%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D3a5aef25-88ed-4036-a19b-00dc84c97818%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F4239%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D3a5aef25-88ed-4036-a19b-00dc84c97818%2526bidder%253Dappnexus%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2524UID HTTP 302
https://prebid.a-mo.net/cchain/0/4239?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=3a5aef25-88ed-4036-a19b-00dc84c97818&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=7261830710824795818 HTTP 302
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4239%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D3a5aef25-88ed-4036-a19b-00dc84c97818%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=

Request Chain 180

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-5f6Kr_1E2uH3XqUtE0EH16B_4_9IGWzVoBDlzTQ-~A

Request Chain 181

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS02YTE3N2YwMC02MzkwLTMxYTMtYmFhNC04NDNjNjA0ODYxZWUqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtNmExNzdmMDAtNjM5MC0zMWEzLWJhYTQtODQzYzYwNDg2MWVlMgEGOAE=%26buyeruid%3D HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F17379%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253D3a5aef25-88ed-4036-a19b-00dc84c97818%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAyWVRFM04yWXdNQzAyTXprd0xUTXhZVE10WW1GaE5DMDRORE5qTmpBME9EWXhaV1VxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE5tRXhOemRtTURBdE5qTTVNQzB6TVdFekxXSmhZVFF0T0RRell6WXdORGcyTVdWbE1nRUdPQUU9JmJ1eWVydWlkPQ%25253D%25253D%2526uid%253D%2523PMUID

Request Chain 182

https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
https://ads.servenobid.com/sync?pid=339&uid=y-tHbYZGZE2uFhQdtfViERidOylmXsU9pxO19Mgk8-~A

Request Chain 185

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=7261830710824795818

Request Chain 186

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_1853ca9c-49a4-4026-a9ae-8c310de83d68&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_1853ca9c-49a4-4026-a9ae-8c310de83d68&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=BZYa0lGWTdkelEqPAscC3VCWHN8ekR7YUMEOW0In HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=bfdcf2c3-9160-40f3-b4fd-7daa9841ea16

Request Chain 187

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28WsOB2rK4sDAs8DFCRRivNG5zZvAjV8FIUo5evSBcSsOVdwWCBhjOCN2T0KnuWZLl%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28WsOB2rK4sDAs8DFCRRivNG5zZvAjV8FIUo5evSBcSsOVdwWCBhjOCN2T0KnuWZLl%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_1853ca9c-49a4-4026-a9ae-8c310de83d68&obuid=ENC(WsOB2rK4sDAs8DFCRRivNG5zZvAjV8FIUo5evSBcSsOVdwWCBhjOCN2T0KnuWZLl) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://www.example.com/

Request Chain 188

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=bfac993b-d038-4b1a-a8c0-48af20282499

Request Chain 189

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-bab8f7fd-8b26-4e71-628a-af4aca590235$ip$146.70.117.86

Request Chain 190

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-E9bsXbFE2pfrtfhJBstlW7TusXKSlWkm.5_g~A

Request Chain 191

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=d5a327e2-6bf2-4684-a347-6312107d6a11

Request Chain 194

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_1853ca9c-49a4-4026-a9ae-8c310de83d68&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://stags.bluekai.com/site/23178?id=7MIL7xQxEMWlrlSOAZjI&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2N2NJFGDO6CRPBCU2V3MOJWFGT2BLJVESJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2N2NJFGDO6CRPBCU2V3MOJWFGT2BLJVESJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=7MIL7xQxEMWlrlSOAZjI&us_privacy=1---

Request Chain 195

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=4dd0ddda-dcad-4955-955b-3e55032725f2

Request Chain 196

https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=935365461

Request Chain 197

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=LguXGkqWYgUJ&ev=1&pid=558355

Request Chain 198

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=1711862179451461867

Request Chain 200

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=2dec6359-b3b2-4d00-9997-d3c98eee5cad&gdpr=0&gdpr_consent=

Request Chain 201

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y1mzsgAAAYTV9QAr HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=Y1mzsgAAAYTV9QAr&gdpr=0&gdpr_consent=&_test=Y1mzsgAAAYTV9QAr

Request Chain 205

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=7261830710824795818&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
https://usersync.gumgum.com/usersync?b=emx&i=7261830710824795818brt50861666823090036653f1

Request Chain 206

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=Y1mzssCo8YAAADrLbV4AAAAA

Request Chain 207

https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=iex&i=Y1mzseaCGB828-ByG7t99QAA%265164

Request Chain 208

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=Ti1ekD0aDn4Z61advGj0&pi=gumgum&tc=1

Request Chain 209

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 212

https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=1818209918264144733&gdpr=0&gdpr_consent=

Request Chain 213

https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=758a859c06&gdpr=0&gdpr_consent=

Request Chain 214

https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB_H07Gs2cAACDeg935fQ&gdpr=0

Request Chain 217

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1mzseaCGB828_ByG7t99QAAFCwAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1mzseaCGB828_ByG7t99QAAFCwAAAIB&dcc=t

Request Chain 218

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1mzseaCGB828-ByG7t99QAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH0zANqjZtJXJkFcA64wBfY&google_cver=1

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1mzseaCGB828_ByG7t99QAAFCwAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMq98ll0ciH1--NhmaQSRHw&google_cver=1

234 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request iran-says-it-will-sue-us-alleging-direct-involvement-in-protests Show response
www.ksl.com/article/50500779/
Redirect Chain

http://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

107 KB
31 KB

588ms
159ms

Document
text/html

64.147.131.201
DDMINC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.201 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

ksl.com

Software

Apache /

Resource Hash

332b59a58a5497379a0c8013a0a72663fd85680fe19d7d30c5ed0c7322510e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, must-revalidate, private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 26 Oct 2022 22:24:44 GMT
Expires: Wed, 26 Oct 2022 22:24:44 GMT
Keep-Alive: timeout=1, max=100
Server: Apache
Strict-Transport-Security: max-age=2592000;
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Server: b15

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Location: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Server: BigIP

GET
H2

200

Bootstrap.js Show response
nexus.ensighten.com/deseretdigital/ksl-com/
Redirect Chain

https://www.ksl.com/ensighten_news
https://nexus.ensighten.com/deseretdigital/ksl-com/Bootstrap.js

344 KB
70 KB

118ms
32ms

Script
application/javascript

18.66.2.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/deseretdigital/ksl-com/Bootstrap.js
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: H2
Server: 18.66.2.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-120.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: de7d881e5092890489156ca9b153405feb9f7d6d63e6dcc6239a563bcf117708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 19:52:26 GMT
x-amz-version-id: qrTm3ynqgkAdB3EVX6UMEa.3L6CvGtC.
content-encoding: br
via: 1.1 eedf8ac56e4e1ec3b240557514df9d64.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
age: 181940
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 24 Oct 2022 19:52:01 GMT
server: AmazonS3
etag: W/"6adf9610b33653c0f87df8edbec6f82f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: ZD7IPwBDeYLy1hCVRgp9t05XhvAKl13KLGNKK1N7UOtXKB1xjBZR9A==

Redirect headers

Date: Wed, 26 Oct 2022 22:24:45 GMT
Strict-Transport-Security: max-age=2592000;
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Location: https://nexus.ensighten.com/deseretdigital/ksl-com/Bootstrap.js
Cache-Control: max-age=300
Connection: Keep-Alive
Keep-Alive: timeout=1, max=100
Content-Length: 273
Expires: Wed, 26 Oct 2022 22:29:45 GMT

GET
H2 200 styles--ksl-b47b.css
d3njgrq4uvb497.cloudfront.net/ 76 KB
16 KB 61ms
17ms Stylesheet
text/css 13.32.23.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3njgrq4uvb497.cloudfront.net/styles--ksl-b47b.css
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-199.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e588de310412f6d59c7cfc44a3ef0be84d8f6b2f11451fcf94e1448c0e7bba9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:49:02 GMT
content-encoding: gzip
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
last-modified: Tue, 25 Oct 2022 19:51:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 84944
etag: W/"fdc95d8a89cb1c7a6c8fd90aefeacaa1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, s-maxage=31536000, max-age=31536000
x-amz-cf-id: oOf-gApoXVjySk1TF9tIheF3TcG5TuZ-Y-yaUPbb9R6fxfsxTTmgtQ==

GET
H2 200 ksl-header.css
static.ksl.com/ksl-responsive-header/ 61 KB
7 KB 439ms
141ms Stylesheet
text/css 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ksl.com/ksl-responsive-header/ksl-header.css

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

img.bonnint.net

Software

Apache /

Resource Hash

4e87647c04238f9d428f13246e42f198db78822780af8aa60a1220593ddba1d5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 21:32:37 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.1)
age: 3128
x-cache: img01 Hit from varnish
content-length: 7003
last-modified: Mon, 24 Oct 2022 15:31:46 GMT
server: Apache
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
x-varnish: 702581906 697918285
cache-control: s-maxage=3600, max-age=3600
x-server: v17
accept-ranges: bytes
expires: Wed, 26 Oct 2022 21:37:37 GMT

GET
H2 200 28991706.jpg
img.ksl.com/slc/2899/289917/ 14 KB
14 KB 425ms
408ms Image
image/jpeg 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ksl.com/slc/2899/289917/28991706.jpg?filter=kslv2/responsive_toppicks
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),
Reverse DNS: img.bonnint.net
Software: AmazonS3 /
Resource Hash: c12fd5e334137dda97808d8da5b958825c35c938f8d38a3bc8c48c211a7b9854

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 23:41:11 GMT
x-amz-version-id: 9iWFnTCLPLncLuvZybm3rtsgk_vc7zI5
via: 1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id: 2B7P0WEJMC6NJ7T9
age: 81814
x-cache: img01 Miss from varnish
x-amz-replication-status: COMPLETED
content-length: 14106
x-amz-id-2: Ivtx1qZXV/S6nmzJ8ICcLDABZzVTKmyD4WD373WYzJFXKfAf/7VHujWVwcVPkVm5Q7+COclQ2cM=
last-modified: Tue, 25 Oct 2022 15:32:41 GMT
server: AmazonS3
etag: "2656a1eb9fa5ba15b516457a031abd66"
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 618197227 593858551, 700732871
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 28896214.jpg
img.ksl.com/slc/2889/288962/ 10 KB
11 KB 287ms
270ms Image
image/jpeg 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ksl.com/slc/2889/288962/28896214.jpg?filter=kslv2/responsive_toppicks
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),
Reverse DNS: img.bonnint.net
Software: AmazonS3 /
Resource Hash: 53210cac13f1d699d88ba443a917d9a6af46068eb0c3f1f8c3823b41bb512772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 03:41:17 GMT
x-amz-version-id: N14xzcEye7EDN7Ti3VRy4_LyNv7kyb26
via: 1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id: 8M1WW6YJAT64K873
age: 67408
x-cache: img00 Hit from varnish
x-amz-replication-status: COMPLETED
content-length: 10491
x-amz-id-2: uh+92Psy+v/hKf+8mbc2aF4c6qcyRVyM4UdeNf/W4wxnJOwLDrZZ3+yXKXXfKXyoqZIsc/wtyFs=
last-modified: Sun, 21 Aug 2022 04:38:54 GMT
server: AmazonS3
etag: "3b50fdee6b627d4b70459a1cb9cdac6f"
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 620889994 590322370, 878267108 880349358
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 28891045.jpg
img.ksl.com/slc/2889/288910/ 17 KB
17 KB 334ms
318ms Image
image/jpeg 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ksl.com/slc/2889/288910/28891045.jpg?filter=kslv2/responsive_toppicks
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),
Reverse DNS: img.bonnint.net
Software: AmazonS3 /
Resource Hash: 72f9b571512687c542093f438cf5ea55b5156bee846ad0ada94ad74b1fcde38f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 23:45:27 GMT
x-amz-version-id: qX3VVmguGX6P1dNPsxz5To2AiBaFn0wy
via: 1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id: 6AKG99GN38GYS7FY
age: 81558
x-cache: img01 Hit from varnish
x-amz-replication-status: COMPLETED
content-length: 17438
x-amz-id-2: zdq1qo2e8YmYKpQeGNNPNjvU25WF8Lxe0IYF+9jBu0ycp8Prex56b3kzjjTQU53RpzlKgSMs5Ng=
last-modified: Mon, 24 Oct 2022 18:31:12 GMT
server: AmazonS3
etag: "254d379a70b4684973df91a245917350"
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 603453857 578597385, 702420538 699497373
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 video-js.min.css
d3njgrq4uvb497.cloudfront.net/videojs/ 40 KB
10 KB 17ms
17ms Stylesheet
text/css 13.32.23.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3njgrq4uvb497.cloudfront.net/videojs/video-js.min.css
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-199.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01df456b85acb77a180ad7d890f265ea448289bdae9a4b54c58d919b4d484c2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:47:08 GMT
content-encoding: gzip
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
last-modified: Fri, 01 Jul 2022 17:16:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 77858
etag: W/"61258f13580ad009b643f05009d9522d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: WYh8Y35JliSp4rDTx00Q0B0YT3DbzIX5SKpwB1NKZDWJySNdL4Aqjw==

GET
H2 200 videojs-contrib-ads.css
d3njgrq4uvb497.cloudfront.net/videojs/ 917 B
1 KB 16ms
16ms Stylesheet
text/css 13.32.23.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3njgrq4uvb497.cloudfront.net/videojs/videojs-contrib-ads.css
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-199.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 839e7c6761776f0e1c251d29d443dd8e29c6d3beefeeb8925c58a74ba784bd30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 11:24:11 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
last-modified: Fri, 01 Jul 2022 17:18:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 39635
etag: "624ba37a147ffd05f3831a0c60d7666c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 917
x-amz-cf-id: ljAB5vZJi4NqE62q2nqQTN25y9TwSOxIUZd3Lx0XIgeGoXVNILtIZw==

GET
H2 200 videojs.ima.css
d3njgrq4uvb497.cloudfront.net/videojs/ 4 KB
2 KB 16ms
16ms Stylesheet
text/css 13.32.23.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3njgrq4uvb497.cloudfront.net/videojs/videojs.ima.css
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-199.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 04:30:16 GMT
content-encoding: gzip
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
last-modified: Fri, 01 Jul 2022 17:16:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 64470
etag: W/"faad6d610a7700f489432ee9abfaf760"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: wOeXGqWBK9eV0zdVuT5z3cESHcdsjubi6gPx9JbB3kkqBr7_9cJYhg==

GET
H2 200 videojs-share.css
d3njgrq4uvb497.cloudfront.net/videojs/ 4 KB
1 KB 18ms
18ms Stylesheet
text/css 13.32.23.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3njgrq4uvb497.cloudfront.net/videojs/videojs-share.css
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-199.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afed9a0ab525a556166288e945e61b4e4adb9de9c074d8185f86b8f5f5fda311

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 21:10:20 GMT
content-encoding: gzip
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
last-modified: Tue, 02 Aug 2022 22:33:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 5596
etag: W/"be1a982b20ecda84c022f2730dc00db6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: 0zPlxr_QsNSY9NtTE5-uGm_IW1bOD4K3-bJkjv_XqmaR1z6yMnxoIw==

GET
H2 200 video.min.js Show response
d3njgrq4uvb497.cloudfront.net/videojs/ 568 KB
159 KB 18ms
18ms Script
application/javascript 13.32.23.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3njgrq4uvb497.cloudfront.net/videojs/video.min.js
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-199.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e65aecb8a21b66d9aeeea4d926d72d0f1023ca305327859bb69117e813468fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 03:48:29 GMT
content-encoding: gzip
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
last-modified: Fri, 01 Jul 2022 17:16:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 66977
etag: W/"929b380ce08bc33ab90d3cb84bda8476"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: mJ-KsAhbA3C6w1y-dM3HIGz9xwBZrpL1id99csiie4TvU015TlYYmQ==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 380 KB
127 KB 75ms
29ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d5ef5208fc3f2d69568af5bc061bacac841da199c81e78e43692f73f21a8bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129663
x-xss-protection: 0
expires: Wed, 26 Oct 2022 22:24:45 GMT

GET
H2 200 videojs-contrib-ads.js Show response
d3njgrq4uvb497.cloudfront.net/videojs/ 67 KB
17 KB 48ms
43ms Script
application/javascript 13.32.23.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3njgrq4uvb497.cloudfront.net/videojs/videojs-contrib-ads.js
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-199.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ebe4963ca08a041fcbb87a4232bf58b1ae55c3b5623a3a2d9d79491bb46c674

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 13:15:46 GMT
content-encoding: gzip
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
last-modified: Fri, 01 Jul 2022 17:18:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 32940
etag: W/"8907ec0b8999349b1ee9aa3cdfe6344e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: _ARWZJJoyAAV_OT9ltG816c5DJHyEz-Uo4LvxI-yLqON6RaktwY71g==

GET
H2 200 videojs.ima.min.js Show response
d3njgrq4uvb497.cloudfront.net/videojs/ 35 KB
7 KB 49ms
44ms Script
application/javascript 13.32.23.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3njgrq4uvb497.cloudfront.net/videojs/videojs.ima.min.js
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-199.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33cc0a21c1ca8eab50680298fedb8440589988e511a82348b00290bb111a4c8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 21:10:20 GMT
content-encoding: gzip
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
last-modified: Fri, 01 Jul 2022 17:16:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 5596
etag: W/"ec23ab961163dde45026fe11f7852efb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 9sw9zBEAoS7Zjnm7oUrSHUIzNBPccEXlDJ-Ne9RjfBpjTUUiM2B8RQ==

GET
H2 200 videojs-share.min.js Show response
d3njgrq4uvb497.cloudfront.net/videojs/ 32 KB
11 KB 49ms
45ms Script
application/javascript 13.32.23.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3njgrq4uvb497.cloudfront.net/videojs/videojs-share.min.js
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-199.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4926c7670bd5a97ba531632202ff2adb8e8c81ae1dc49b35a7699a478c559b77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 05:32:34 GMT
content-encoding: gzip
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
last-modified: Tue, 02 Aug 2022 22:33:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 60732
etag: W/"518c1fc506a1ebc06dd1aec02b41d277"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: bHVlvm23x_A-5kSLspfr0ZwFFUtvCoLz273sXQbEZkM_4Hn5E4KFww==

GET
H/1.1 200
OK weather-300x168.jpg
media.ksl.com/ 17 KB
17 KB 594ms
286ms Image
image/jpeg 64.147.128.162
DDMINC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.ksl.com/weather-300x168.jpg
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.147.128.162 Salt Lake City, United States, ASN11319 (DDMINC, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16b38b6f240f06a90ae6e36cb1824781d5c04326efec5b6463a6a5834a4914ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 22:22:58 GMT
x-amz-version-id: 6XQxNQ7qbxOp3yg6xMXZ1dgNOldEPjQQ
Via: 1.1 varnish (Varnish/6.2)
Last-Modified: Wed, 26 Oct 2022 18:50:12 GMT
Server: AmazonS3
x-amz-request-id: 0PXHNB1T3H34RXRQ
ETag: "d2ed88d9eeb6ef4ce1277aed4b200787-1"
X-Cache: Hit from varnish
Content-Type: image/jpeg
access-control-allow-origin: *
X-Varnish: 270963091 258675560
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16958
x-amz-id-2: VB4Gwrz9ESTw7SvNWxwSfX4EFIciPXEHoPE7zcVX6Ty9ZMG5zPZMP6flWEhVeswYdtZvPfkSsTs=

GET
H2 200 autoplay_icon.svg
static.ksl.com/images/ 653 B
567 B 144ms
141ms Image
image/svg+xml 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ksl.com/images/autoplay_icon.svg

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

img.bonnint.net

Software

Apache /

Resource Hash

d0cc949db47eadda0e59235f19200cbbabebfa345bb06430bb69f0c159c80421

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 05:34:10 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.1)
age: 10169435
x-cache: img00 Hit from varnish
content-length: 369
last-modified: Fri, 08 May 2015 20:22:40 GMT
server: Apache
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
x-varnish: 878267107 1802244
cache-control: s-maxage=31536000, max-age=31536000
x-server: v03
accept-ranges: bytes
expires: Fri, 01 Jul 2022 05:39:10 GMT

GET
H2 200 51d664bc63e53f2a4398cf2601a38704.svg
static.ksl.com/beta/node_modules/ksl-responsive-header/dist/ 2 KB
1 KB 143ms
140ms Image
image/svg+xml 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ksl.com/beta/node_modules/ksl-responsive-header/dist/51d664bc63e53f2a4398cf2601a38704.svg

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

img.bonnint.net

Software

Apache /

Resource Hash

21cd559db3c100842a8ef209f2579e691ee47e2d1469ebeaaaac7cbd439509ab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:23:03 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.1)
age: 102
x-cache: img02 Hit from varnish
content-length: 1333
last-modified: Mon, 20 Apr 2020 23:44:49 GMT
server: Apache
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-varnish: 75396341 74673576
cache-control: max-age=300, no-transform
x-server: v26
accept-ranges: bytes
expires: Wed, 26 Oct 2022 22:28:03 GMT

GET
H2 200 react.production.min.js Show response
static.ksl.com/javascript/ 13 KB
5 KB 146ms
141ms Script
application/x-javascript 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ksl.com/javascript/react.production.min.js

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

img.bonnint.net

Software

Apache /

Resource Hash

ed51c6c44f063fffd3fef1042b859a00d4cbdcee5dbc742c758f7a275ff85f58

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 12:51:26 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.1)
age: 552799
x-cache: img01 Hit from varnish
content-length: 5003
last-modified: Fri, 01 Nov 2019 02:01:34 GMT
server: Apache
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
x-varnish: 702420537 369497881
cache-control: s-maxage=604800, max-age=604800
x-server: v14
accept-ranges: bytes
expires: Thu, 20 Oct 2022 12:56:26 GMT

GET
H2 200 react-dom.production.min.js Show response
static.ksl.com/javascript/ 123 KB
38 KB 145ms
141ms Script
application/x-javascript 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ksl.com/javascript/react-dom.production.min.js

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

img.bonnint.net

Software

Apache /

Resource Hash

db2ee7a386958f6e858c181063d50b9bd3dfe79f9318bc1550d15482a5e49350

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 12:51:33 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.1)
age: 552792
x-cache: img01 Hit from varnish
content-length: 38768
last-modified: Fri, 01 Nov 2019 02:01:34 GMT
server: Apache
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
x-varnish: 700732869 369757766
cache-control: s-maxage=604800, max-age=604800
x-server: v13
accept-ranges: bytes
expires: Thu, 20 Oct 2022 12:56:33 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/deseretdigital/ksl-com/ 187 B
491 B 47ms
44ms Script
text/javascript 18.66.2.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/deseretdigital/ksl-com/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/deseretdigital/ksl-com/code/&publishedOn=Mon%20Oct%2024%2019:51:59%20GMT%202022&ClientID=2719&PageID=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50500779%2Firan-says-it-will-sue-us-alleging-direct-involvement-in-protests
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-120.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: 0e1f708de0d2d94680628b72eb1465c75d09e5302cddc7a35c03b9f15846f236

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:45 GMT
via: 1.1 eedf8ac56e4e1ec3b240557514df9d64.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: TXL50-P1
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
content-length: 187
x-amz-cf-id: Rqg_zB8Z7Ucg2XidKw7af554az94H5DIuSvjQYjD6SvPnsBsmSAHuA==
expires: Wed, 26 Oct 2022 22:24:44 GMT

GET
H2 200 nunito-sans-v5-latin-600.woff2
static.ksl.com/fonts/nunito-sans/ 17 KB
17 KB 429ms
143ms Font
application/octet-stream 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ksl.com/fonts/nunito-sans/nunito-sans-v5-latin-600.woff2

Requested by

Host: static.ksl.com
URL: https://static.ksl.com/ksl-responsive-header/ksl-header.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

img.bonnint.net

Software

Apache /

Resource Hash

d18c05b903e42fe072a80fb16a7aae87c94e506237fce86f68ad8241fa70f759

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://static.ksl.com/ksl-responsive-header/ksl-header.css
Origin: https://www.ksl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:21:53 GMT
via: 1.1 varnish (Varnish/6.1)
last-modified: Mon, 06 Apr 2020 21:54:59 GMT
server: Apache
age: 172
etag: "4204-5a2a6517d72c0"
x-frame-options: SAMEORIGIN
x-cache: img02 Hit from varnish
x-varnish: 77730736 73365524
access-control-allow-origin: *
cache-control: max-age=300
x-server: v26
accept-ranges: bytes
content-length: 16900
expires: Wed, 26 Oct 2022 22:26:53 GMT

GET
H2 200 nunito-sans-v5-latin-regular.woff2
static.ksl.com/fonts/nunito-sans/ 17 KB
17 KB 429ms
143ms Font
application/octet-stream 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ksl.com/fonts/nunito-sans/nunito-sans-v5-latin-regular.woff2

Requested by

Host: static.ksl.com
URL: https://static.ksl.com/ksl-responsive-header/ksl-header.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

img.bonnint.net

Software

Apache /

Resource Hash

6b6bdb341440c662d46a4fe200f47772ede3040d2ce52ecfcab8f017f4fa2738

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://static.ksl.com/ksl-responsive-header/ksl-header.css
Origin: https://www.ksl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:20:15 GMT
via: 1.1 varnish (Varnish/6.1)
last-modified: Mon, 06 Apr 2020 21:54:59 GMT
server: Apache
age: 269
etag: "4218-5a2a6517d72c0"
x-frame-options: SAMEORIGIN
x-cache: img01 Hit from varnish
x-varnish: 700953822 701930179
access-control-allow-origin: *
cache-control: max-age=300
x-server: v17
accept-ranges: bytes
content-length: 16920
expires: Wed, 26 Oct 2022 22:25:15 GMT

GET
H2 200 sunny.svg
static.ksl.com/images/weather/New2013/SVG/ 2 KB
1 KB 273ms
272ms Image
image/svg+xml 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ksl.com/images/weather/New2013/SVG/sunny.svg

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

img.bonnint.net

Software

Apache /

Resource Hash

eb12070a6b2aa3c1c3db3386bfe577c9ee57bbf7af2a7a541b2c5dd2e189ceac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 12:51:21 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.1)
age: 10229603
x-cache: img01 Hit from varnish
content-length: 1080
last-modified: Sat, 28 Sep 2013 07:26:19 GMT
server: Apache
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
x-varnish: 700732870 131078
cache-control: s-maxage=31536000, max-age=31536000
x-server: v10
accept-ranges: bytes
expires: Sat, 30 Jul 2022 12:51:21 GMT

GET
H2 200 nunito-sans-v5-latin-700.woff2
static.ksl.com/fonts/nunito-sans/ 17 KB
17 KB 420ms
143ms Font
application/octet-stream 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ksl.com/fonts/nunito-sans/nunito-sans-v5-latin-700.woff2

Requested by

Host: static.ksl.com
URL: https://static.ksl.com/ksl-responsive-header/ksl-header.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

img.bonnint.net

Software

Apache /

Resource Hash

90767fabd53fe6949c8e19f3ab9d3da69cfc52c7bbfafe42739ed14c2e837920

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://static.ksl.com/ksl-responsive-header/ksl-header.css
Origin: https://www.ksl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:22:26 GMT
via: 1.1 varnish (Varnish/6.1)
last-modified: Mon, 06 Apr 2020 21:54:59 GMT
server: Apache
age: 139
etag: "4270-5a2a6517d72c0"
x-frame-options: SAMEORIGIN
x-cache: img00 Hit from varnish
x-varnish: 878374253 878494367
access-control-allow-origin: *
cache-control: max-age=300
x-server: v12
accept-ranges: bytes
content-length: 17008
expires: Wed, 26 Oct 2022 22:27:26 GMT

GET
H2 200 28989034.jpg
img.ksl.com/slc/2898/289890/ 109 KB
110 KB 402ms
402ms Image
image/jpeg 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ksl.com/slc/2898/289890/28989034.jpg?filter=kslv2/responsive_story_lg
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),
Reverse DNS: img.bonnint.net
Software: AmazonS3 /
Resource Hash: b9ba09a14e06bae02928229d0b0ac85da9090b70ba878847c948373abd34443c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:46 GMT
x-amz-version-id: 2zSl3j1SlhfaKDRDG_eHVU1dqS7MWE.w
via: 1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id: N3SMK4Q8RA7TPGJZ
age: 0
x-cache: img02 Miss from varnish
x-amz-replication-status: COMPLETED
content-length: 111429
x-amz-id-2: UoAlTBTXzKBYMBNvENDW12zsp0nsQvOGy0CdwJhhrWaFXuH7kx6oMGSJaEvWAdVC+cuPjQGVD+E=
last-modified: Sun, 23 Oct 2022 21:32:09 GMT
server: AmazonS3
etag: "517589266bf41286c13ad6184a2ee45d"
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 619514927, 76336312
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 28818089.png
img.ksl.com/slc/2881/288180/ 721 B
1 KB 389ms
388ms Image
image/png 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ksl.com/slc/2881/288180/28818089.png
Requested by: Host: d3njgrq4uvb497.cloudfront.net
URL: https://d3njgrq4uvb497.cloudfront.net/styles--ksl-b47b.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),
Reverse DNS: img.bonnint.net
Software: AmazonS3 /
Resource Hash: dc2b6002b3518b4b196486f9f3e91e2b27b73df5c54d8418e0d442b6a8196c74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3njgrq4uvb497.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:15:23 GMT
x-amz-version-id: icJqxYHE4IDLMONrkAWzZ_.nhS3rrsNe
via: 1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id: 6Q1974GKW6N7498V
age: 115762
x-cache: img02 Hit from varnish
x-amz-replication-status: COMPLETED
content-length: 721
x-amz-id-2: MqIzm/QNjyip8LtBBrjM7lenvZIvm2/JJw+nPO60FKb2oykuGvVG4IdwGivKX2hSdZUcDrsRFxk=
last-modified: Tue, 21 Jun 2022 23:18:42 GMT
server: AmazonS3
etag: "0e908cc4cf238de319eaa1e6f85989f9"
content-type: image/png
access-control-allow-origin: *
x-varnish: 562058914, 76176015 1114127
cache-control: max-age=2592000
accept-ranges: bytes

GET
H2 200 25487033.jpg
img.ksl.com/slc/2548/254870/ 5 KB
5 KB 388ms
279ms Image
image/jpeg 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ksl.com/slc/2548/254870/25487033.jpg?filter=kslv2/responsive_top_sm
Requested by: Host: d3njgrq4uvb497.cloudfront.net
URL: https://d3njgrq4uvb497.cloudfront.net/styles--ksl-b47b.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),
Reverse DNS: img.bonnint.net
Software: AmazonS3 /
Resource Hash: 006b8f60f30ed5210c6d4cc52dd703f0d62124d5ace9a5a45fede025465a2fbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3njgrq4uvb497.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 15:25:03 GMT
x-amz-version-id: 35tCcztxipI4j_DZR96hdtoBnlcUIIAN
via: 1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id: 0KGWNB4ZZZGAEE2J
age: 543582
x-cache: img00 Hit from varnish
x-amz-replication-status: PENDING
content-length: 4869
x-amz-id-2: 2IZYqT+d6UjHwaGxqMFGk48ceJ71vjUDjHsneMCHq6jaFIyjoOwW5Kqi8thMc1kZhYSecwpLceA=
last-modified: Thu, 20 Oct 2022 15:25:03 GMT
server: AmazonS3
etag: "1e762976631565a6187b5f17402e6d30"
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 415455305 414635555, 872662052 532903000
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 nunito-sans-v5-latin-300.woff2
static.ksl.com/fonts/nunito-sans/ 16 KB
17 KB 395ms
142ms Font
application/octet-stream 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ksl.com/fonts/nunito-sans/nunito-sans-v5-latin-300.woff2

Requested by

Host: static.ksl.com
URL: https://static.ksl.com/ksl-responsive-header/ksl-header.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

img.bonnint.net

Software

Apache /

Resource Hash

dd0d7b0bd9b543ac1655f000d5db598194d9a6c0c79815600b59ee49a81e8c62

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://static.ksl.com/ksl-responsive-header/ksl-header.css
Origin: https://www.ksl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:35 GMT
via: 1.1 varnish (Varnish/6.1)
last-modified: Mon, 06 Apr 2020 21:54:59 GMT
server: Apache
age: 9
etag: "410c-5a2a6517d72c0"
x-frame-options: SAMEORIGIN
x-cache: img02 Hit from varnish
x-varnish: 74807787 76755818
access-control-allow-origin: *
cache-control: max-age=300
x-server: v09
accept-ranges: bytes
content-length: 16652
expires: Wed, 26 Oct 2022 22:29:35 GMT

GET
H2 200 d4e3.ttf
d3njgrq4uvb497.cloudfront.net/ 5 KB
3 KB 49ms
16ms Font
application/font-sfnt 13.32.23.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3njgrq4uvb497.cloudfront.net/d4e3.ttf
Requested by: Host: d3njgrq4uvb497.cloudfront.net
URL: https://d3njgrq4uvb497.cloudfront.net/styles--ksl-b47b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-199.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eca0b00bcdc228fa9087597c23b3108ad4c079791b6ddd56658e48ce83939b6e

Request headers

Referer: https://d3njgrq4uvb497.cloudfront.net/styles--ksl-b47b.css
Origin: https://www.ksl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 20:15:07 GMT
content-encoding: gzip
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified: Wed, 12 Oct 2022 19:51:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1217379
etag: W/"d4e3b2047c5b4ae0e7d9e0da5a0608e1"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/font-sfnt
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: public, s-maxage=31536000, max-age=31536000
x-amz-cf-id: 5p6-0oQgD3hqNWEXXvEFTYJCf27iVQywms_Avm8pjnsK_1Lue6KOkg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 229 KB
74 KB 74ms
36ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TVLZ5Z&l=kslDataLayer

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b29bc934b18a9ab1723ebcb44eb1b0e7049e37c182e88c10df21060ec73dbe1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75457
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 21:07:22 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Oct 2022 22:24:45 GMT

GET
H2

200

5b4de110-bc3f-40aa-8751-c3176bbf87d5_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5.js
https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5_eu.js

187 KB
54 KB

32ms
32ms

Script
application/javascript

151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5_eu.js
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: H2
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 230fa627d3bd338d03ee0fad3202075426114b03584c8106c24725a17eca5962

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:45 GMT
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 08:32:43 GMT
server
etag: "8087c8855ee4d81:0"
x-hw: 1666823085.cds010.lo4.hn,1666823085.cds247.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 55473

Redirect headers

date: Wed, 26 Oct 2022 22:24:45 GMT
x-hw: 1666823085.cds010.lo4.hn,1666823085.cds046.lo4.c
location: https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5_eu.js
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-hw-loc: https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5.js
content-length: 0

GET
H2 200 / Show response
js.stripe.com/v3/ 385 KB
93 KB 75ms
21ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

899ed59decfe5fc6d8ac52db236dc207d0d8c24389158b3b69626017498bee2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 22:24:45 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 7
x-cache: Hit from cloudfront
last-modified: Wed, 26 Oct 2022 19:24:53 GMT
server: Cloudfront
etag: W/"e6ff0e4bd611127c79988bb2704185a5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: ZNzROHB3n1ZJaTyXDMWGvbnzus6TxW702mtDdZ0ymEqDxvuSv__9Ug==

GET
H2 200 dm.js Show response
tag.durationmedia.net/sites/11159/ 119 KB
33 KB 83ms
28ms Script
application/javascript 2600:9000:21f3:3200:10:ce97:9fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.durationmedia.net/sites/11159/dm.js
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3200:10:ce97:9fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48b97e968aa80e42c87229686542fade5f77356a6ba0c7c79c4f06d75604a24e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: dtvBpwISWfoRi.LEc5QY3eBDKJSWSxQR
content-encoding: gzip
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
date: Wed, 26 Oct 2022 22:24:45 GMT
x-amz-cf-pop: FRA2-C2
age: 42
x-cache: Hit from cloudfront
content-length: 33139
last-modified: Thu, 13 Oct 2022 02:00:28 GMT
server: AmazonS3
etag: "eb9ce959443218387eb2e5db1d1a07fd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=900
accept-ranges: bytes
x-amz-cf-id: nai0EQSWJ4k9sLyc7XFe4x3lb615tGr_AaZJaWQ13SYMuPi2xuf-Hw==

GET
H2 200 ads.js Show response
prebidads.revcatch.com/ 20 KB
7 KB 70ms
23ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebidads.revcatch.com/ads.js
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / RCW02
Resource Hash: 7815473f068f708bcde391e444f1e2d3f19d1ead1174a2281a8833648356b80d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 15:54:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1729747
x-powered-by: RCW02
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eb1X3T%2BdHSVoexDkmf46QDsZ5SQk4naLdh2cfY%2Fxhxyuj79HqIr2tHZEHq2O2Q6R7sEqEEQWcr9TH2KwNynUYvp3TaDYtXWN95t%2BvK%2FOT1V5CbwkYg9n%2F2aRnYoQGN3Pq6cAx5lM7IBZ0425%2B4asdwg4p9p%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 76069a9e7b3abbdf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 05 Nov 2022 21:55:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
77 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JW89DL7T5D&l=kslDataLayer&cx=c

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8b95d6dd69d99adc6632665bf0fe969180105d4b30c64844602200a9d9dd10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78405
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 Oct 2022 22:24:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 54ms
15ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 21:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4131
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 26 Oct 2022 23:15:54 GMT

GET
H2 200 tracker.js Show response
static.rubyblu.com/ 21 KB
8 KB 101ms
16ms Script
application/javascript 130.211.32.235
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rubyblu.com/tracker.js
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.32.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.32.211.130.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 45df8300639a2c449239e3f0ddd1575ec2a867266840be6309b69903f032d919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:13:08 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 05 Oct 2022 18:08:55 GMT
server: nginx/1.18.0
age: 697
etag: W/"633dc837-531a"
content-type: application/javascript
cache-control: max-age=3600,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7784
expires: Wed, 26 Oct 2022 23:13:08 GMT

GET
H2 200 app--ksl-7d47.js Show response
d3njgrq4uvb497.cloudfront.net/ 220 KB
71 KB 17ms
17ms Script
application/javascript 13.32.23.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3njgrq4uvb497.cloudfront.net/app--ksl-7d47.js
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-199.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16e35ac491872655adb980937753a5e334ee137f59d934049990b735964c95a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 00:39:18 GMT
content-encoding: gzip
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
last-modified: Thu, 13 Oct 2022 03:15:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 683128
etag: W/"9dc8c5dbe71e0b07c5bea52725da4b7b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, s-maxage=31536000, max-age=31536000
x-amz-cf-id: nQdZu3BjdSqJQZ37-6pgk8MMhro8LV4f55MU2UDii_kRdjPxK3H2xw==

GET
H2 204 r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 0
107 B 79ms
16ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=0&c=2719&i=6rq589&p=ksl-com&s=328&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTg0IiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI2cnE1ODkiLCJwYWNrZXQiOjAsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APAZIiwidHlwZSI6ImJpbGxpbmciLCJzdGFydCI6MTY2NjgyMzA4NTgxMFsAwGQiOi0xLCJzb3VyYzIAAisAYXR1cyI6ImYAQGFzb25lANRdLCJkYXRhUGF0dGVyEgDCbGlzdCI6W10sImlkXQDAODIzMDg1ODEwfV19
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:45 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 26 Oct 2022 22:24:44 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
345 B 63ms
22ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JW89DL7T5D&gtm=2oeaq0&_p=2039097173&cid=619258648.1666823086&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666823085&sct=1&seg=0&dl=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50500779%2Firan-says-it-will-sue-us-alleging-direct-involvement-in-protests&dt=Iran%20says%20it%20will%20sue%20US%2C%20alleging%20%27direct%20involvement%27%20in%20protests%20%7C%20KSL.com&en=page_view&_fv=1&_nsi=1&_ss=1&ep.Random_Session_ID=1666823085771.jfm2pagh&ep.Local_Timestamp=2022-10-26T22%3A24%3A45.771%2B00%3A00&ep.Page_URL=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50500779%2Firan-says-it-will-sue-us-alleging-direct-involvement-in-protests&ep.Referrer=&ep.Host_Name=www.ksl.com&ep.Container_Version=56
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 22:24:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ksl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ksl-header.js Show response
static.ksl.com/ksl-responsive-header/ 133 KB
38 KB 208ms
207ms Script
application/x-javascript 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ksl.com/ksl-responsive-header/ksl-header.js

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

img.bonnint.net

Software

Apache /

Resource Hash

08c94f13753f2ebeeb9a2205148a786f051576c29f24bc0cead7d06b801496b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 21:32:34 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.1)
age: 3131
x-cache: img01 Hit from varnish
content-length: 38367
last-modified: Mon, 24 Oct 2022 15:31:46 GMT
server: Apache
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
x-varnish: 701996586 696573871
cache-control: s-maxage=3600, max-age=3600
x-server: v21
accept-ranges: bytes
expires: Wed, 26 Oct 2022 21:37:34 GMT

GET
H2 200 fd80e93f5d9462399457cb00a0b265c3-Comments.min.js Show response
d3njgrq4uvb497.cloudfront.net/react/ 469 KB
119 KB 18ms
18ms Script
application/javascript 13.32.23.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3njgrq4uvb497.cloudfront.net/react/fd80e93f5d9462399457cb00a0b265c3-Comments.min.js
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-199.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c9bebe91312efaced97443b564351d9d60442e73d01f22f4b8db0d016ff4695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 23:39:19 GMT
content-encoding: gzip
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jul 2022 15:58:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 81926
etag: W/"fd80e93f5d9462399457cb00a0b265c3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, s-maxage=31536000, max-age=31536000
x-amz-cf-id: 2aIgUxTkaMG4tTr8aKUkv_xFWVCpMhqLrsm0yN_7DMSmEebJwSYyXQ==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 80ms
24ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b44aca1eae3e39ba997248990086d3869b5c11e0b9061db488cc214e12d77b78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27374
x-xss-protection: 0
server: sffe
etag: "1375 / 888 of 1000 / last-modified: 1666821924"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Oct 2022 22:24:45 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/deseretdigital/ 55 KB
23 KB 84ms
23ms Script
application/javascript 108.157.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/op.js
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-6.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b976f6fd8096cc2e26a39c65bd6fae205c22abb2fd203bbcf08808eb6520fa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: 7bAHG5GFGylRF98DtwaipfvO_puQSqVO
content-encoding: gzip
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
date: Wed, 26 Oct 2022 21:46:36 GMT
x-amz-cf-pop: DUS51-P2
age: 2493
x-cache: Hit from cloudfront
content-length: 23192
x-amz-meta-git_commit: 7467d3d
last-modified: Wed, 26 Oct 2022 18:42:56 GMT
server: AmazonS3
etag: "81ac0a6525e42e115938fca65aab3368"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: I7Cex-89LlFwg4jr8H8pCc-PK7QCj2deBgWUP9JUjEcbnxYYMkYimA==

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 49ms
17ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 21:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 26 Oct 2022 22:43:39 GMT

GET
H2 200 catch_rp.js Show response
app.protectsubrev.com/ 380 KB
48 KB 74ms
27ms Script
application/javascript 2606:4700:20::681a:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.protectsubrev.com/catch_rp.js?cb=0.14870435802876436
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / RCW03
Resource Hash: 149d88231ced3fea53140468e652aec0ae4ce336efcbd8c7c1ef6e2e75335541

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 23:58:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1159539
x-powered-by: RCW03
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHEBVVrmo%2B9NZzYQjohDhhdO8t8EtjQ8Bx6gArPo4ZzmhEFPVLtvJKS2qUxG5SMELyGbK6XHQYL4fo%2FnS5Et2Ul5io7mQTFVwAqbYPV3PiuocRCeXZUp%2FUPPA67nL%2FJM9%2F1qO811VxY9ZZpTAKMqo2yAYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 76069a9f5a919238-FRA
expires: Sat, 12 Nov 2022 12:19:06 GMT

GET
H/1.1 200 scriptloaded Show response
be.durationmedia.net/ 61 B
682 B 435ms
105ms Fetch
application/json 18.232.40.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://be.durationmedia.net/scriptloaded?siteId=11159

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.232.40.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-40-53.compute-1.amazonaws.com

Software

Resource Hash

9903035e5b61b366e5709819a66349add4a4d132af460c00dc37babc30774ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:45 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ksl.com
Access-Control-Expose-Headers: Authorization
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
transfer-encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1

400
Bad Request

deseret
match.prod.bidr.io/cookie-sync/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.xv5vphvgz5o7
https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.xv5vphvgz5o7&_bee_ppp=1

24 B
24 B

39ms
39ms

Image
text/plain

54.247.105.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.xv5vphvgz5o7&_bee_ppp=1

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

HTTP/1.1

Server

54.247.105.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-247-105-151.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

73da3b369596f2ea8e701ec80155bf93c638eb66f1de5eac9a88f2eb8e565fd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 22:24:46 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 24
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.xv5vphvgz5o7&_bee_ppp=1
Date: Wed, 26 Oct 2022 22:24:46 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK active Show response
www.ksl.com/api/2017/member/ 49 B
433 B 150ms
149ms Fetch
application/json 64.147.131.201
DDMINC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ksl.com/api/2017/member/active

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.201 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

ksl.com

Software

Apache /

Resource Hash

f49b521799308f8cf36318142dbab92925dcae0ca9e2e35050f7d7635ce6c4b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 22:24:46 GMT
Strict-Transport-Security: max-age=2592000;
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: max-age=0, must-revalidate, private
X-Server: b15
Connection: Keep-Alive
Keep-Alive: timeout=1, max=100
Content-Length: 49
Expires: Wed, 26 Oct 2022 22:24:46 GMT

GET
H/1.1 200
OK comments Show response
www.ksl.com/api/2017/member/reauth/ 15 B
399 B 156ms
155ms Fetch
application/json 64.147.131.201
DDMINC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ksl.com/api/2017/member/reauth/comments

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.201 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

ksl.com

Software

Apache /

Resource Hash

e8d480780dad17fd64ac42eee77b9a8e485f2d81cc3dc232e2520a0e8058bffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 22:24:46 GMT
Strict-Transport-Security: max-age=2592000;
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: max-age=0, must-revalidate, private
X-Server: b16
Connection: Keep-Alive
Keep-Alive: timeout=1, max=100
Content-Length: 15
Expires: Wed, 26 Oct 2022 22:24:46 GMT

GET
H/1.1 200
OK 50500779 Show response
www.ksl.com/api/2017/comments/meta/ 55 B
438 B 393ms
244ms Fetch
application/json 64.147.131.201
DDMINC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ksl.com/api/2017/comments/meta/50500779

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.201 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

ksl.com

Software

Apache /

Resource Hash

84322a0760a893c42160c6f31523ea34fc5c9179da933964e332728833517007

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 22:24:46 GMT
Strict-Transport-Security: max-age=2592000;
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: max-age=0, must-revalidate, private
X-Server: b15
Connection: Keep-Alive
Keep-Alive: timeout=1, max=99
Content-Length: 55
Expires: Wed, 26 Oct 2022 22:24:46 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 88ms
31ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-72877204-2&cid=619258648.1666823086&jid=2024564938&gjid=1222134958&_gid=161913412.1666823086&_u=aCDAgEAjAAAAAEAEK~&z=1913158020

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ksl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Oct 2022 22:24:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ksl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
15ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2039097173&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50500779%2Firan-says-it-will-sue-us-alleging-direct-involvement-in-protests&ul=en-us&de=UTF-8&dt=Iran%20says%20it%20will%20sue%20US%2C%20alleging%20%27direct%20involvement%27%20in%20protests%20%7C%20KSL.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEAjAAAAAAAEK~&jid=2024564938&gjid=1222134958&cid=619258648.1666823086&tid=UA-72877204-2&_gid=161913412.1666823086&gtm=2wgaj0TVLZ5Z&cg1=News&cg2=U.S.&cd1=blqzvz7d58d9&cd2=blqzvz7d58d9&cd3=1666823085780.mwre4lvj&cd5=2022-10-26T22%3A24%3A45.780%2B00%3A00&cd6=1.0&cd7=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50500779%2Firan-says-it-will-sue-us-alleging-direct-involvement-in-protests&cd8=&cd9=www.ksl.com&cd10=GTM-TVLZ5Z&cd11=56&cd12=0&cd13=News&cd14=U.S.&cd16=KSL.com%20-%20News%2FContent&cd17=Content&cd18=Hande%20Atay%20Alam%2C%20Aliza%20Kassim%20and%20Tara%20Subramaniam%2C%20CNN&cd20=50500779&cd23=2022-10-23T18%3A14%3A00-06%3A00&cd24=cnn_wire&cd25=wire&cd26=Article&cd27=government&cd28=traditional&cd31=dsewvume3iia&cd33=not%20specified&cd43=584&cd47=0&cd49=2022-10-23T18%3A14%3A00-06%3A00&cd50=gtdhg75ovh28&cd51=gtdhg75ovh28&cd4=619258648.1666823086&z=261534694

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 07:06:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55067
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022102001.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 64ms
16ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:15:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130516
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 26 Oct 2023 17:15:27 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 371 B
805 B 71ms
25ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ksl.com

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

49aabeb632ac757d0d73d2b6793d99e7e1336eed6e3d81d89c5110bf2ba809aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 168
x-xss-protection: 0
expires: Wed, 26 Oct 2022 22:24:46 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 505ms
129ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ksl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ksl.com
date: Wed, 26 Oct 2022 22:24:46 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 adreq Show response
ads.servenobid.com/ 1 KB
861 B 236ms
151ms XHR
application/json 34.252.126.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=4462
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 240d75e35ca91c207c7dd234bdbd81c438e4febda057fff7bb2252f4eb1011a8

Request headers

Referer: https://www.ksl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Oct 2022 22:24:46 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.ksl.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 204 deseret Show response
deseret.technoratimedia.com/openrtb/bids/ 0
293 B 307ms
103ms XHR
text/plain 129.80.94.115
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.technoratimedia.com/openrtb/bids/deseret?src=prebid_prebid_4.16.0
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.94.115 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ksl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 Oct 2022 22:24:46 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 1043444378
access-control-allow-origin: https://www.ksl.com
access-control-allow-credentials: true

OPTIONS
H2 204 deseret
deseret.technoratimedia.com/openrtb/bids/ Frame 0
0 344ms
106ms Preflight 129.80.94.115
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.technoratimedia.com/openrtb/bids/deseret?src=prebid_prebid_4.16.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.94.115 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ksl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET, HEAD, OPTIONS
access-control-allow-origin: https://www.ksl.com
date: Wed, 26 Oct 2022 22:24:46 GMT
server: nginx

GET
H2 200 b-7467d3d-a5555407.js Show response
tagan.adlightning.com/deseretdigital/ 82 KB
31 KB 27ms
26ms Script
application/javascript 108.157.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-6.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16eb3534055e2d58d7a4d02d4e40e5b04274ea3f490a343ba2be6572f65655eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 17:30:07 GMT
content-encoding: gzip
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
x-amz-version-id: 5etEKaoZp06WW1IO_D7voVR4xhLGO0Bn
x-amz-cf-pop: DUS51-P2
age: 15656080
x-cache: Hit from cloudfront
content-length: 31167
x-amz-meta-git_commit: 7467d3d
last-modified: Thu, 28 Apr 2022 17:29:35 GMT
server: AmazonS3
etag: "9bae072ef13568f983b9b88c933f1d70"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 66FYD5QeqJksqoUmeurCjsVWUxGHsgxLK48ZBWHkonSh1efRGJtiDQ==

GET
H2 200 bl-8db6969-a8bd1e12.js Show response
tagan.adlightning.com/deseretdigital/ 49 KB
21 KB 22ms
22ms Script
application/javascript 108.157.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/bl-8db6969-a8bd1e12.js
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-6.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 906912f63ed9b23084a272f9c7834b906fc166e315c7ff61d03d0ad0ef182042

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 18:43:21 GMT
content-encoding: gzip
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
x-amz-version-id: 63wefePUxFdzA2WO4t5Q6fm6cp.WIZT5
x-amz-cf-pop: DUS51-P2
age: 13286
x-cache: Hit from cloudfront
content-length: 21076
x-amz-meta-git_commit: 8db6969
last-modified: Wed, 26 Oct 2022 18:42:36 GMT
server: AmazonS3
etag: "2a26992e5e5f4e45cf7a03bf045a55e6"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Fpctj3iNFQTisnP08OWpnsvLLyBaFTd8wh10yWw1B0MKrFmjLK4kXw==

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 catch.css
app.protectsubrev.com/ 9 KB
2 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::681a:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.protectsubrev.com/catch.css
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / RCW02
Resource Hash: 9ee6085f6660e6e74960798d5525d811821b33e49be30b5721767b7f8fd50df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 23:58:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1159278
x-powered-by: RCW02
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qmEDmuulQliXL6TflPZJ0b%2FwiQtOSMEUwjOA%2FQj5x1w639cCpWG40gJHNw4lab%2BMwr5MrjfktXHfWIu9jhinFVzFssQi2Yah6OwBDvKiJpcGylhGh9AWPHWe0brMDZG%2FADGZ6Fc9LpKH5A2ysMhYvFeTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 76069aa00b7f9238-FRA
expires: Sat, 12 Nov 2022 12:23:28 GMT

POST
H2 200 / Show response
pages.protectsubrev.com/ 27 B
542 B 800ms
755ms XHR
application/json 2606:4700:20::ac43:4591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.protectsubrev.com/?new
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / RCW03
Resource Hash: 5af05e984dcb10c694137bcefacd441b3e6ca8dcbb6ff1a01ba470fb78627b3a

Request headers

Referer: https://www.ksl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 26 Oct 2022 22:24:46 GMT
content-encoding: br
referrer-policy: origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: RCW03
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKdc8ZfcKGMpq6k8qBpERQrWJ8X6oK4zcENI1%2FuirlVSrE47r0HhOCSn3hCHbeiybCRIu5LFsnPU8N7RjA%2FMD7KaltC7SGnxgsdmTDGFDEdJkoRS6IrPhmg9BqsYwBt0ha68xq79q4dvDT%2Br7l7%2F991i%2Bwmd"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
cf-ray: 76069aa1ecb3bbce-FRA
expires: Fri, 28 Oct 2022 22:24:46 GMT

GET
DATA 200
OK truncated
/ 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f3a01e144ec2db45bb24f5ee5e9ed1da37760b01593395c01e4c1e4780b89ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 16020764746327031843
tpc.googlesyndication.com/simgad/ 1 KB
2 KB 70ms
16ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16020764746327031843

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2af6de0161679525ed17e3cab74b1f2ecbadbf3a3e83706d44549aa377daec16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:53:59 GMT
x-content-type-options: nosniff
age: 113447
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1455
x-xss-protection: 0
last-modified: Thu, 20 Sep 2018 16:19:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Oct 2023 14:53:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ 0
0 64ms
24ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=efmk
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
324 B 65ms
28ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-72877204-2&cid=619258648.1666823086&jid=2024564938&_u=aCDAgEAjAAAAAEAEK~&z=1633694391

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 22:24:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 72ms
27ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-72877204-2&cid=619258648.1666823086&jid=2024564938&_u=aCDAgEAjAAAAAEAEK~&z=1633694391

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 22:24:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 180 KB
64 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NKMQVGQ&l=headerDataLayer

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ee298de82e9ba8d1f18236e1f6c06af46af3b53de9b2a27f83dca73b3991783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65921
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 21:07:22 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Oct 2022 22:24:46 GMT

GET
H2 200 twilio-conversations.min.js Show response
media.twiliocdn.com/sdk/js/conversations/releases/2.1.0/ 497 KB
119 KB 333ms
286ms Script
application/javascript 104.22.58.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.twiliocdn.com/sdk/js/conversations/releases/2.1.0/twilio-conversations.min.js
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.219 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf64852d6ba356ad309f01e973172dedbcd33fcc0823bb2e98484028c12a8074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:46 GMT
x-amz-version-id: kmnyC8T27McvTZPCCp_8FCeAkqAXOEAz
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 03 Mar 2022 12:06:00 GMT
server: cloudflare
x-amz-request-id: FDQRDQNKJKQTMB2R
etag: W/"bb47e650bbd0511e8523e9288befd45b"
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 76069aa1cb295ba4-FRA
x-amz-id-2: KvRaF3FCcHFzOv+1JDQtMLQQ/RCyGojBq1wkz4mbvrGMxBK+k8DIdfw7MKAu0HIFh0O70F+vUkQ=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 messages.js Show response
static.ksl.com/m-ksl-messages-twilio-client/ 13 KB
3 KB 140ms
140ms Script
application/x-javascript 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ksl.com/m-ksl-messages-twilio-client/messages.js

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

img.bonnint.net

Software

Apache /

Resource Hash

32dddeed43e3fbde44d76523d3a40dc8a00aaaee5f9f319f21e7c769ef2a43cc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:23:09 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.1)
age: 96
x-cache: img02 Hit from varnish
content-length: 3214
last-modified: Fri, 23 Sep 2022 19:53:18 GMT
server: Apache
etag: "35f8-5e95d877e8780-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
x-varnish: 75651701 75456728
cache-control: max-age=300
x-server: v18
accept-ranges: bytes
expires: Wed, 26 Oct 2022 22:28:09 GMT

GET
H/1.1 200
OK getHeaderWeather Show response
news-api.ksl.com/v1/weather/ 2 KB
1 KB 611ms
149ms XHR
application/json 64.147.131.201
DDMINC

General

Check archive.org

Show headers Download Go to

Full URL: https://news-api.ksl.com/v1/weather/getHeaderWeather
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.147.131.201 Salt Lake City, United States, ASN11319 (DDMINC, US),
Reverse DNS: ksl.com
Software: Apache /
Resource Hash: b27dded173930495b565debcd64baefdf1932bd368212a3f02dbbb7995eb625c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 22:24:46 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ksl.com
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
X-Server: bapi06
Connection: Keep-Alive
Keep-Alive: timeout=1, max=100
Content-Length: 821

GET
H/1.1 200
OK active Show response
www.ksl.com/api/2017/member/ 49 B
432 B 154ms
153ms Fetch
application/json 64.147.131.201
DDMINC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ksl.com/api/2017/member/active

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.201 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

ksl.com

Software

Apache /

Resource Hash

f49b521799308f8cf36318142dbab92925dcae0ca9e2e35050f7d7635ce6c4b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 22:24:46 GMT
Strict-Transport-Security: max-age=2592000;
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: max-age=0, must-revalidate, private
X-Server: b16
Connection: Keep-Alive
Keep-Alive: timeout=1, max=99
Content-Length: 49
Expires: Wed, 26 Oct 2022 22:24:46 GMT

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 21 KB
8 KB 80ms
34ms Script
application/javascript 2606:4700:4400::ac40:950d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 22:24:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: e0VkrpV+7zqDAjQ/RMXPsw==
age: 13271
x-ms-lease-status: unlocked
last-modified: Fri, 21 Oct 2022 01:41:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d0c980f4-201e-0058-18f6-e4e012000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 76069aa24fbf9b55-FRA
expires: Thu, 27 Oct 2022 02:24:46 GMT

GET
H2 200 42225788-6fb1-438d-91a0-0da32c771fe8.json Show response
cookie-cdn.cookiepro.com/consent/42225788-6fb1-438d-91a0-0da32c771fe8/ 2 KB
2 KB 68ms
35ms XHR
application/x-javascript 2606:4700:4400::ac40:950d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/42225788-6fb1-438d-91a0-0da32c771fe8/42225788-6fb1-438d-91a0-0da32c771fe8.json

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7632362b4d18aa6aceda06f8a1a3ed3a1a723bf590406693cbed50aeacff87af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 22:24:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: icACrt+Zgb0rsB4fBCRpgQ==
age: 7581
x-ms-lease-status: unlocked
last-modified: Mon, 13 Jul 2020 16:03:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1e8a846f-901e-0010-036a-defd25000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 76069aa2be5990dc-FRA

GET
H2 200 otBannerSdk.js Show response
cookie-cdn.cookiepro.com/scripttemplates/6.3.0/ 320 KB
61 KB 37ms
37ms Script
application/javascript 2606:4700:4400::ac40:950d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.3.0/otBannerSdk.js

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dface7334524d5b6f437b40f2c99ed3ae0dbea4e663cf6ee0b4ef0e37c4588d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 22:24:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: 5FfJphrAkG9jYPwi2DZiag==
age: 3657
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jul 2020 01:51:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6e20e85e-a01e-0056-706a-dec9a2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 76069aa2f9049b55-FRA
expires: Thu, 27 Oct 2022 02:24:46 GMT

GET
H2 200 en.json Show response
cookie-cdn.cookiepro.com/consent/42225788-6fb1-438d-91a0-0da32c771fe8/2bf65cc3-af43-4615-8660-543f2a769de1/ 76 KB
15 KB 32ms
32ms Fetch
application/x-javascript 2606:4700:4400::ac40:950d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/42225788-6fb1-438d-91a0-0da32c771fe8/2bf65cc3-af43-4615-8660-543f2a769de1/en.json

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ac6182d6fe5f5ab5c586d42b103c220c29fdb3d60152b22858af6eb67f35614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 22:24:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: KE2uvII0XZp8wfxYMj3f4w==
age: 12210
x-ms-lease-status: unlocked
last-modified: Mon, 13 Jul 2020 16:03:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e6fd6180-e01e-00b3-756a-de98e0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 76069aa34f0090dc-FRA

GET
H2 200 otFlat.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.3.0/assets/ 22 KB
4 KB 25ms
25ms Fetch
application/json 2606:4700:4400::ac40:950d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.3.0/assets/otFlat.json

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebcd5e90336ad4d1e139c96c1966ad56be1f7af66f1cabe9fc2d9a770bd70d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 22:24:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: 7ob+U7nSauu0/WQuSXf/fw==
age: 14240
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jul 2020 01:51:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 05b206f1-301e-009f-256a-de744f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 76069aa38f4890dc-FRA
expires: Thu, 27 Oct 2022 02:24:46 GMT

GET
H2 200 otPcPanel.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.3.0/assets/ 96 KB
17 KB 28ms
28ms Fetch
application/json 2606:4700:4400::ac40:950d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.3.0/assets/otPcPanel.json

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:950d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9aa297430269a62d1bd64fdd71e54bcdeb2ef17c2cbd4b621f5f5d8d625e0706

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 22:24:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: FKy8VkFGOWWUv2dW4Daepw==
age: 6817
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jul 2020 01:51:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 47372349-101e-0031-6c6a-ded95e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 76069aa38f4c90dc-FRA
expires: Thu, 27 Oct 2022 02:24:46 GMT

GET
H2 200 jstag Show response
ksl-d.openx.net/w/1.0/ 168 KB
57 KB 83ms
34ms Script
text/javascript 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ksl-d.openx.net/w/1.0/jstag?nc=6686-KSL_News
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a16c637ac787bc73344b1466b8de4f2b3dbbef8cc3893225d5c11abcfc18a9b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:46 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept-Encoding
content-type: text/javascript
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58322
expires: Wed, 26 Oct 2022 23:24:46 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 103ms
24ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ksl.com

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 67ms
25ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ksl.com

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 175 KB
32 KB 795ms
494ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2461592675805106&correlator=4409513974845630&eid=44775319&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&iu_parts=6686%2Cddm.ksl%2CNews%2CU.S.&enc_prev_ius=%2F0%2F1%2F2%2F%2F3%2C%2F0%2F1%2F2%2F%2F3%2C%2F0%2F1%2F2%2F%2F3%2C%2F0%2F1%2F2%2F%2F3%2C%2F0%2F1%2F2%2F%2F3&prev_iu_szs=728x90%7C970x90%2C620x300%2C300x250%2C300x250%7C300x600%2C300x250%7C300x600&ifi=1&adks=2540312279%2C2833951875%2C3436688511%2C1184458763%2C1184458756&sfv=1-0-38&prev_scp=pos%3Dtop%7Cpos%3Darticlebottom%7Cpos%3Dinline%7Cpos%3Dright%7Cpos%3Dright2&cust_params=v%3Dnews%26cc%3Dnationalstories%26article-id%3D50500779%26pt%3DArticle%26stca%3Dgovernment%26author%3Dhandeatayalam%252Calizakassimandtarasubramaniam%252Ccnn%26pageviewid%3Ddsewvume3iia&sc=1&cookie_enabled=1&abxe=1&dt=1666823086736&lmt=1666823086&dlt=1666823084991&idt=1283&adxs=259%2C315%2C315%2C985%2C985&adys=154%2C3658%2C1430%2C443%2C1721&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C0%7C3&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50500779%2Firan-says-it-will-sue-us-alleging-direct-involvement-in-protests&frm=20&vis=1&psz=1082x103%7C614x250%7C614x3290%7C300x250%7C300x250&msz=1082x250%7C614x250%7C614x250%7C300x250%7C300x250&fws=4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600&ga_vid=619258648.1666823086&ga_sid=1666823087&ga_hid=2039097173&ga_fc=true

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

691aafabd0acb93f9c117c9e8f26e6300ed026ac0e95920e8893039bfc92e949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31711
x-xss-protection: 0
google-lineitem-id: 6134127548,-2,6115385507,5846884735,5554864217
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138406241546,-2,138406587167,138400496491,138332965352
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ksl.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E1F1 6 KB
4 KB 106ms
24ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ksl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 22:24:46 GMT
expires: Thu, 26 Oct 2023 22:24:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 0 Show response
app.protectsubrev.com/caught/rc-CfZeub/322326112/ 33 KB
5 KB 589ms
589ms XHR
application/json 2606:4700:20::ac43:4591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.protectsubrev.com/caught/rc-CfZeub/322326112/0
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / RCW02
Resource Hash: 5eca1045fd7fb49c4334b59cea338eaa7c4d0ce40cd97a34b5aefb0f6bd7930e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: RCW02
server: cloudflare
vary: Accept-Encoding,User-Agent
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=321l%2F%2B0xwdtq4wOkVaplr7yRePn3qW7f1K%2FnfFT1mjq7XE8PRsqZITeaFCSfjnNAYWJ4voSG64Tt3fdWFKNutd%2F4BQHf9LwVcmrL%2BOKVJv2QFVOp6JeKXqaVYV7m8RhffNc6fjXJhavmHVOkOiaRlWY1Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private, max-age=172800
access-control-allow-credentials: true
cf-ray: 76069aa51c10bbce-FRA
access-control-allow-headers: *, Authorization, Origin, X-Requested-With, Content-Type, Range
expires: Fri, 28 Oct 2022 22:24:47 GMT

GET
H2 200 rules Show response
app.protectsubrev.com/api/ 3 KB
1010 B 24ms
23ms Fetch
application/json 2606:4700:20::ac43:4591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.protectsubrev.com/api/rules?id=rc-CfZeub
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / RCW03
Resource Hash: fe1a293cdb4905ed390da36b47fa01878068dc52306b495f97d39c56f00ea2fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2985
x-powered-by: RCW03
last-modified: Wed, 26 Oct 2022 21:35:01 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O60ydJLnwTJcrUAQC0f6cpmmv%2FiobMm5NppVrPy7FMOoNnytOV6nJYW45BWXVspSvYSxWnL1DNjICFU3TTAtRp95vcM2yq7q7S2DliKTEBmnnT5dpdsDZheC4eo79wSenOg6muvD2fTC9X4g4PjSyli0YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=172800
access-control-allow-credentials: true
x-ratelimit-limit: 150
cf-ray: 76069aa51c11bbce-FRA
access-control-allow-headers: *, Authorization, Origin, X-Requested-With, Content-Type, Range
x-ratelimit-remaining: 149
expires: Fri, 28 Oct 2022 21:35:01 GMT

POST
H2 200 / Show response
pages.protectsubrev.com/ 21 B
355 B 503ms
503ms Fetch
application/json 2606:4700:20::ac43:4591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.protectsubrev.com/
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / RCW03
Resource Hash: 57de05264028a31a958c3315bb559a979fced7919c8920a4c36beaa14c5db5a1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ksl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 26 Oct 2022 22:24:47 GMT
content-encoding: br
referrer-policy: origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: RCW03
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hj1AlqCJjDtcHKO94Gd3jJDczUMaOSBGqbEeb8zzeU6daJZfVqnmz4n0dQNlYRo9kh%2Bf9NHf%2FLRm6c50adUQPyDHie4Agyu6qcZOeGmr0fU29RZ2te7aWN1zhKlCR5Ah2Cb5l%2FzAosivV31sq0e8wn3ihMVn"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
cf-ray: 76069aa54c85bbce-FRA
expires: Fri, 28 Oct 2022 22:24:47 GMT

GET
H2 200 rain.svg
static.ksl.com/images/weather/New2013/SVG/ 2 KB
1 KB 141ms
140ms Image
image/svg+xml 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ksl.com/images/weather/New2013/SVG/rain.svg

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

img.bonnint.net

Software

Apache /

Resource Hash

900d69b36ed036b05ea15c5f1964278e36dde5956f4c18a2bccf54b022429641

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 13:58:42 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.1)
age: 30364
x-cache: img02 Hit from varnish
content-length: 1000
last-modified: Sat, 28 Sep 2013 07:26:19 GMT
server: Apache
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
x-varnish: 76110676 53880515
cache-control: s-maxage=31536000, max-age=31536000
x-server: v06
accept-ranges: bytes
expires: Fri, 25 Nov 2022 13:58:42 GMT

GET
H2 200 night_partly_cloudy.svg
static.ksl.com/images/weather/New2013/SVG/ 14 KB
5 KB 140ms
140ms Image
image/svg+xml 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ksl.com/images/weather/New2013/SVG/night_partly_cloudy.svg

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

img.bonnint.net

Software

Apache /

Resource Hash

be9d8ca24570811430807b5e3ebb8289744632e9f5cac67ba8850c895fcf2ed1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 18:31:21 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.1)
age: 14005
x-cache: img02 Hit from varnish
content-length: 5127
last-modified: Sat, 28 Sep 2013 07:26:19 GMT
server: Apache
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
x-varnish: 76110677 65129346
cache-control: s-maxage=31536000, max-age=31536000
x-server: v08
accept-ranges: bytes
expires: Fri, 25 Nov 2022 18:31:21 GMT

GET
H2 200 rain_snow.svg
static.ksl.com/images/weather/New2013/SVG/ 8 KB
3 KB 141ms
141ms Image
image/svg+xml 64.147.131.160
DDMINC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ksl.com/images/weather/New2013/SVG/rain_snow.svg

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.147.131.160 Salt Lake City, United States, ASN11319 (DDMINC, US),

Reverse DNS

img.bonnint.net

Software

Apache /

Resource Hash

2d0ed89b05ae0f532c44a3cf820f4f31118b60e5a750c42f9a150705112f7657

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:01:01 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.1)
age: 1425
x-cache: img02 Hit from varnish
content-length: 3212
last-modified: Sat, 28 Sep 2013 07:26:19 GMT
server: Apache
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
x-varnish: 76110678 76222161
cache-control: s-maxage=31536000, max-age=31536000
x-server: v02
accept-ranges: bytes
expires: Fri, 25 Nov 2022 22:01:01 GMT

GET
H2 200 s.js Show response
cdn.siftscience.com/ 61 KB
20 KB 123ms
16ms Script
application/javascript 34.96.67.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.siftscience.com/s.js
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.67.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:20:30 GMT
content-encoding: gzip
age: 47057
x-guploader-uploadid: ADPycds-NlwN3U7bcKYiI89CJ5zdzhLVr5FpLkX8ctyibHdlXLJp6DGV4NXKs5c-tE9pwrh8eY1QSisCQtfB0hqOPDktDA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20452
last-modified: Thu, 09 Apr 2020 21:59:13 GMT
server: UploadServer
etag: "07cb8203158abb26b3c18318350e7b36"
vary: Accept-Encoding
x-goog-generation: 1586469553682331
x-goog-hash: crc32c=fIrBTA==, md5=B8uCAxWKuyazwYMYNQ57Ng==
content-type: application/javascript
cache-control: public, max-age=86400
x-goog-stored-content-length: 20452
accept-ranges: bytes
expires: Thu, 27 Oct 2022 09:20:30 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame A369 200 B
1 KB 20ms
18ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ksl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2506
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 26 Oct 2022 21:43:47 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Tue, 18 Oct 2022 00:21:58 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-id: o0ztYlanZooOCHcQTrclVWBA3U3vOAJ1X4Gb4bUVB0yXms2ugwB63w==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 91ms
31ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102001&st=env

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f3b3578690d40304bf10e306cb338fa2ada8a77453191606be2318a344a99f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11184
x-xss-protection: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A369 0
570 B 539ms
178ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 26 Oct 2022 22:24:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 5
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A369 0
571 B 538ms
177ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 26 Oct 2022 22:24:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 5
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A369 526 B
1 KB 18ms
17ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 26 Oct 2022 21:43:56 GMT
x-content-type-options: nosniff
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2505
x-cache: Hit from cloudfront
content-length: 526
last-modified: Tue, 18 Oct 2022 00:21:57 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Q36nTkqAWmpLkI_TLJBNj0xLcciUcVrb3gjT6p6W84FqBZbQT5Q4MQ==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame F59D 930 B
1 KB 61ms
16ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 164
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 26 Oct 2022 22:24:47 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 110
x-content-type-options: nosniff
x-request-id: 829b347c-e8fd-4ca5-bc19-2195ca344cce
x-served-by: cache-hhn4050-HHN
x-timer: S1666823087.300769,VS0,VE0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 554ms
519ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 22:24:47 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame F59D 0
344 B 447ms
179ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 22:24:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 7
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame F59D 86 KB
16 KB 16ms
15ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 26 Oct 2022 22:24:47 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 165
x-cache: HIT
content-length: 16031
x-request-id: ed1a90f8-977c-4de3-bc0f-1c1fb0ac73ba
x-served-by: cache-hhn4050-HHN
server: Fastly
x-timer: S1666823087.324911,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 111

GET
H2 200 144326.gif
hexagon-analytics.com/images/ 43 B
297 B 170ms
109ms Image
image/gif 34.102.232.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/144326.gif?bk=46e0e4c3e4&tm=39&r=765361010&v=105&cs=UTF-8&h=www.ksl.com&l=en-US&S=f6fc1c8de1dcc2fe70fb39af722985c8&ui=0&uu=f17a36b1ab31f7906aabfa0730a7d61&t=Iran%20says%20it%20will%20sue%20US%2C%20alleging%20%27di&u=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50500779%2Firan-says-it-will-sue-us-alleging-direct-involvement-in-protests&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 22:24:47 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame F59D 156 B
523 B 535ms
177ms XHR
application/json 35.81.202.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.81.202.99 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-81-202-99.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e27e356d232cb6ddc56dffc22982c95d398e3b394a69022d267c7705a3126f64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 26 Oct 2022 22:24:47 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H/1.1 401
Unauthorized user Show response
messages-microservice.ksl.com/ 0
368 B 599ms
147ms Fetch 64.147.130.148
DDMINC

General

Check archive.org

Show headers Download Go to

Full URL: https://messages-microservice.ksl.com/user
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.147.130.148 Salt Lake City, United States, ASN11319 (DDMINC, US),
Reverse DNS: messages-microservice.ksl.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 22:24:47 GMT
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, DELETE, PUT, PATCH, OPTIONS
Access-Control-Allow-Origin: https://www.ksl.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, X-Requested-With
Keep-Alive: timeout=5

GET
H2 200 getstylesettings Show response
app.protectsubrev.com/api/ 2 KB
781 B 23ms
23ms Fetch
application/json 2606:4700:20::ac43:4591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.protectsubrev.com/api/getstylesettings?id=rc-CfZeub&v=0
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / RCW02
Resource Hash: c7d2c0791ad181a85f3590f792a95ed07df8b248146bf42a6eb032ea370fdb17

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ksl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 Oct 2022 22:24:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 172
x-powered-by: RCW02
last-modified: Wed, 26 Oct 2022 22:21:55 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yc4YqZtofqt87bRhatbz73Ad33CI%2FOdxKYxRtPPjHuQD6TEczvkum7gqk60YYv4rh0OIpYH8lxNIqh4AdhHenjbuBEhfOvLTcJYDNOQ7BXT2B371wgACtoULRbEQ2b2spcRDu42x43EOFbdHTBk5VKKr7A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=172800
access-control-allow-credentials: true
x-ratelimit-limit: 150
cf-ray: 76069aa9ce44bbce-FRA
access-control-allow-headers: *, Authorization, Origin, X-Requested-With, Content-Type, Range
x-ratelimit-remaining: 149
expires: Fri, 28 Oct 2022 22:21:55 GMT

OPTIONS
H2 200 getstylesettings
app.protectsubrev.com/api/ Frame 0
0 159ms
159ms Preflight
text/html 2606:4700:20::ac43:4591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.protectsubrev.com/api/getstylesettings?id=rc-CfZeub&v=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / RCW02
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.ksl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *, Authorization, Origin, X-Requested-With, Content-Type, Range
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
allow: GET,HEAD
cache-control: no-cache, private max-age=600
cf-cache-status: DYNAMIC
cf-ray: 76069aa8cbfdbbce-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 26 Oct 2022 22:24:47 GMT
expires: Wed, 26 Oct 2022 22:34:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atU3dfOCbf2GNtNE6moqiRg8Mje4vNh%2Fla0r%2BP33tj%2FiJBo%2FwHsJOnApvoVxpsE0%2FFqGfM%2BgYObGyH8o5ZttIF4Ub2aMJnYd0%2BHdaDjTA2gTfDxcEIcN3QS0Uho8cpV731sQm7VwzxALSnedtuyEgc0l4g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
x-powered-by: RCW02

GET
H2 200 b-7467d3d-a5555407.js Show response
tagan.adlightning.com/deseretdigital/ Frame F7EA 82 KB
31 KB 21ms
21ms Script
application/javascript 108.157.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-6.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16eb3534055e2d58d7a4d02d4e40e5b04274ea3f490a343ba2be6572f65655eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 17:30:07 GMT
content-encoding: gzip
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
x-amz-version-id: 5etEKaoZp06WW1IO_D7voVR4xhLGO0Bn
x-amz-cf-pop: DUS51-P2
age: 15656081
x-cache: Hit from cloudfront
content-length: 31167
x-amz-meta-git_commit: 7467d3d
last-modified: Thu, 28 Apr 2022 17:29:35 GMT
server: AmazonS3
etag: "9bae072ef13568f983b9b88c933f1d70"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ykWCnXpzso_a04HWrmLNatb2Y8jjWAjHSADIE6YCG6ED-BsB_l5T8A==

GET
H3 200 9885104567730443201
tpc.googlesyndication.com/simgad/ Frame F7EA 102 KB
102 KB 18ms
18ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9885104567730443201

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe7fcad93d5e528dcade9448ff76392d7f1ba32580f75a7c0985249bf4f5e66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 23:04:56 GMT
x-content-type-options: nosniff
age: 83991
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104694
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 19:33:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Oct 2023 23:04:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/ Frame F7EA 23 KB
9 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 21:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 21:12:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame F7EA 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 19:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 19:25:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F7EA 0
0 58ms
23ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT3Sx7pySLJi1QzjbW45rTRXov48reqW4ekgtlFFvXTV9bReg7RVX2JFX8MZ6NijK4foJ_y
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F7EA 152 KB
46 KB 57ms
24ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 22:24:47 GMT

GET
H3 200 container.html Show response
1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4C00 6 KB
3 KB 50ms
16ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ksl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 22:24:46 GMT
expires: Thu, 26 Oct 2023 22:24:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 b-7467d3d-a5555407.js Show response
tagan.adlightning.com/deseretdigital/ Frame 821C 82 KB
31 KB 21ms
21ms Script
application/javascript 108.157.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-6.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16eb3534055e2d58d7a4d02d4e40e5b04274ea3f490a343ba2be6572f65655eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 17:30:07 GMT
content-encoding: gzip
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
x-amz-version-id: 5etEKaoZp06WW1IO_D7voVR4xhLGO0Bn
x-amz-cf-pop: DUS51-P2
age: 15656081
x-cache: Hit from cloudfront
content-length: 31167
x-amz-meta-git_commit: 7467d3d
last-modified: Thu, 28 Apr 2022 17:29:35 GMT
server: AmazonS3
etag: "9bae072ef13568f983b9b88c933f1d70"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: J0ppY15e2gy8-Eqvvr5DiL_NtEin7VS_Q-OakhfsPe7QAdqdKl77uw==

GET
H3 200 17442394245401891803
tpc.googlesyndication.com/simgad/ Frame 821C 96 KB
97 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17442394245401891803

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7dd164aaa9d160d282f9f599dbce8172195015768578991461dffa9cf8ba9fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:21:09 GMT
x-content-type-options: nosniff
age: 165818
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98774
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 18:29:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Oct 2023 00:21:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/ Frame 821C 23 KB
9 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 21:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 21:12:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 821C 3 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 19:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 19:25:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 821C 152 KB
46 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 22:24:47 GMT

GET
H2 200 b-7467d3d-a5555407.js Show response
tagan.adlightning.com/deseretdigital/ Frame CAC8 82 KB
31 KB 22ms
21ms Script
application/javascript 108.157.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-6.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16eb3534055e2d58d7a4d02d4e40e5b04274ea3f490a343ba2be6572f65655eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 17:30:07 GMT
content-encoding: gzip
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
x-amz-version-id: 5etEKaoZp06WW1IO_D7voVR4xhLGO0Bn
x-amz-cf-pop: DUS51-P2
age: 15656081
x-cache: Hit from cloudfront
content-length: 31167
x-amz-meta-git_commit: 7467d3d
last-modified: Thu, 28 Apr 2022 17:29:35 GMT
server: AmazonS3
etag: "9bae072ef13568f983b9b88c933f1d70"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: EeKNb8l9SZkGpC4ZtVqB2t5FDrAL4qawrFrmTgpOpIfrfkpEkZrJpg==

GET
H3 200 720429565623320276
tpc.googlesyndication.com/simgad/ Frame CAC8 10 KB
10 KB 18ms
17ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/720429565623320276

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8746ac90a3da990f0766e8ef912ad5571c257126b93a16ac4d8191e698601d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 01:50:28 GMT
x-content-type-options: nosniff
age: 506059
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10370
x-xss-protection: 0
last-modified: Mon, 26 Oct 2020 19:50:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Oct 2023 01:50:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/ Frame CAC8 23 KB
9 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 21:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 21:12:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame CAC8 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 19:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 19:25:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CAC8 0
0 24ms
23ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHY9UoyeYLSofmHQPLH0780Ybr4JZMQue8hdSJ9ylmVr6W9ZdOTmYRHwZ1W4tZTEBIyOAy
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CAC8 152 KB
46 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 22:24:47 GMT

HEAD
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 78ms
46ms Fetch
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55260
x-xss-protection: 0
server: cafe
etag: 15637645489387565933
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 22:24:47 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F7EA 0
0 53ms
52ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3bJ4csnoGuiFpYQ8j8BEWBrhRXRSFBZtvnTweFPifxxHRV_v1DEY7WsX0jHr4ArkX_HqEL1HBQpXDV_swLnIq_5RXu3VxNsZQrJz72-pLtTMphC2AifRukzat-fC3n31Deo7-UsroEEOJTdSZ_0V5oVBfszWnBzCn2hJlzZN1rEDdGmqBQMt0FdqkS7d4mLIc8moVkOhyGrQ0Y-r5Bej6pMS7eKyrHIcpoefmHavhDeRnJC-0DkJfohXeE0KlKO5kh5OcO53ab8-aHIZvbQQCG9zVRlJxWDmR95GygoDaLid_FiN2hzG_1aGWRaGW7T7Sp04pbSG4Xa9AdtaEGNH9&sai=AMfl-YQD8CvBNXhWB_V1UqVWlsc6i3CQ6o-jUXJkwHa5HFjlhai1tGdL8WFXCjJNiQqHdA1GyUC-7UUJny-OSr8dAyt3O5GUPNT-NtMKu7nI8SBsRiwCJpcZiYv81U7vtV-z_AEEjg&sig=Cg0ArKJSzEk700uO5fVFEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Oct 2022 22:24:48 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 821C 0
0 52ms
52ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBadVINJ3kU674RAFA8VOqcOcTBl4JIphMjgCvtgyvXXdhAJnO1eYAFjbSgWBnW34rCbGXsL5_XdSJleH5O6Agev6rGT9DpNv84cFafnDJkpA4UQ7Gr9IXnGmXVSz3PBGcqkfm-zCQkMM-R2YBs3MpTEneNeMpcGoKgfHZx1PpH0jema2ufvn6Fp9NGXQU4DDpnL6FpYeY9WApY-8X-VP8eQwS6INVZB9Lf2Vqo2OpyUnp4UwHuQdDCOBm0vDx-P6QUJIOU9jyGbvh4S4yKXHFmVggawetB7A3d_4fWkYJdF2BPtdmKLuphmcgLIHw5y8MeA&sai=AMfl-YSDty-aEiWhttMFSuq2q-JlRb5BGxi11s61otCqhlE_Beof833qsRAlnSMvtPz9WONaJyNawejZlR61_-SFQvW0wOMhZ26K-MLOnQMZ2tNf-MECu_QRFtTV4snk5Pokhecq3A&sig=Cg0ArKJSzKzv5y2yiOOXEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 bl-8db6969-a8bd1e12.js Show response
tagan.adlightning.com/deseretdigital/ Frame 4C00 49 KB
21 KB 27ms
26ms Script
application/javascript 108.157.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/bl-8db6969-a8bd1e12.js
Requested by: Host: 1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com
URL: https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-6.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 906912f63ed9b23084a272f9c7834b906fc166e315c7ff61d03d0ad0ef182042

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 18:43:21 GMT
content-encoding: gzip
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
x-amz-version-id: 63wefePUxFdzA2WO4t5Q6fm6cp.WIZT5
x-amz-cf-pop: DUS51-P2
age: 13288
x-cache: Hit from cloudfront
content-length: 21076
x-amz-meta-git_commit: 8db6969
last-modified: Wed, 26 Oct 2022 18:42:36 GMT
server: AmazonS3
etag: "2a26992e5e5f4e45cf7a03bf045a55e6"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: rqI15AaVfI7wmyKZc-sJtJYBz3lu-ki4XmoZBPDAYj_FLsChBjVAUA==

GET
H2 200 b-7467d3d-a5555407.js Show response
tagan.adlightning.com/deseretdigital/ Frame 4C00 82 KB
31 KB 25ms
24ms Script
application/javascript 108.157.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js
Requested by: Host: 1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com
URL: https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-6.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16eb3534055e2d58d7a4d02d4e40e5b04274ea3f490a343ba2be6572f65655eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 17:30:07 GMT
content-encoding: gzip
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
x-amz-version-id: 5etEKaoZp06WW1IO_D7voVR4xhLGO0Bn
x-amz-cf-pop: DUS51-P2
age: 15656082
x-cache: Hit from cloudfront
content-length: 31167
x-amz-meta-git_commit: 7467d3d
last-modified: Thu, 28 Apr 2022 17:29:35 GMT
server: AmazonS3
etag: "9bae072ef13568f983b9b88c933f1d70"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: dEferlyPipe0_TcECIk1xa6yASOd8_sa61JTG8yXG6hQctE0fFi4uA==

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/ Frame 4C00 23 KB
9 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/abg_lite_fy2021.js

Requested by

Host: 1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com
URL: https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 21:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 21:12:12 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4C00 22 KB
7 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com
URL: https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 03:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501447
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 21 Oct 2023 03:07:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C00 152 KB
46 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com
URL: https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 22:24:48 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 177 KB
44 KB 81ms
17ms Fetch
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:17:00 GMT
content-encoding: gzip
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
last-modified: Wed, 26 Oct 2022 19:24:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 469
etag: W/"95738dd931cd70a132d12a456f44b79f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: OHYU-aVQ-7mn9pFc-yId8-lrhoJPo07U_NksSbeomEk6rORa-ZBKvw==

GET
H2 204 r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 0
106 B 25ms
17ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=1&c=2719&i=6rq589&p=ksl-com&s=15628&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTg0IiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI2cnE1ODkiLCJwYWNrZXQiOjEsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APIeaHR0cHM6Ly9kM25qZ3JxNHV2YjQ5Ny5jbG91ZGZyb250Lm5ldC92aWRlb2pzCADwDy5taW4uanMiLCJ0eXBlIjoic2NyaXB0Iiwic3RhcqYAwDY2NjgyMzA4NTU0NpQARmQiOjEUAJA4OCwic291cmM8ADFtdXSLAKJPYnNlcnZlckNMSAChdHVzIjoibG9hZMAAQGFzb26_ANRdLCJkYXRhUGF0dGVyEgCzbGlzdCI6W10sImlqAL82OTQ5MDU2MzZ9LPEABfIVbmV4dXMuZW5zaWdodGVuLmNvbS9kZXNlcmV0ZGlnaXRhbC9rlgETL5oA8BZvbXBvbmVudC5waHA_bmFtZXNwYWNlPUJvb3RzdHJhcHBlciZzzgAwY0pz2AEfPWMAGGNjb2RlLyYVAvAVZWRPbj1Nb24lMjBPY3QlMjAyNCUyMDE5OjUxOjU5JTIwR01UFgBSMDIyJkNYAiBEPVcCgSZQYWdlSUQ91QHwASUzQSUyRiUyRnd3dy5rc2ziAPA8JTJGYXJ0aWNsZSUyRjUwNTAwNzc5JTJGaXJhbi1zYXlzLWl0LXdpbGwtc3VlLXVzLWFsbGVnaW5nLWRpcmVjdC1pbnZvbHZlbWVuDABRLXByb3RZAg8MAhA-NDY3DAInOTAMAs9pbnNlcnRCZWZvcmUGAjCvNzQyMDA4MDczNwYC_3ofORIEAAkGAg8SBEIEDAIfNhIECPACaW1hc2RrLmdvb2dsZWFwaXMyA3AvanMvc2RriQR_ZXIvaW1hM_sEFS04Oe8CNzY0Ne8CD-kAQo81NzQ5NTc3M-kACQ_sBRjvanMtY29udHJpYi1hZHP7ABQB5wAjZW6MBQIKBj82NDf7AE2vODcyMDcyODc1NfADBw_7ABpPLmltYe0GGAHjAA33AA_tBk6fNzg5MjQ0NzY29wA1by1zaGFyZfkAGh446wIYNdoFD-sCQ580NTkyNTg4MzHwAQcCkAcE_wYAwAP2CWdlcy9hdXRvcGxheV9pY29uX2xnLnBuZ88IIGltDQANzAgQNtIADN8BLzYy1gJNrzU1NDIwOTUyMzLmABZCamF2YZQJ0C9yZWFjdC5wcm9kdWPyCQ_WARkuNTTWAS82M_AATWA3NTk3NTi7Bw_wAAcA0ggCpwWhdGFnbWFuYWdlcq0F9hRndG0uanM_aWQ9R1RNLVRWTFo1WiZsPWtzbERhdGFMYXllcugBAiMBAmkICrcKHzb7AAA_NzY2-wBNnzQ5MTA2MzMyMqUGCJFqcy5zdHJpcGXwAD92My_QABEuNzd1BwEUAAWHC4lpbm5lckhUTX4Lb2FsbG93ZYELIZ80NzYwODU4MTiUBAhxdGFnLmR1cv4LUW1lZGlhagzQc2l0ZXMvMTExNTkvZM0BD-AAEw5bCig3N3EGD-AAPK83MzM2Njg1NDIzpQIHYHByZWJpZDYHgXJldmNhdGNoswEAEQAPPQ0TLjc3VwUBFAAPtgFFrzY4ODc0MTg1NTDWAAcPUQUD8A13ZWF0aGVyL05ldzIwMTMvU1ZHL3N1bm55LnN2TQUDKQ4PWgUEPTUyNWoEPzgwMW8DTZ82NzEzODQyOTTFAQgL7wAMWgVPLWRvbV4FJB42XgUvODAfCk6fNjc3OTQxNzM1NAcIc3JlZ2lvbjEJC5ItYW5hbHl0aWMPC_AAZy9jb2xsZWN0P3Y9MiZ0agXwHC1KVzg5REw3VDVEJmd0bT0yb2VhcTAmX3A9MjAzOTA5NzE3MyZjaWQ9NjGwB0U2NDguDhDwETYmdWw9ZW4tdXMmc3I9MTYwMHgxMjAwJnVhYT0mdWFiBQAwZnZsBwAwbWI9GAAQbQwAEXAFABB2BgDVdz0wJl9zPTEmc2lkPVgAUDUmc2N0FQB_ZWc9MCZkbBMPX3AmZHQ9SXJhxQ8AWQ9AJTIwacsPAF0P9AIlMjBzdWUlMjBVUyUyQyUyMGYPYiUyMCUyN2sPADEAFW5tDzElMjcRADQlMjB0DwAtABA3PgAwS1NMWgTwCSZlbj1wYWdlX3ZpZXcmX2Z2PTEmX25zaQcAEHMhAdBlcC5SYW5kb21fU2VzsxI3X0lEMgHwNjc3MS5qZm0ycGFnaCZlcC5Mb2NhbF9UaW1lc3RhbXA9MjAyMi0xMC0yNlQyMiUzQTI0JTNBNDUuNzcxJTJCMDAlM0EwMDkAAIUQT19VUkx0AWAA4wCAZWZlcnJlcj2LAKBIb3N0X05hbWU9MwgDBREAGQCyQ29udGFpbmVyX1a_Ezc9NTZqBp9lbmRCZWFjb24eCAE-ODUxrwQAFAAFmAXyA1NFTkRCRUFDT05fTUFOQUdFUkgAAtUSD1cHJ584Nzc0OTE0NTQhCAgA6QAPHAkEM2FnLx0JCLMDCh8JVyZjeD1jCgEP2xMGLjc34A4oODUPCw_PET2POTI2OTY0MTkJCwgP_QBWHziyBgAJ_QAP8gxCFDcDAR84oQcHD-IOC1BhcHAtLdgUTzdkNDfPDxQuODBeCS84N6sGTq84NDQ0ODUyNzM57QBbDnUJD-0ACxhB3AMAKBIPsRYgBOwAHzR6CQgG3AILkwcGoQcPWAoULjgywAQJlRcPugM8jzgxMTgzODQzqQ8JD94AOA-bAwAJ3gAPmwNCBeQAHzSuAgcPvA02KDkxXREPrgE8D7wNEQ_KACMeOPMKCsoAD5oBQgTQAB855wsID4wOTCg5MTwQD7ABPA-MDhEP4AA5D8YBAgjgAA_GAUIE5gAfMyIFCA9yD0IoOTHCFQ-8ATwPcg8RD9YALw-yAQII1gAPsgFCBdwAD60KCC9iZQMSAQF0CgBKBzBlZD8QEjFJZD0REgaXCgPRHgJ6Bwq8Ey45Mq4IARQABZ4Lf1JFUVVFU1SbCzufNTMxNDEwMTUwmwkIA00QcHJ1YnlibHW0DTAvdHLaHx9yigkUHzfKAQEYM3QLAIYeYG5kQ2hpbLcTAHEAD0gfKZ84MTA3NDYwOTHHEwgAZAA_aWMu1QApDrEHGTnVAA-fAkIF3AAPnwIIAJUIAzUO8AcvYXBpLzIwMTcvbWVtYmVyL2FjdGl2px4D3BJfZmV0Y2iRAgIAJBgLOBgQORQABZECX0ZFVENIjwI7nzQ4Njk0MDAyMLoBCA_eAAmgcmVhdXRoL2NvbUsiB-whD-cAe583MDk2MDUzNTgkDAgP5wACBNkAZC9tZXRhLwohBmEED-cACB0zPQsZORYZD84BQJ84MjQ4NzAzMDLOAQgP-A0LAQga8xQvZmQ4MGU5M2Y1ZDk0NjIzOTk0NTdjYjAwYTBiMjY1YzMtQ_ABDycaGC84NxEBDQ-_A0IwNjQz7x0fMxMBgw_pCgAJJAIMEwEPRA4xBRIBD9EECACtBfEAcy5nLmRvdWJsZWNsaWNrdhkVatYVgHQ9ZGMmYWlwNhRBcj0zJkYUUXY9ajk47RUwVUEtYx9vNzIwNC0y1RUHMGppZDAUkDQ1NjQ5MzgmZxAA0TEyMjIxMzQ5NTgmX2esFXgxOTEzNDEyDhbAX3U9YUNEQWdFQWpBAQCARUFFS34mej0rAFAxNTgwMmAnA3IFIHhozRsNqB0fOSUHAQAUAAVwBT9YSFJuBTxANzc5OK0QD2MMCA97Af9pAAIGAhMVCzoR_wJwbHVnaW5zL3VhL2xpbmtpZIgJFD44ODAFBgATFAVjAg8oDD2PMzI5NTUxODj8FBIP5gA2D0oLAAnmAAzHBA-9KTME7AAP1AcINWltZ9QhgXNsYy8yODg5BQAjNjIHANAxNC5qcGc_ZmlsdGVyASD3BnYyL3Jlc3BvbnNpdmVfdG9wcGlja9kID5wcBR40LRMfOQUBT584MTA0MzE4MzAFAXQP5AcADwUBVx8x9A8I0WNkbi5tb3VzZWZsb3dTDf8ecHJvamVjdHMvNWI0ZGUxMTAtYmMzZi00MGFhLTg3NTEtYzMxNzZiYmY4N2Q18QMULzc30gcAGDmiHg_xAzyfNzU5MzUxNDY1TxQID_sAVAA7Bwy_DAn7AA8GBEIEAQEfNgEBCJBzZWN1cmVwdWJUIQ7VCAANHfgEYWQvcHB1Yl9jb25maWc_aXBwZAscBvELD00IAy42MJsgAhQABeoFD00IPo82MDg4ODQ0MsIpCQ_6AFINNCQ4NjAy6BMP-gBHD7EtCPEDaGJvcGVuYmlkLnB1Ym1hdGlj9QOydHJhbnNsYXRvcj-aARI9NxMSLXgxD-gBDx0zhRA_NjAz7gBKnzcxMDgyNzY5MoshCA_uAEYP3AEAD-4AVA_CCAgAxwMBbDEgbm_hAQCSMd9hZHJlcT9jYj00NDYyxgEQDb0bODYwM-oUD7QCPp83MjY1MTk2MjOoBAgP2ABEFzkhJQ_YAGIDLzNwLnRlY2hub8onAsgnALkBAKYDhHJ0Yi9iaWRzWDNDP3NyY5gDEl-fA1FfNC4xNjQ1D9QNCj02MDRxCwIUAALtAz8iOiIBAT-PMTkyOTM2OTafAwgPAQHuBloNMHRhZ7sDMmljZSgmEXRtIk8vZ3B0YwkUAWUfCmgIC-MBDGgIDzURMZ83NDIzNzEwMDJoCwiQdGFnYW4uYWRsKjZBbmluZ3IGA_wBBCw2L29w6AAWDVEMODYwNqQED0sKPJ81NDI1OTg3NzUYEggP4wA9D00HAAnjAAzLAQ85DjIF6QAPzAEIABQKEHOyKRB0IwxRdWJyZXbOAU8_bmV3XwYPDkctIDYwFAAPhgRHnzY0NzUwODE5OF8GCA_UACwN5Q8pNjA7LQ9aBT4F1AAPzhYIM3RwY4AqcXN5bmRpY2G9MABZBvYMc2ltZ2FkLzE2MDIwNzY0NzQ2MzI3MDMxODQzwQEPzQ8DAtkADGQEAGYtBcEBDyguPX8xNTU1MTkynDMJBkQFAYoCoWFkcy9tZWFzdXJmOVAvbD9lYj0rT2VmbWvhABAPAQkAD-EASdA1NTI1NjMyNTcxfV19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:48 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 26 Oct 2022 22:24:47 GMT

GET
H2 204 r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 0
106 B 23ms
16ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=2&c=2719&i=6rq589&p=ksl-com&s=15492&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTg0IiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI2cnE1ODkiLCJwYWNrZXQiOjEsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0AP1gaHR0cHM6Ly93d3cuZ29vZ2xldGFnc2VydmljZXMuY29tL2FjdGl2ZXZpZXcvanMvY3VycmVudC9yeF9saWRhci5qcyIsInR5cGUiOiJzY3JpcHQiLCJzdGFydCI6MTY2NjgyMzA4NjA3OCwiZW5kFABQc291cmM8AJJpbm5lckhUTUw_ANF0dXMiOiJhbGxvd2VkwwBAYXNvbsIA1F0sImRhdGFQYXR0ZXISAMJsaXN0IjpbXSwiaWRkAL81MDI4MTUwMzV9LPQABfECYXBwLnByb3RlY3RzdWJyZXbwAP8TY2F0Y2hfcnAuanM_Y2I9MC4xNDg3MDQzNTgwMjg3NjQzNvEAEEA1OTE3jgEDjQADBQFFODAsIvEAoGFwcGVuZENoaWzgADJzdGHzADBsb2EQAC9yZfAAHJ84NTc2NDY1NjPwAGUP4QEACfAAMW11dHUCIE9iXwI5ZXJD6gEP9wAtHzT3AAdxaW1nLmtzbN0BgXNsYy8yODk5BQAjMTcHAPYYMDYuanBnP2ZpbHRlcj1rc2x2Mi9yZXNwb25zaXZlX3RvcHBpY2tz-AEyaW1npwIJ5gJPNTU0MfUBABc19QEPBQFCrzg1MTk5NTU2NTAFAXMfMgUBah8xBQFzHzMFAWofMgUBGRA4DwNwODkxMC8yOAcALzQ1DwM1DwoCYq80OTM0NDI4OTY3BQFzHzQKAmEFBQEfOQUBB_ECdGFnYW4uYWRsaWdodG5pbmcjBf8UZGVzZXJldGRpZ2l0YWwvYmwtOGRiNjk2OS1hOGJkMWUxMi70BxQeNgMHEDEXBwUDB8JpbnNlcnRCZWZvcmVQBQ8EByqfODA4NjA5MTY4_gIID_QATg4HBwr0AA8CBkME-gAP_gcIVW1lZGlhCQfwAHdlYXRoZXItMzAweDE2OPEDD98GDj02NTDLAj8xMzLfBk2fNDgwNTI4ODM22gUID9cBE_8CLTc0NjdkM2QtYTU1NTU0MDfKAhYdNvkANzI0M_kAD8oCPJ83OTYzNjQ1MDHKAi4P8wAnDskCCvMAD8kCQgX5AA_QCQjyFHNlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9ncHQvHQD_AV9pbXBsXzIwMjIxMDIwMDHuARUeMrwHKDI55wIPuws8AGEMTzkyOTP0AGoP4gIACfQAD-8BQhQ2-wAPqwcIBpoOAZ8GsGFkcy9tZWFzdXJl5g7fL2w_ZWJjaWQ9ZWZta8IEDU42MDc5yQMP5wAYX2Vycm9yjg4gnzU1MjU2MzI1N9ADCSNwY4IPYXN5bmRpYy0NAfMA_wxzaW1nYWQvMTYwMjA3NjQ3NDYzMjcwMzE4NDPyAE4PmA0kjzcxNTU1MTkyhAkJhW5ld3MtYXBplAYzdjEvlwayL2dldEhlYWRlcleoBgboACB4aIEBHHNhEC4zMrAEARQABW0IuFhIUl9NQU5BR0VSbAgPYxAnnzc3NDgwNDM3MXUHCA_kANEAoQMEYA_zAGFwaS8yMDE3L21lbWJlcj0SBr4BUmZldGNofwEJOw8-NjMymgMBFAAFwAFfRkVUQ0jCATt_NDg2OTQwMJcDCgCZESVpY6QCRmtzbC0bECEtaKUCEC8WAAILAA9kBhM-NTg3ZAYoMzMfEgxwBRJBNgEPIQsqEDZKCT8wMTMVEwkL8ABlaW1hZ2VzmAPwBU5ldzIwMTMvU1ZHL3N1bm55LnN2CxESdAEUDxgRAz42MzIYERkzOQoPUgc8jzcxMzg0Mzcz_QwIDxYSABA4DxIgODkHD2A5ODkwMzQWCw8WEgZ_c3RvcnlfbP4ADk01NTM1dQY3MzU4PgoM7AEPGxMynzcyMDM4NDAzNnQGCA8FAVkOYQgPBQFZD6QFCADABAX7FnFtYW5hZ2VyeAcwZ3RtBRbyAmlkPUdUTS1OS01RVkdRJmw96gOARGF0YUxheWWPBgP_Ag8AFwcuMzE7DTczNzYEAg9CDDyPNjIxODI2NjIQFgkP-QBSANUEGmX5Fwr5AA_9AkIE_wAfOPgBCAvqBCBtLcYFQG1lc3PyBIItdHdpbGlvLbgZFC8XAA_fBRM-NjMx8QQ3NDU07wEP8QQ8jzE5NDYzMzYwAhYID-8ASg7pEw_vAFIPEhAID-8ASQ_UAgAK7wAP1AJDA-UBHzHWBgggY28NHFItY2RuLgsAMXByb8wEQGNvbnO4G_8WNDIyMjU3ODgtNmZiMS00MzhkLTkxYTAtMGRhMzJjNzcxZmU4LyUAEVYuanNvbtkJD5cLBC40N_4UKDQ3EhkPlws_nzY2NDY2NjU0OPoUBwIcAQ8nAXkOIwgPJwFVD04CIQLpBv8EdGVtcGxhdGVzL290U0RLU3R1YiAFFR447gs3NDc3IAV_cmVwbGFjZR8dN38yMzkxMDQ4FQIhD-4ALh45_QcK7gAPMARDEzj0AA_iAWIfOQIHAAniAQ_0AEofOQkHCA_9AzP7GDJiZjY1Y2MzLWFmNDMtNDYxNS04NjYwLTU0M2YyYTc2OWRlMS9lbicFDwAPBi41OSALKDU5EgMPAA9BjzkzNDk5OTU5JgkIDy4BBgwWA6A2LjMuMC9vdEJhyiE_U2RrDAQULjU0_AQK-gAPLAk7jzg2NDI4Mjc4jBMJD_UAUA_vAQ0P9QBED-oBaw4RHArqAQ8UBEIF8QEPYBcID_EBHFBhc3NldPcGT0ZsYXTjAxUuNjP_ACg2MwgQD-MDQJ83ODk1MjI2MTcRBSEP4wMDBf0Af1BjUGFuZWwAARcO9Qc3NjM59QcPAAFArzgzMzQwMDI3NTYOCgcPURoN8AJhbXBhZC9hZHM_cHZzaWQ9Mu4FANwW9T41ODA1MTA2JmNvcnJlbGF0b3I9NDQwOTUxMzk3NDg0NTYzMCZlaWQ9NDQ3NzUzMTkmb3V0cHV0PWxkamgmZ2RmcF9yZXE9MSZ2cmc9MqcagCZwdHQ9MTcmvhrwCj1maWZzJml1X3BhcnRzPTY2ODYlMkNkZG2RFP8jJTJDTmV3cyUyQ1UuUy4mZW5jX3ByZXZfaXVzPSUyRjAlMkYxJTJGMiUyRiUyRjMlMkMWAEITJnUA8AJfc3pzPTcyOHg5MCU3Qzk3MAkAwDJDNjIweDMwMCUyQ2weKDI1CgARNxQAGTYeAAUUAPAUJmlmaT0xJmFka3M9MjU0MDMxMjI3OSUyQzI4MzM5NTE4NzVVAPAGNDM2Njg4NTExJTJDMTE4NDQ1ODc27QAEDQDSNTYmc2Z2PTEtMC0zOK0A8gFzY3A9cG9zJTNEdG9wJTdDDADVYXJ0aWNsZWJvdHRvbRYAZWlubGluZQ8AEHItIQoOAGAyJmN1c3SjAYBhbXM9diUzRPcXUCUyNmNjDAAByRkgYWwwFGNpZXMlMjZoAMAtaWQlM0Q1MDUwMDfYAHI2cHQlM0RBhQDxACUyNnN0Y2ElM0Rnb3ZlctIpADsA8B11dGhvciUzRGhhbmRlYXRheWFsYW0lMjUyQ2FsaXpha2Fzc2ltYW5kdGFyYdUoU2FtYW5pIgCRY25uJTI2cGFnzikBfgDyA2RzZXd2dW1lM2lpYSZzYz0xJgoFgF9lbmFibGVkgAGWYnhlPTEmZHQ9zyloNzM2JmxtEgA3JmRsDwBgNDk5MSZpMwBwMjgzJmFkeMIBEDmuARExtAEBBgAgOTgMAMA5ODUmYWR5cz0xNTQhADA2NTjJASA0MygCITQ0yQHyDTcyMSZiaXc9MTYwMCZiaWg9MTIwMCZzY3JfeD0IAJB5PTAmYnR2aT17AoAxJTdDMiU3QwwAdDMmdWNpcz0TALAzJTdDNCU3QzUmb8kDgCZ1X2hpcz0yCAACVQAjdV9nADN1X2FoADV1X2EUABBj_gNAJnVfcxoB-whkbWM9OCZiYz0zMSZ1YWNoPVd5SWlMQwQA8R9GdGRMR1poYkhObExHNTFiR3dzSWlJc1cxMHNabUZzYzJWZCZudnQ9MSZ1cmw9kCsyJTNBtAMAohMDWxkzJTJGOAI2JTJGNQLxIUZpcmFuLXNheXMtaXQtd2lsbC1zdWUtdXMtYWxsZWdpbmctZGlyZWN0LWludm9sdjUdQS1pbi35KsBzdHMmZnJtPTIwJnYmAcAmcHN6PTEwODJ4MTArAUA2MTR4sgMgN0MKACEzMtoDBMcDAqkDVDI1MCZtNgAGLAAMCgAONQBAZndzPfIBCQQAMiZvaGwBAAQCAhgEAPUBCg4A9gMmZ2FfdmlkPTYxOTI1ODY0OC6aAgAcAACkBQUSABA3EgAQaO0BkDAzOTA5NzE3MxIAYGZjPXRydXYkA7wVD8EQBC43NFgcARQABZgaD8EQPp84MjQ4NjgwMjKsDggPswb_______8RDmgNKDc0aA0PswZHD2sUCABeG3FkLm9wZW54qCfhdy8xLjAvanN0YWc_bmPbDFAtS1NMX9MMBlgYAoMOAvwgCjIiLjY1Tw8oODDnAA9THTyfNzI1MTk3Mjk0Sw8ID-UAPw5_CArlAA8zEUIF6wAPYRsIIGFkyDMzaWNltiYBZxrAYWRzaWQvaW50ZWdyEA8AQB93ZG9tYWluPcwKD98BES43MlQcD_oAUJ80OTg0NTAyMTjlAQgN-gAgZGUeEA_5ADYOOhcoODIzGw8bFDuPNjM5NDY4NjgqIAkP8gBND-sBAAnyAA_lAkIF-QAPGBQIDyM4BfAKdWdodC9yYy1DZlpldWIvMzIyMzI2MTEyLwA6D1IMCy84OO4AAAAUAA9SDEl_ODYzNDM4MtUCCQ8NOQQP6gDVALoolXJ1bGVzP2lkPdoBBqoED7oZBi44OMsnARQABdABD9cUQNA2MDE2MTkwMzYzfV19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:48 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 26 Oct 2022 22:24:47 GMT

GET
H2 204 r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 0
106 B 23ms
17ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=3&c=2719&i=6rq589&p=ksl-com&s=5881&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTg0IiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI2cnE1ODkiLCJwYWNrZXQiOjEsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APEwaHR0cHM6Ly8xODI4ZDA5NGIxYzUyMTA5YjViYmY0YWQxZWMyZDMwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljRwBVLmNvbS8gAPAILzEtMC0zOC9odG1sL2NvbnRhaW5lci4PALEiLCJ0eXBlIjoiaUsAcCIsInN0YXLZAMA2NjY4MjMwODY3NTHHAEVkIjoxFAChODg0LCJzb3VyYzwAsm5zZXJ0QmVmb3JlQgChdHVzIjoibG9hZO0AQGFzb27sANRdLCJkYXRhUGF0dGVyEgCybGlzdCI6W10sImlkAM83NTM2MTMyODA3fSweAZAfNB4BDDFtdXSVAa9PYnNlcnZlckNMJAE4LzEwJAEH8QRwYWdlcy5wcm90ZWN0c3VicmV2GQIG9QFSZmV0Y2iOAAr0AT05MTbWAAEUAAX0AdJGRVRDSF9NQU5BR0VSQwAC9QFvYWxsb3dl-AEhrzY0NjYzMTIzOTHUAAcQc0wBUWMua3NsywAgaW3kAPYOL3dlYXRoZXIvTmV3MjAxMy9TVkcvcmFpbi5zdmfuACBpbQ0ADeACPDk0OewARzcxMDDgAqBhcHBlbmRDaGls1wAAgwAP3wIqjzEzMjE4MTE3uwEIAGQAH2nnADwvNTDnAGMPzgFdHzjnAGIvNjm1AlsvNTPnAAwMdwQYQaUDD5oFJQS7Ah807QAx_wRuaWdodF9wYXJ0bHlfY2xvdWR5sQOCnzYxMzk2NzkxMvYAaw_AA1wF9gAfNewBMQCOBV9fc25vd-IBgq81MzEwMTgwMDM47ABgD9gBXAXsAA-xBAjxAG1lZGlhLnR3aWxpb2NkbmsHYHNkay9qc0AKAGALAdII8gJzL3JlbGVhc2VzLzIuMS4wLzIARi1jb24kAHYubWluLmpzhwdic2NyaXB0jgQKdggtMzFqCk83MTc4igdGMDUwMS8IPzY3NvcBBw8LAWUfM64HAAkLAQzgBQ9XCjIEEgEfOfUDCABXCj9hZDJ2DATwEWdldGNvbmZpZy9zb2Rhcj9zdj0yMDAmdGlkPWdwdCZ0DwD2ADIyMTAyMDAxJnN0PWVudhsCP3hochgCAD03MTlkC0c3MTk1GAI_WEhSjAo7nzg2NjkxNTM2NgkBfB419gcPCQFUDyQDCAAjBLJzaWZ0c2NpZW5jZS8ED_QDE003MTg30wA3MzIy3AEPfgs7nzgxNjAyMDU3M5cKCA_QACsOgAoK0AAPuQNCBdcAHzLLBAeCanMuc3RyaXChAfEcdjMvbS1vdXRlci0zNDM3YWFkZGNkZjY5MjJkNjIzZTE3MmMyZDZmOTI3OCsQUSN1cmw9nRDEJTNBJTJGJTJGd3d3ig3wPCUyRmFydGljbGUlMkY1MDUwMDc3OSUyRmlyYW4tc2F5cy1pdC13aWxsLXN1ZS11cy1hbGxlZ2luZy1kaXJlY3QtaW52b2x2ZW1lbgwAES22DvACc3RzJnRpdGxlPUlyYW4lMjBJAIAlMjBpdCUyME0AABMA1HVlJTIwVVMlMkMlMjBWAEIlMjAnWQAALwAVblsAEScPADQlMjBgAFAlMjAlNzoAMEtTTLgC8gUmcmVmZXJyZXI9Jm11aWQ9TkEmcwcAANIG8ANpb249NiZwcmV2aWV3PWZhbHPwEA9CEQ0-NzE5zQU_NDAz5AJGnzcwMDMxMTY1ObQDCA8NAv9pDroNCg0CDyEEQgUUAg_3CQogc3NQEWAtbWljcm-uEjRpY2XiA0AvdXNlngcD7gIPOxIFPjc0NaQGARQADzsSSZ83ODYxNTc0ODbWBQg_YXBwDRMA8BVhcGkvZ2V0c3R5bGVzZXR0aW5ncz9pZD1yYy1DZlpldWImdj1DFg_3AA4eN8gGEDQUAA_3AEnQNTk5OTA5NjQ2N31dfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:48 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 26 Oct 2022 22:24:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 23C2 13 KB
5 KB 17ms
15ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ksl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 20:09:05 GMT
expires: Thu, 26 Oct 2023 20:09:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 498C 783 B
535 B 27ms
26ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bbb4d50e0944d96aaf9ebe28d06208a021ab1307665648e300f624d23f2a1420

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9B1l-cXQGwRvTypA7h0DaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ksl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-9B1l-cXQGwRvTypA7h0DaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 22:24:48 GMT
expires: Wed, 26 Oct 2022 22:24:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
15ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2039097173&t=event&ni=true&_s=1&dl=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50500779%2Firan-says-it-will-sue-us-alleging-direct-involvement-in-protests&ul=en-us&de=UTF-8&dt=Iran%20says%20it%20will%20sue%20US%2C%20alleging%20%27direct%20involvement%27%20in%20protests%20%7C%20KSL.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Block&ea=off&_u=aCDAgEAjAAAAAEAEK~&jid=&gjid=&cid=619258648.1666823086&tid=UA-72877204-2&_gid=161913412.1666823086&gtm=2wgaj0TVLZ5Z&cg1=News&cg2=U.S.&cd1=blqzvz7d58d9&cd2=blqzvz7d58d9&cd3=1666823088437.x5q1zy3r&cd5=2022-10-26T22%3A24%3A48.437%2B00%3A00&cd6=1.0&cd7=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50500779%2Firan-says-it-will-sue-us-alleging-direct-involvement-in-protests&cd8=&cd9=www.ksl.com&cd10=GTM-TVLZ5Z&cd11=56&cd12=0&cd13=News&cd14=U.S.&cd16=KSL.com%20-%20News%2FContent&cd17=Content&cd18=Hande%20Atay%20Alam%2C%20Aliza%20Kassim%20and%20Tara%20Subramaniam%2C%20CNN&cd20=50500779&cd23=2022-10-23T18%3A14%3A00-06%3A00&cd24=cnn_wire&cd25=wire&cd26=Article&cd27=government&cd28=traditional&cd31=dsewvume3iia&cd33=not%20specified&cd43=584&cd47=0&cd49=2022-10-23T18%3A14%3A00-06%3A00&cd50=gtdhg75ovh28&cd51=gtdhg75ovh28&cd4=619258648.1666823086&z=940526071

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 07:06:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55070
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CAC8 0
0 53ms
52ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv__ZIOSeSj8jcyV_OXMx6Ww12RLVkvpe21Zs_mtbUtwLtNbXRz_BvXe7CSluyUhlKFKtlk5ooV-IpRlhXikzeBfJzqooJXSVdwTq5aID6rEs52F5zBrx-XQ2pY8AJsThpjBPRmKP93L34i6_YYV_qIcVexKDBZRrJpjaTrsJu8tVVrFUhFWAoZCJlrlAAQcYhr54glC4a7ksghI_6tzgHIZy_-rv7gIPupD_DXWGhDM3iHc2u3ptK0cJsgjGFPFpOFughygVQb0lnZb9XK7G-quvVifpgkIeFPDe8HKZXauP913sIwDnu8lj_0gECVHA&sai=AMfl-YRHoPLpIB_0bEq0wS2dbX4csL3amB0MZIbUhzxXVQeu488jgasQff7Wa6BG0oVa8A6vvXancgevb8YG6wSKQbrKfHc_TnHOyANb-ZjoxliPYsRkI6N1z9rWGHpjVX81RfABpg&sig=Cg0ArKJSzK3XWx-VudBMEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/article/50500779/iran-says-it-will-sue-us-alleging-direct-involvement-in-protests

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F7EA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2222c3dc9fc1c733c5b4fba136dbda11bb70c8ca64d652a2ca9dc3cb64f8474

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CAC8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b30160a5df28c6851ae7a952ff434706872419312131200f85380637a94a7246

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F7EA 0
0 85ms
52ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzqc_6_elPDMoTq_VT5ncsTFNAtaEgJiSustLiTFgJEmMmb3vX8BABnk5JumBEoLTmYU8FX4e1PjWmluFutwRmcvjqWhTlQkrg3PeEb2jz89puk7FcWZwDt9SK5E3OrtNAgaVd_bpe1t5wVaMHE9tO4-ZDOV4J-Yl05fEqwyRW2PNcpkYXtOAbiB3MIa06iVm1ZJnHCzTjd9n38YMn54z6b8K6QIR59FWHh49Fbh_7y2juE6P-SvJepw5BGpG7J8oHalzLRlsISV484D9HklxwL7TrZzb_Fa-Xs_Lu9yDtcdgqgc7SV0XUdqLzP5VX681AaVw6&sai=AMfl-YRopTe3DCWwS0s00x1O7bN1ZjYrtvbukLdIS4xFg5caG_i0mgQVrI2VwsKMRGS6D52fCHTCH2H_3nlHbdp2OMt_YJ2J9O8Ajkua-W10Zm2nvUZSY6Va9IojEHDOdjQeIBvnww&sig=Cg0ArKJSzG3MZutNqJhEEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Oct 2022 22:24:48 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CAC8 0
0 66ms
53ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXUIFB5dziVBiebwz8mMeKVtDhKDnjHui8dkVRlyIBFUxznDiYdsLjjI4FM0fJ4fLlcLLd-CwUcL5vYXnBqESzCw1Ti9M2uk8dBhWK4OyGdDNyl7nXFmSUqZO8-FAZ5IgdfcvtuiAA7JtdHBphKosmsRcYvJRACA1ABfqbrHtWBaBUEEH7_it49szvRLVecbe5fho62gHoxO24tTtXD7oFy_3bLrZEgdcdpLZASFHV8_Cw0A74EOIoZqWodwugO4gke1PGb1hvn3ZSCqe-bpoGFUM4EnClk0Gujs5AtAQtLPdXKInNu8lzARw1qcURnV9I&sai=AMfl-YTcUEAzgBYGVA-TibYvvk9ZfHkbNOZHeYfSFKSfAdaIxLXK07ZutCz1c_vcIn1geZz0xWKwLZ6ZBP0-GXYgV0Wl4fV2F4Wg5lJkZNAUpKF0ylMGuVJMrZNqX-zUl_6iaPxjqw&sig=Cg0ArKJSzAjRHZOTu0-wEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Oct 2022 22:24:48 GMT

GET
DATA 200
OK truncated
/ Frame 821C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cca6512b76d32b8a264f673d11cac918644e7a3128cc27bceb7b8a18ace1ff4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 821C 0
0 53ms
53ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8NUdzqXtRVGjja5gG0ZCh6pf63sNaEy51QvjAh_r0FobSfUfDB-mhfUYjGIZ2G6MDIFRBYs6fu6oabVH3H4GN2_xg3XADtOM-5obDpnnyyHoJ6Y5oLj1AeCyYrhE6KoeSCAeNm9jZXQ93ylNsNBdPNGwhorqf5DzCOlbNS2YQvCH4jWlDpm2ArqTAniXA6CPohPV9phd6zZIUTwl0SVklWAUgGO0aM-CbuwMEwHzjbvXRl8L1tVfCLsmGIdwI6rIGKUkIbn0PkuMiKNlDBaSmGM0eYTkflnffBXl2d1iHXAHY1KHgTOWW8jCXZdnHWSWDK-3-&sai=AMfl-YTxAOaxyl97fo11nZ07SFyEMEbW0vvY136opg9r_Jas-zu_tLjiHtNpuH56jbnexeQsDu6hUNWKfhcgof_VgMC87_KTlaMHMQL-o8cvqBaPupBjMbscAR_A9kwHevBG7JtLTQ&sig=Cg0ArKJSzIfRdSEXYB1CEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Oct 2022 22:24:48 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 4C00 109 KB
38 KB 63ms
16ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/
Origin: https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:02:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37310
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Oct 2022 12:02:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 498C 0
0 82ms
50ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102001&jk=2461592675805106&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

POST
H2 200 / Show response
pages.protectsubrev.com/ 21 B
495 B 501ms
501ms Fetch
application/json 2606:4700:20::ac43:4591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.protectsubrev.com/
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / RCW02
Resource Hash: 57de05264028a31a958c3315bb559a979fced7919c8920a4c36beaa14c5db5a1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ksl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 26 Oct 2022 22:24:49 GMT
content-encoding: br
referrer-policy: origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: RCW02
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pkNhgiv442pBFhPNltdegYI%2FwJLbVm49gnvsd2HF5YeUakvltFC%2BBhNqPSPwC1u2t%2Bqb%2FzN%2BdRaCpiYgpSiFJ2LzBSqhEQsPY3KSZEr97et7erbTpo6tYWIjpEsnTmmZwYtbcgs1mffxhijJmumOGnpT7C9"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
cf-ray: 76069ab4191dbbce-FRA
expires: Fri, 28 Oct 2022 22:24:49 GMT

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 23C2 36 KB
16 KB 35ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/265412/5216352632/1664547595231/ Frame 9F4A 11 KB
3 KB 50ms
17ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/265412/5216352632/1664547595231/index.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe809dbf33b27fbe35bca04b3959f443e27f26203c88265930d81e575c99a695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 52044
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 3502
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 07:57:25 GMT
expires: Thu, 27 Oct 2022 07:57:25 GMT
last-modified: Fri, 30 Sep 2022 14:19:55 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4C00 0
26 B 52ms
51ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3m1hnz7s1_G2mD8zLXwCHhU1BYqlDzmzQ7U-pdba_YQPUiOKFGaZcksu69f-AkRND6D-qJloWGfXJiW5STmuqyAZX2QGcP6ki6l7PYMjjKy-mE-CA7gA86Vj-vD3MAx2K_IB8Ew7YgkZZ0dh4gflgCZt_8BjnV2ekjA_tmTmgm_B6V1WxoETSB6fCybdxern0CKPpkzvPxZ0uh7DrXh6dxsjgru9In-2dXgtKdWbE7wNMWHGAE7wUoL8zDcRpA2EVAuOf1r_Lj0Y1NfE20SQ0O0sTZxzqvIOLq-pczl7vo73AN8yyAR12LRAD-KFbF4iiXw&sai=AMfl-YRNomLXAZb9Gfl3XEpC_kUYJ5bK9q0iELanZJQ_30ewbrezv5z9Vvf05ftYD3FbCAQr1v4GC7WxnNta9zWnbKk3pwVdgNCj-p70BZIKKx82Xe-rXA0eVqHgGt8Vp9U2-l_CJQ&sig=Cg0ArKJSzOKSMcZ2PEipEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com
URL: https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 84a7c9492e4dcdaff9e3a019a78811bf.js Show response
s0.2mdn.net/dfp/265412/5216352632/1664547595231/ Frame 9F4A 57 KB
16 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/265412/5216352632/1664547595231/84a7c9492e4dcdaff9e3a019a78811bf.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/265412/5216352632/1664547595231/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f53763926a615f42e53c73ce5f4c83591942a0974656dca7090088778e3da1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/265412/5216352632/1664547595231/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 07:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15947
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 14:19:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Oct 2022 07:57:26 GMT

GET
H3 200 fa97e9d675f02f3e679142b677ad63c0.jpg
s0.2mdn.net/dfp/265412/5216352632/1664547595231/media/ Frame 9F4A 26 KB
27 KB 19ms
18ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/265412/5216352632/1664547595231/media/fa97e9d675f02f3e679142b677ad63c0.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/265412/5216352632/1664547595231/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6094fc8eafb14969bcf5807bbbb64263b40d0bf94190ea8a8f61e6ec1aea3fbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/265412/5216352632/1664547595231/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 07:57:26 GMT
x-content-type-options: nosniff
age: 52043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27124
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 14:19:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Oct 2022 07:57:26 GMT

GET
H3 200 493fa42ee9d35df20218828a2bf53dcb.png
s0.2mdn.net/dfp/265412/5216352632/1664547595231/media/ Frame 9F4A 7 KB
7 KB 16ms
16ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/265412/5216352632/1664547595231/media/493fa42ee9d35df20218828a2bf53dcb.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/265412/5216352632/1664547595231/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe28d1fc96429848a184cfdad635484afc33b177a3324eaf89d489230b788d30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/265412/5216352632/1664547595231/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 07:57:26 GMT
x-content-type-options: nosniff
age: 52043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6807
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 14:19:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Oct 2022 07:57:26 GMT

GET
H3 200 4c8fec71c40c25f139d7e4d58f654e1a.png
s0.2mdn.net/dfp/265412/5216352632/1664547595231/media/ Frame 9F4A 5 KB
5 KB 17ms
17ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/265412/5216352632/1664547595231/media/4c8fec71c40c25f139d7e4d58f654e1a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/265412/5216352632/1664547595231/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7f0309146c2d9a52beabdd71050c8882f928cc7d973e7b5db626b2d6c4412cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/265412/5216352632/1664547595231/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 07:57:26 GMT
x-content-type-options: nosniff
age: 52043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5135
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 14:19:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Oct 2022 07:57:26 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 23C2 0
10 B 15ms
15ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gONYfw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4C00 0
0 52ms
51ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthXrCGCfcKFpWKz9oZxoZZzpR1GMRzywJX2-uXwoMTnj6z2qSQKwF0leC8dQYaygpY9CARCtfX-mtXpz3Trr5TRQeuV2im9LmsivETgKVT9U9Zu9SWyQO1oKteH2JSPsN27cltq58HZC2d9NPirqJooMv9iKGWZxFTCDQI2MhI2cAcp7O9nSH1F8ncC9D621OnB_M0ig6eMmc5mb2cQvZJMcefH9qqx4eXdgU0IMnUVzICwGxkzWvDE1ydup6zKGzKGNp6VlmoF-zljW1yq9QFHwFIT5jaAtjCosohMBK40Ir7fAMapLGbyblTWeZhsROp4khp&sai=AMfl-YRjmL9B8YAaRco1L2C_WNh4QiXfHthloPTa9-cmNjN32IVGUVbIY7LSYeItYpZMn9cKvsVXoyNKujH8FvCimcyJZLefDonfBGX8qmEsA6mGv5wXcdF0o_zhYut2ijhodI9qLg&sig=Cg0ArKJSzHkDPBHgdBi-EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Oct 2022 22:24:49 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0BCD 38 KB
14 KB 74ms
16ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer: https://www.ksl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=117476
content-encoding: gzip
content-length: 13946
content-type: text/html
date: Wed, 26 Oct 2022 22:24:49 GMT
expires: Fri, 28 Oct 2022 07:02:45 GMT
last-modified: Tue, 05 Jul 2022 05:32:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame EF7D 9 KB
4 KB 75ms
19ms Document
text/html 18.66.248.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-14.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bee00dc9ac61a6eae0a5a1efd6af3ba501f5d4208e5e21e1bbc545db78c161fe

Request headers

Referer: https://www.ksl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67987
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Wed, 26 Oct 2022 03:31:43 GMT
etag: W/"73e6cbdab99355b35d71abf2ea225ccb"
last-modified: Fri, 14 Oct 2022 20:27:38 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
x-amz-cf-id: cqNyXO0g9etu6FTUeiEGK1rEeDXHwODfOlo2oyfrpfRyW99oJlN1Rg==
x-amz-cf-pop: DUS51-P1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:3af1d685-3010-4d5a-b093-b3a07cfff8d4
x-amz-meta-codebuild-content-md5: 7549bc6c6d823788ee0fb3e82c36711f
x-amz-meta-codebuild-content-sha256: a4bfb92c455b4ab78db908287ee14cc08cc0080652f1ca29578852e9526e8fda
x-cache: Hit from cloudfront

GET
H2 200 usersync.html Show response
ad-cdn.technoratimedia.com/html/ Frame 3CA7 22 KB
8 KB 105ms
23ms Document
text/html 2606:2800:233:f76:14f7:d635:25c4:c8d7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.16.0
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:f76:14f7:d635:25c4:c8d7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amc/BC1D) /
Resource Hash: 6619c3c9eaf6738dc2e1921e0682e82f4a5b0ac44a6b33d89812f576bc31ab41

Request headers

Referer: https://www.ksl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age: 854
cache-control: max-age=900
content-encoding: gzip
content-length: 7250
content-md5: lcpePTe6AerpIQfSuw35Lg==
content-type: text/html; charset=utf-8
date: Wed, 26 Oct 2022 22:24:49 GMT
etag: a24e35b4-9daf-4886-8cb8-e752aec17db7
expires: Wed, 26 Oct 2022 22:39:49 GMT
last-modified: Thu, 25 Aug 2022 17:39:51 GMT
opc-request-id: iad-1:5z-c3IF1RvrGVckBwYiRCMd-bdm-jcWRNpISnY2Pg1x1lMeI_1QoDSenSBPdus_w
server: ECAcc (amc/BC1D)
storage-tier: Standard
vary: Accept-Encoding
version-id: 47726d7f-1be6-4a83-a43b-588c3e43b197
x-api-id: native
x-cache: HIT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0BCD 0
42 B 436ms
21ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25568239&p=158976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:48 GMT
content-length: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3FB7 15 KB
6 KB 16ms
16ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=53047
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 26 Oct 2022 22:24:49 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 27 Oct 2022 13:08:56 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 03A2 4 KB
2 KB 124ms
38ms Document
text/html 52.50.22.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.22.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-22-36.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d29e0e8aa73bec0f750b4bc7fcf2c2d3b0447d5167830ca885515e50ebd8c1e4

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 26 Oct 2022 22:24:49 GMT
etag: W/"0cecf991f23b758ecc7f4af4429771eb7"
server: nginx
timing-allow-origin: *

GET
H2 204 /
onetag-sys.com/usync/ Frame F2D3 0
0 58ms
16ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame 0B41 777 B
1 KB 172ms
33ms Document
text/html 185.86.137.107
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: de1f59ff1258d5a1a8000d6219083e896581ac7bb20cb394823e0e7f61e059fb

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 777
content-type: text/html
date: Wed, 26 Oct 2022 22:24:49 GMT

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 9E50
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

2 KB
1 KB

104ms
73ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbcf897108e1e1009f78f980110e419d69af4c882f43d26e6e21a1428862d263

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 76069ab83975cd7b-CDG
content-encoding: br
content-type: text/html
date: Wed, 26 Oct 2022 22:24:50 GMT
expires: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 76069ab7cff69b6e-FRA
content-length: 0
date: Wed, 26 Oct 2022 22:24:49 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame A338
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
554 B

79ms
23ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 26 Oct 2022 22:24:49 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 26 Oct 2022 22:24:49 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 959D 15 KB
6 KB 19ms
16ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=53047
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 26 Oct 2022 22:24:49 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 27 Oct 2022 13:08:56 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame EF7D 0
239 B 74ms
16ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

sync
ads.servenobid.com/ Frame EF7D
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
https://ads.servenobid.com/sync?pid=312&uid=1818209918264144733

0
344 B

39ms
39ms

Image
image/avif

34.252.126.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=1818209918264144733
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:50 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:49 GMT
AN-X-Request-Uuid: 8bcf4f86-b869-49a8-bf4f-2094ba84186a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://ads.servenobid.com/sync?pid=312&uid=1818209918264144733
Connection: keep-alive
X-Proxy-Origin: 146.70.117.86; 146.70.117.86; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame EF7D
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=FjDgrRZHjWXsarNlQ0KNADTS

0
350 B

41ms
41ms

Image
image/avif

34.252.126.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=FjDgrRZHjWXsarNlQ0KNADTS
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:49 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=FjDgrRZHjWXsarNlQ0KNADTS
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame EF7D 0
277 B 88ms
24ms Image
text/plain 216.52.2.19
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 26 Oct 2022 22:24:49 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

sync
ads.servenobid.com/ Frame EF7D
Redirect Chain

https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=314&uid=80f64e3a-9296-4467-b3e5-9a4cdf35bd4f

0
357 B

37ms
37ms

Image
image/avif

34.252.126.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=314&uid=80f64e3a-9296-4467-b3e5-9a4cdf35bd4f
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:50 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=314&uid=80f64e3a-9296-4467-b3e5-9a4cdf35bd4f
date: Wed, 26 Oct 2022 22:24:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 119
vary: Origin
content-type: text/html; charset=utf-8

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame EF7D
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1666823089895
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3782942007

70 B
265 B

133ms
39ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3782942007
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 26 Oct 2022 22:24:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 22:24:49 GMT
etag: RX29d8387589fc4ec889ada2b06582c176003
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3782942007
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H2

200

sync
ads.servenobid.com/ Frame EF7D
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5144588521870695983

0
344 B

38ms
37ms

Image
image/avif

34.252.126.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5144588521870695983
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5144588521870695983
Date: Wed, 26 Oct 2022 22:24:49 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame EF7D 0
500 B 440ms
105ms Image
text/plain 69.166.1.12
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:50 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-109
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

getuid
eb2.3lift.com/ Frame EF7D
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4239%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D3a5aef25-88ed-4036-a19b-00dc84c97818%26bidder%3Dappnexus%26cbx%3...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F4239%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D3a5aef25-88ed-4036-a19b-...
https://prebid.a-mo.net/cchain/0/4239?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=3a5aef25-88ed-4036-a19b-00dc84c97818&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&...
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4239%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D3a5aef25-88ed-4036-a19b-00dc84c97818%26bidder%3Dtriplelif...

37 B
140 B

67ms
17ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4239%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D3a5aef25-88ed-4036-a19b-00dc84c97818%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

location: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4239%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D3a5aef25-88ed-4036-a19b-00dc84c97818%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
date: Wed, 26 Oct 2022 22:24:49 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame EF7D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
https://ads.servenobid.com/sync?pid=337&uid=y-5f6Kr_1E2uH3XqUtE0EH16B_4_9IGWzVoBDlzTQ-~A

0
367 B

38ms
37ms

Image
image/avif

34.252.126.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-5f6Kr_1E2uH3XqUtE0EH16B_4_9IGWzVoBDlzTQ-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-5f6Kr_1E2uH3XqUtE0EH16B_4_9IGWzVoBDlzTQ-~A
date: Wed, 26 Oct 2022 22:24:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

ImgSync
image8.pubmatic.com/AdServer/ Frame EF7D
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS02YTE3N2YwMC02MzkwLTMxYTMtYmFhNC04NDNjNjA0ODYxZWUqU2h0dHBzOi8vYWRz...
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....

0
42 B

104ms
27ms

Image
text/plain

185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F17379%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253D3a5aef25-88ed-4036-a19b-00dc84c97818%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAyWVRFM04yWXdNQzAyTXprd0xUTXhZVE10WW1GaE5DMDRORE5qTmpBME9EWXhaV1VxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE5tRXhOemRtTURBdE5qTTVNQzB6TVdFekxXSmhZVFF0T0RRell6WXdORGcyTVdWbE1nRUdPQUU9JmJ1eWVydWlkPQ%25253D%25253D%2526uid%253D%2523PMUID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:49 GMT
content-length: 0

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F17379%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253D3a5aef25-88ed-4036-a19b-00dc84c97818%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAyWVRFM04yWXdNQzAyTXprd0xUTXhZVE10WW1GaE5DMDRORE5qTmpBME9EWXhaV1VxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE5tRXhOemRtTURBdE5qTTVNQzB6TVdFekxXSmhZVFF0T0RRell6WXdORGcyTVdWbE1nRUdPQUU9JmJ1eWVydWlkPQ%25253D%25253D%2526uid%253D%2523PMUID
date: Wed, 26 Oct 2022 22:24:49 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame EF7D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58632/occ
https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
https://ads.servenobid.com/sync?pid=339&uid=y-tHbYZGZE2uFhQdtfViERidOylmXsU9pxO19Mgk8-~A

0
367 B

38ms
38ms

Image
image/avif

34.252.126.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=339&uid=y-tHbYZGZE2uFhQdtfViERidOylmXsU9pxO19Mgk8-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=339&uid=y-tHbYZGZE2uFhQdtfViERidOylmXsU9pxO19Mgk8-~A
date: Wed, 26 Oct 2022 22:24:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 821C 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBjpjzEmFRRaFT9eQ7GWBAmYQDs7oOYQfnE9xbNVZv6mKdC_qOZMgPfgk6F2i9QCbVo4RSQ-p53UmpELSDP6eunwZMLKmN_RB5i3Ktu0lVuhH3e6Tv&sig=Cg0ArKJSzKDUqik7zEt_EAE&id=lidar2&mcvt=1012&p=443,985,1043,1285&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20221026&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1184458763&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666823087729&rpt=1057&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 22:24:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F7EA 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbM62LtQcDD-Mgcb9v1RaMdxRalBLYt6BrMozyE5xeRnJgXdykWI7DuH_W67XGZe-nyG79CgUYDfPvzQK_TcTxGob_vztW4DhPG_vv_q6bKp99LfYO&sig=Cg0ArKJSzLVdgVEvuAX9EAE&id=lidar2&mcvt=1015&p=154,436,244,1164&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20221026&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2540312279&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666823087582&rpt=1169&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 22:24:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 03A2
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=7261830710824795818

35 B
250 B

195ms
38ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=7261830710824795818
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:50 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:50 GMT
AN-X-Request-Uuid: 8129a180-59ca-4fd7-994a-910e8dc7083b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://usersync.gumgum.com/usersync?b=apn&i=7261830710824795818
Connection: keep-alive
X-Proxy-Origin: 146.70.117.86; 146.70.117.86; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 03A2
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_1853ca9c-49a4-4026-a9ae-8c310de83d68&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_1853ca9c-49a4-4026-a9ae-8c310de83d68&gdpr=0&gdpr_consent=&us_privacy=1---
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=BZYa0lGWTdkelEqPAscC3VCWHN8ekR7YUMEOW0In
https://usersync.gumgum.com/usersync?b=bsw&i=bfdcf2c3-9160-40f3-b4fd-7daa9841ea16

35 B
250 B

114ms
38ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=bfdcf2c3-9160-40f3-b4fd-7daa9841ea16
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:50 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: //usersync.gumgum.com/usersync?b=bsw&i=bfdcf2c3-9160-40f3-b4fd-7daa9841ea16
Date: Wed, 26 Oct 2022 22:24:50 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
www.example.com/ Frame 03A2
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28WsOB2rK4sDAs8DFCRRivNG5zZvAjV8FIUo5evSBcSsOVdwWCBhjOCN2T0KnuWZLl%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_1853ca9c-49a4-4026-a9ae-8c310de83d68&obuid=ENC(WsOB2rK4sDAs8DFCRRivNG5zZvAjV8FIUo5evSBcSsOVdwWCBhjOCN2T0KnuWZLl)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://www.example.com/

0
0

761ms
102ms

Image
text/html

2606:2800:220:1:248:1893:25c8:1946
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.example.com/
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 2606:2800:220:1:248:1893:25c8:1946 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

Location: https://www.example.com/
Date: Wed, 26 Oct 2022 22:24:50 GMT
X-TraceId: 17a44daba609a9f3d06a6e26d2ca049b
Content-Length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 03A2
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=bfac993b-d038-4b1a-a8c0-48af20282499

35 B
250 B

174ms
39ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=bfac993b-d038-4b1a-a8c0-48af20282499
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:50 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Wed, 26 Oct 2022 22:24:50 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=bfac993b-d038-4b1a-a8c0-48af20282499
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 03A2
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-bab8f7fd-8b26-4e71-628a-af4aca590235$ip$146.70.117.86

35 B
250 B

40ms
40ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-bab8f7fd-8b26-4e71-628a-af4aca590235$ip$146.70.117.86
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:50 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-bab8f7fd-8b26-4e71-628a-af4aca590235$ip$146.70.117.86
Date: Wed, 26 Oct 2022 22:24:50 GMT
Connection: keep-alive
Content-Length: 127
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 03A2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-E9bsXbFE2pfrtfhJBstlW7TusXKSlWkm.5_g~A

35 B
250 B

162ms
41ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-E9bsXbFE2pfrtfhJBstlW7TusXKSlWkm.5_g~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:50 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Wed, 26 Oct 2022 22:24:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-E9bsXbFE2pfrtfhJBstlW7TusXKSlWkm.5_g~A
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 03A2
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=d5a327e2-6bf2-4684-a347-6312107d6a11

35 B
250 B

38ms
38ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=d5a327e2-6bf2-4684-a347-6312107d6a11
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:50 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=d5a327e2-6bf2-4684-a347-6312107d6a11
Date: Wed, 26 Oct 2022 22:24:50 GMT
Connection: keep-alive
X-CI-RTID: fcb610e2-157c-4dce-befa-8c578cf40d65
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 204 services
sync.technoratimedia.com/ Frame 03A2 0
293 B 337ms
110ms Image
text/plain 150.136.26.45
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:50 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 561040180
access-control-allow-origin: https://g2.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame 03A2 0
44 B 325ms
104ms Image
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:50 GMT
content-length: 0
server: c

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 03A2
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_1853ca9c-49a4-4026-a9ae-8c310de83d68&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://stags.bluekai.com/site/23178?id=7MIL7xQxEMWlrlSOAZjI&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2N2NJFGDO6CRPBCU2V3MOJWFGT2BLJVES...
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=7MIL7xQxEMWlrlSOAZjI&us_privacy=1---

35 B
250 B

39ms
39ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=7MIL7xQxEMWlrlSOAZjI&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:50 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:50 GMT
Content-Type: text/html; charset=utf-8
Location: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=7MIL7xQxEMWlrlSOAZjI&us_privacy=1---
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 123
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 03A2
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=4dd0ddda-dcad-4955-955b-3e55032725f2

35 B
250 B

39ms
38ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=4dd0ddda-dcad-4955-955b-3e55032725f2
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:50 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=4dd0ddda-dcad-4955-955b-3e55032725f2
access-control-allow-origin: *
date: Wed, 26 Oct 2022 22:24:50 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 03A2
Redirect Chain

https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=935365461

70 B
264 B

76ms
40ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=935365461
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 26 Oct 2022 22:24:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 22:24:49 GMT
etag: RX29d8387589fc4ec889ada2b06582c176003
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=935365461
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 03A2
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=LguXGkqWYgUJ&ev=1&pid=558355

35 B
250 B

39ms
39ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=LguXGkqWYgUJ&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:50 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://usersync.gumgum.com/usersync?b=pln&i=LguXGkqWYgUJ&ev=1&pid=558355
content-language: de-DE
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6fbd5d5df9-qgskx
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 03A2
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=1711862179451461867

35 B
250 B

39ms
39ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=1711862179451461867
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:50 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=1711862179451461867
date: Wed, 26 Oct 2022 22:24:49 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 03A2 0
357 B 39ms
37ms Image
image/avif 34.252.126.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_1853ca9c-49a4-4026-a9ae-8c310de83d68
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 272E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=2dec6359-b3b2-4d00-9997-d3c98eee5cad&gdpr=0&gdpr_consent=

35 B
250 B

86ms
38ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=2dec6359-b3b2-4d00-9997-d3c98eee5cad&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Wed, 26 Oct 2022 22:24:50 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Wed, 26 Oct 2022 22:24:50 GMT
Expires: Wed, 26 Oct 2022 22:24:49 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4539 98cc2da master cdg-pixel-x30 config:1.0.0
location: https://usersync.gumgum.com/usersync?b=mmh&i=2dec6359-b3b2-4d00-9997-d3c98eee5cad&gdpr=0&gdpr_consent=

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame F597
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y1mzsgAAAYTV9QAr
https://usersync.gumgum.com/usersync?b=atm&i=Y1mzsgAAAYTV9QAr&gdpr=0&gdpr_consent=&_test=Y1mzsgAAAYTV9QAr

35 B
250 B

77ms
38ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=Y1mzsgAAAYTV9QAr&gdpr=0&gdpr_consent=&_test=Y1mzsgAAAYTV9QAr
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Wed, 26 Oct 2022 22:24:50 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Wed, 26 Oct 2022 22:24:50 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=Y1mzsgAAAYTV9QAr&gdpr=0&gdpr_consent=&_test=Y1mzsgAAAYTV9QAr
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-cdg20770-CDG
x-timer: S1666823090.148489,VS0,VE0

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ Frame 5D91 170 B
502 B 96ms
29ms Document
image/png 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xODUzY2E5Yy00OWE0LTQwMjYtYTlhZS04YzMxMGRlODNkNjg=&gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 22:24:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 802A 15 KB
6 KB 17ms
15ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=53047
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 26 Oct 2022 22:24:49 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 27 Oct 2022 13:08:56 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame CE1C 70 B
264 B 99ms
40ms Document
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Wed, 26 Oct 2022 22:24:50 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame B667
Redirect Chain

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
https://cs.emxdgt.com/umcheck?apnxid=7261830710824795818&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
https://usersync.gumgum.com/usersync?b=emx&i=7261830710824795818brt50861666823090036653f1

35 B
250 B

89ms
40ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=emx&i=7261830710824795818brt50861666823090036653f1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Wed, 26 Oct 2022 22:24:50 GMT
Expires: 0
Pragma: no-cache

Redirect headers

content-length: 0
content-type: text/html
date: Wed, 26 Oct 2022 22:24:49 GMT
location: https://usersync.gumgum.com/usersync?b=emx&i=7261830710824795818brt50861666823090036653f1

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame C177
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=Y1mzssCo8YAAADrLbV4AAAAA

35 B
250 B

40ms
39ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=Y1mzssCo8YAAADrLbV4AAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Wed, 26 Oct 2022 22:24:50 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Wed, 26 Oct 2022 22:24:50 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=Y1mzssCo8YAAADrLbV4AAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 5
X-SO-Cluster-ID: 18
X-SO-HostName: m-ad274.dc4p.scaleout.jp
X-SO-IP: 146.70.117.86
X-SO-Key: Y1mzssCo8YAAADrLbV4AAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":18,"gdpr":true,"ipv4":"0.0.0.0","key":"Y1mzssCo8YAAADrLbV4AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad274"}
X-SO-LB-Hostname: m-tgng28.dc4p.scaleout.jp
X-SO-Upstream-ID: m-ad274

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 91F5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
https://usersync.gumgum.com/usersync?b=iex&i=Y1mzseaCGB828-ByG7t99QAA%265164

35 B
250 B

169ms
39ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=iex&i=Y1mzseaCGB828-ByG7t99QAA%265164
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Wed, 26 Oct 2022 22:24:50 GMT
Expires: 0
Pragma: no-cache

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 76069ab8598fcd7b-CDG
content-length: 0
date: Wed, 26 Oct 2022 22:24:50 GMT
expires: 0
location: https://usersync.gumgum.com/usersync?b=iex&i=Y1mzseaCGB828-ByG7t99QAA%265164
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 1250
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=Ti1ekD0aDn4Z61advGj0&pi=gumgum&tc=1

35 B
250 B

110ms
39ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=Ti1ekD0aDn4Z61advGj0&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Wed, 26 Oct 2022 22:24:50 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Wed, 26 Oct 2022 22:24:50 GMT Wed, 26 Oct 2022 22:24:50 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=Ti1ekD0aDn4Z61advGj0&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3BB8
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

39ms
26ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 26 Oct 2022 22:24:50 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 26 Oct 2022 22:24:49 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A338 32 KB
10 KB 23ms
23ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 22:24:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Oct 2022 18:37:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=77675
Connection: keep-alive
Content-Length: 9454
Expires: Thu, 27 Oct 2022 19:59:24 GMT

GET
H2 200 sync
ads.servenobid.com/ Frame 0B41 0
344 B 38ms
37ms Image
image/avif 34.252.126.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=1711862179451461867&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:50 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 0B41
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=1818209918264144733&gdpr=0&gdpr_consent=

43 B
408 B

112ms
34ms

Image
image/gif

185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=1818209918264144733&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 26 Oct 2022 22:24:50 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:50 GMT
AN-X-Request-Uuid: 8e4775c0-478f-41b5-9169-6d93a01b1869
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=1818209918264144733&gdpr=0&gdpr_consent=
Connection: keep-alive
X-Proxy-Origin: 146.70.117.86; 146.70.117.86; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 0B41
Redirect Chain

https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=758a859c06&gdpr=0&gdpr_consent=

43 B
423 B

33ms
33ms

Image
image/gif

185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=758a859c06&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 26 Oct 2022 22:24:50 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date: Wed, 26 Oct 2022 22:24:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=758a859c06&gdpr=0&gdpr_consent=
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/ Frame 0B41
Redirect Chain

https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB_H07Gs2cAACDeg935fQ&gdpr=0

43 B
412 B

137ms
33ms

Image
image/gif

185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB_H07Gs2cAACDeg935fQ&gdpr=0
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 26 Oct 2022 22:24:49 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB_H07Gs2cAACDeg935fQ&gdpr=0
Date: Wed, 26 Oct 2022 22:24:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 451 711890.gif
id.rlcdn.com/ Frame 0B41 0
98 B 308ms
25ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame A338 284 B
536 B 77ms
17ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 9E50
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1mzseaCGB828_ByG7t99QAAFCwAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1mzseaCGB828_ByG7t99QAAFCwAAAIB&dcc=t

43 B
855 B

134ms
133ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1mzseaCGB828_ByG7t99QAAFCwAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VARMN3DCBQT124XE33TC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 745BW3ESNEA32NWBQ7AF
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1mzseaCGB828_ByG7t99QAAFCwAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9E50
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1mzseaCGB828-ByG7t99QAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH0zANqjZtJXJkFcA64wBfY&google_cver=1

43 B
766 B

17ms
16ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH0zANqjZtJXJkFcA64wBfY&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:50 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 22:24:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH0zANqjZtJXJkFcA64wBfY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9E50 70 B
264 B 43ms
39ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 26 Oct 2022 22:24:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 9E50
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1mzseaCGB828_ByG7t99QAAFCwAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMq98ll0ciH1--NhmaQSRHw&google_cver=1

43 B
555 B

62ms
62ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMq98ll0ciH1--NhmaQSRHw&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 22:24:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 76069ab919e9cd7b-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 22:24:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMq98ll0ciH1--NhmaQSRHw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bridge
cm.adgrx.com/ Frame 9E50 43 B
283 B 376ms
95ms Image
image/gif 173.231.178.117
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: lga-delivery-9.sys.adgear.com
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 22:24:50 GMT
server: Cowboy
content-type: image/gif
p3p: CP="NOI OTC OTP OUR NOR"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx: lga-delivery-9
content-length: 43
expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 204 /
csync.loopme.me/ Frame 9E50 0
40 B 113ms
27ms Image
text/plain 35.214.174.31
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.174.31 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 31.174.214.35.bc.googleusercontent.com
Software: _ /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:50 GMT
server: _

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 9E50 0
0 69ms
25ms Image
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 Y1mzseaCGB828_ByG7t99QAAFCwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9E50 43 B
602 B 52ms
41ms Image
image/gif 2a05:d018:d29:3602:b152:500b:646e:5f14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y1mzseaCGB828_ByG7t99QAAFCwAAAIB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:b152:500b:646e:5f14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
ads.servenobid.com/ Frame 9E50 0
356 B 40ms
37ms Image
image/avif 34.252.126.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=Y1mzseaCGB828_ByG7t99QAAFCwAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:50 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3BB8 32 KB
10 KB 26ms
25ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 22:24:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Oct 2022 18:37:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=77674
Connection: keep-alive
Content-Length: 9454
Expires: Thu, 27 Oct 2022 19:59:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102001&jk=2461592675805106&bg=!6Oul66_NAAZPh4lnb4c7ACkAdvg8WlEVELUD8P4F6NI6-kGq6a9kZob8hegyfDtksG7Clzy80dzwqwIAAACQUgAAAAVoAQcKADG-oOmdspCa9pZMTAClzEv019aHFwWAM045I8WCdBl2V8eWQjOKB0a0UC5RItcT3eAvmQKUE23krAQUjIr0Fzs9WFvOAdzep-_Gydl9LfqPEOoDM-wRl7XdGzRB0TPOvPKmR1kj0tgEXz6gOV994fzuq39sbD5TH7x7jwUDVbVvhClJVF7vFvqDYMamk3Uv9AzJuSCMYEkobdo5XVvWo8qctZYMQkHbh9OlF-sB8Uf-4aw7kvdcKKYDgqgYQxlXfVPjU-5QFNOiEzoHgPMOyYYWOD9-0FA3ttR1lTYz0pYdXzwFeHx6zqrLmWTMy7kFsIwL6c9woERCsGBstQO611wyESsZg2WgSRYH_54-LzZGNEloKxxua-I8ZY4h7QkFS12PuIw4Pb1UTrlRKcZzNNqFOGwCX-hwxW-vy9jVPLzO3avplEQyB0S5gT5OsJ7cszl3AHvlM7Sr4myRI-LKoRi117lkPzt-3gezJL9ey53tdM4nB8U1KW7zF1MKMRGQu3gtaXvAyyc8P3ciop638CzPcYXqyW-1e4ePYbxkgOOHkSSjHcPWPgduUSqD4ziyqiRCz2WawGJOLzA3fwfsDnSefd9RRALm2EF4XerJw6MJEcD0qKynJ5j_utpRvjpJau-TfPFHORnuNYR4oTQNw1dyVX9U61EwIROYboTSM6ovhcpUdneyk8GCJ0hlEWB3Thb9ig00cz-UF0CFZekDQe63lSe8IA5y3F64uiQC2nSvBynmgiILMJ3eteyXNGkNd3E7DhJslamYR9-lb-NbAA3wEuvoaYShWFsnLZzz_AMf6c3BhtMEmpdGrWcwYXejFREIjsHsmIPhJ6ekNDSyB-Bw41JDpyP0doi64BRSuPj5V2ODGLm40MhRa5KsHwnUYJhU-UN9E1riV5_aFLnEswdsjgCYgRexkdha7-1VriKuysHmpedWGkpN
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 3BB8 284 B
536 B 35ms
16ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 200 / Show response
pages.protectsubrev.com/ 21 B
360 B 149ms
149ms Fetch
application/json 2606:4700:20::ac43:4591
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.protectsubrev.com/
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / RCW02
Resource Hash: 57de05264028a31a958c3315bb559a979fced7919c8920a4c36beaa14c5db5a1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ksl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 26 Oct 2022 22:24:50 GMT
content-encoding: br
referrer-policy: origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: RCW02
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLjqD4O62hTPdC8XMYZRWvTrqTTqCvsxNqOvgNUR5541PtBKGZ5PSN2%2F19MtVeKARdNUdqpsLBr5J8KK3jnhz0njXO9qwmvxNg5CcKLHFn3ANd5CZV%2BiAhxOel4UbddwEEHQj4CD2uNcOr30xX2bMgyu74lK"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
cf-ray: 76069ab90a54bbce-FRA
expires: Fri, 28 Oct 2022 22:24:50 GMT

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame A338 0
239 B 459ms
103ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 19ea072139d67f7022c6e463249c998e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 3BB8 0
239 B 18ms
18ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200 lb Show response
be.durationmedia.net/ 0
569 B 104ms
104ms Fetch 18.232.40.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://be.durationmedia.net/lb?s=11159&t=SD&c=4

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.232.40.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-40-53.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:50 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: DENY
Access-Control-Allow-Origin: https://www.ksl.com
Access-Control-Expose-Headers: Authorization
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: 0

POST
H/1.1 200 sponsorships Show response
be.durationmedia.net/ 414 B
1017 B 106ms
105ms Fetch
application/json 18.232.40.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://be.durationmedia.net/sponsorships

Requested by

Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.232.40.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-40-53.compute-1.amazonaws.com

Software

Resource Hash

25b260ed99a4bb7bb9790faae68565a32fc4582cd5d768ce36fdc4a5ba30e2f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ksl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 22:24:50 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ksl.com
Access-Control-Expose-Headers: Authorization
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 414
X-XSS-Protection: 1; mode=block
Expires: 0

OPTIONS
H/1.1 200 sponsorships
be.durationmedia.net/ Frame 0
0 207ms
103ms Preflight 18.232.40.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://be.durationmedia.net/sponsorships

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.232.40.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-40-53.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ksl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.ksl.com
Access-Control-Expose-Headers: Authorization
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Wed, 26 Oct 2022 22:24:50 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H2 204 r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 0
106 B 17ms
16ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=4&c=2719&i=6rq589&p=ksl-com&s=5219&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTg0IiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI2cnE1ODkiLCJwYWNrZXQiOjQsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APENaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpYyQAQy5jb20eAJIvanMvYWRzYnklAPAaLmpzIiwidHlwZSI6ImZldGNoIiwic3RhcnQiOjE2NjY4MjMwODc4NjWXABpkFACANiwic291cmM7ANJGRVRDSF9NQU5BR0VSQwDRdHVzIjoiYWxsb3dlZMEAQGFzb27AANRdLCJkYXRhUGF0dGVyEgCybGlzdCI6W10sImloAM83MDY3NTA4MjA0fSzyAAXxAmMuYW1hem9uLWFkc3lzdGVt6gC_YWF4Mi9hcHN0YWfgABJMODM5OOAAAhQAD-AASp82NTIwODgxODHgAAc_dHBjzgEEYXNvZGFyLwYAGTLlAGJzY3JpcHSDAQrGAT0yOTHmADc0MzDGAaBhcHBlbmRDaGlssQEyc3RhxAEwbG9hEAAvcmXBARuvNTQ4MDYxMDMyN-EAVh8y4QAMMW11dBEDok9ic2VydmVyQ0wpAQ_oADMfOOgALfYBLzIyNS9ydW5uZXIuaHRtbJsDYmlmcmFtZa0ACdYBPjg0MtYBPzg5N9YBR58wMjk2NzQwODDuAGMdOeMBCu4AD-MBQwT1AA_jAQgzd3d3rAMBhQT0AXJlY2FwdGNoYS9hcGkyL2HBAQNsBQ_RAQkfNuMAAB840QFGjzQ4MzkyMzE40QEJD9wANw-_AQEI3AAPvwFCBeMAHzO0AgcAPQfxAHMucHJvdGVjdHN1YnJldsgBBoQDDx8HBUw5Mjg3sgE4OTI41gAPHwdArzY0NjYzMTQ3NjLUAAfxFjE4MjhkMDk0YjFjNTIxMDliNWJiZjRhZDFlYzJkMzAyLnNhZmWZAgO6Agw0CAUgAIAvMS0wLTM4L5YEfy9jb250YWmlBBg9NzcymgVPOTUwNNQCRp83NTM2MTMzNzewAwgPHQF2LTg0fggLHQEPFQNCAyQBHzlgCQnBYWRzLnB1Ym1hdGljDgMxQWRTOQcARwr2EXNob3dhZC5qcyNQSVgma2RudHVpZD0xJnA9MTU4OTc2OgMP7QQGTTk3MTM7Ayg3MRkCEGkOBzlIVE2qBw9WCiiPNzk5ODgwMTMLBAkA2AshYy4jCFFub2JpZPsAT3N5bmOWBxU9OTcxxQUCFAAFUgoP2AA8nzU1NTUyMzg3MdgACPEHYWQtY2RuLnRlY2hub3JhdGltZWRpYd0AAdgDRXVzZXLmAMM_c3JjPXByZWJpZF8HAEE0LjE2HQ0PxAYNPjk3MdMCARQAD_8ARY83MDAzMTM4ONcBCQ__AGs3ODYy7wSzaW5zZXJ0QmVmb3LWCQ-DCioP_wB8LTIw1QMK_wAP0QRDBAQCHzUSBwcP5gcmTDkwMDfUAgMUAAXUAg_mB0Y_NTU11wMKD6UFThs00AFIOTAyNTkOD88CPQSlBQ_7DwgPmwZQDKwKDPYAD8YCQwT8AB85xgIHUGJlLmR1wQUAJhIAwwXwB25ldC9sYj9zPTExMTU5JnQ9U0QmYz20EgOrBQM-Eg5BDkw5MDg1nAkDFAAF2AJ_UkVRVUVTVN8ROyA2NpYLPzkwMaMJCA_oAAK3c3BvbnNvcnNoaXC8Eg_hAAoMZAgA4QAXM44FD-EAQtA1NDY2ODg3NzI2fV19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:50 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 26 Oct 2022 22:24:49 GMT

POST
H/1.1 200
OK publishBeacon
pixel.rubyblu.com/ 0
350 B 516ms
158ms Ping
application/json 35.230.100.254
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.rubyblu.com/publishBeacon
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.230.100.254 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 254.100.230.35.bc.googleusercontent.com
Software: nginx/1.21.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ksl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 26 Oct 2022 22:24:52 GMT
Server: nginx/1.21.3
Access-Control-Allow-Methods: POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
Content-Length: 0

GET
H2 204 r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 0
106 B 18ms
17ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=5&c=2719&i=6rq589&p=ksl-com&s=844&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTg0IiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI2cnE1ODkiLCJwYWNrZXQiOjUsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0AIFodHRwczovL5AA8DJjLnNlcnZlbm9iaWQuY29tL3N5bmMuaHRtbCIsInR5cGUiOiJpZnJhbWUiLCJzdGFydCI6MTY2NjgyMzA4OTcxN4EAFmQUAME5MTcxNiwic291cmM8AKNuc2VydEJlZm9yQgChdHVzIjoibG9hZKcAQGFzb26mANRdLCJkYXRhUGF0dGVyEgCybGlzdCI6W10sImlkAM81NTU1MjM4NzE0fSzYAEkvMjDYAAwxbXV0UAEhT2JAATJyQ0wgAQ_eADMfN94ACMFpeGVsLnJ1YnlibHWyAQHIAYZzaEJlYWNvbrYBRXNlbmQUAAu6AVw5MjQxNOIAAhQABboB-ANTRU5EQkVBQ09OX01BTkFHRVLiAG9hbGxvd2XDASHQNjYyMTEzMTExOX1dfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 22:24:53 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 26 Oct 2022 22:24:52 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 55ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JW89DL7T5D&gtm=2oeaq0&_p=2039097173&cid=619258648.1666823086&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1666823085&sct=1&seg=0&dl=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50500779%2Firan-says-it-will-sue-us-alleging-direct-involvement-in-protests&dt=Iran%20says%20it%20will%20sue%20US%2C%20alleging%20%27direct%20involvement%27%20in%20protests%20%7C%20KSL.com&en=Ad%20Block&ep.Random_Session_ID=1666823085771.jfm2pagh&ep.Local_Timestamp=2022-10-26T22%3A24%3A45.771%2B00%3A00&ep.Page_URL=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50500779%2Firan-says-it-will-sue-us-alleging-direct-involvement-in-protests&ep.Referrer=&ep.Host_Name=www.ksl.com&ep.Container_Version=56&ep.Event_Action=off&ep.DDM_Hit_ID=dsewvume3iia&ep.Template=Article&_et=2597&up.DDM_Device_ID=blqzvz7d58d9
Requested by: Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ksl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 22:24:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ksl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

180 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

79 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ksl.com/	1970-01-20 15:45:59	Name: PHPSESSID Value: lev30qf17r30fav4b97se8u4ke
.ksl.com/	1970-01-20 07:00:24	Name: ddmSessionId Value: gtdhg75ovh28
.ksl.com/	1970-01-20 16:36:23	Name: ddmDeviceId Value: blqzvz7d58d9
.ksl.com/	1970-01-20 16:36:23	Name: _ga Value: GA1.2.619258648.1666823086
.ksl.com/	1970-01-20 07:01:49	Name: _gid Value: GA1.2.161913412.1666823086
.ksl.com/	1970-01-20 16:36:23	Name: bluSyncTime Value: 1666823085931
.ksl.com/	1970-01-20 16:36:23	Name: bluSiteUserID Value: ksl.xv5vphvgz5o7
.ksl.com/	1970-01-20 07:00:23	Name: _dc_gtm_UA-72877204-2 Value: 1
.ksl.com/	1969-12-31 23:59:59	Name: mf_5b4de110-bc3f-40aa-8751-c3176bbf87d5 Value: \|.-601947490.1666823085987\|1666823085988\|\|0\|\|\|0\|0\|18.66403
.bidr.io/	1970-01-20 16:28:56	Name: bito Value: AAB_H07Gs2cAACDeg935fQ
.bidr.io/	1970-01-20 16:28:56	Name: bitoIsSecure Value: ok
.technoratimedia.com/	1970-01-20 16:36:23	Name: tads_uid Value: GDPR
.ksl.com/	1970-01-20 15:45:59	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Oct+26+2022+22%3A24%3A46+GMT%2B0000+(GMT)&version=6.3.0&consentId=ed2b3836-eefa-466b-ab90-275045c850e1&interactionCount=0&landingPath=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50500779%2Firan-says-it-will-sue-us-alleging-direct-involvement-in-protests&groups=C0003%3A1%2CC0001%3A1%2CC0002%3A1%2CC0004%3A1%2CBG9%3A1&hosts=
www.ksl.com/	1970-01-20 07:00:24	Name: OX_sd Value: 1
.ksl.com/	1970-01-20 16:36:23	Name: __ssid Value: f17a36b1ab31f7906aabfa0730a7d61
.ksl.com/	1970-01-20 16:21:59	Name: __gads Value: ID=cc1ab698cbfab0c4-2210c1ff59ce00c5:T=1666823087:S=ALNI_MZNEB8U_8d6iGDsN5Kbi0b04sNrZA
.ksl.com/	1970-01-20 16:21:59	Name: __gpi Value: UID=00000b78a8c670fe:T=1666823087:RT=1666823087:S=ALNI_MbKYpkLOxkhXOBJUAepjmlfKDU41w
m.stripe.com/	1970-01-20 16:36:23	Name: m Value: b9cf3a18-43eb-4a78-89a9-5bf610d494ec98be19
.doubleclick.net/	1970-01-20 16:21:59	Name: IDE Value: AHWqTUm_PYCUOA985xsZJtaI8wvg5yjECU-yQT5oJit0ZovfJ6LE0Q1iIXSIUplZvOs
.ksl.com/	1970-01-20 16:36:23	Name: _ga_JW89DL7T5D Value: GS1.1.1666823085.1.0.1666823088.0.0.0
.www.ksl.com/	1970-01-20 15:45:59	Name: __stripe_mid Value: 02d63510-f222-427d-8fab-60851ad2639e47375c
.www.ksl.com/	1970-01-20 07:00:24	Name: __stripe_sid Value: 121c8bf3-e1c7-4c88-8cc8-762f80d2d88f17a05e
.technoratimedia.com/	1970-01-20 07:00:26	Name: tads_ipv6 Value: 2001:ac8:20:271::1e
.prebid.a-mo.net/	1970-01-20 07:01:49	Name: _sv3_0 Value: 1
.a-mo.net/	1970-01-20 15:45:59	Name: amuid2 Value: 3a5aef25-88ed-4036-a19b-00dc84c97818
.prebid.a-mo.net/	1970-01-20 15:45:59	Name: sd_amuid2 Value: 3a5aef25-88ed-4036-a19b-00dc84c97818
.casalemedia.com/	1970-01-20 15:45:59	Name: CMID Value: Y1mzseaCGB828-ByG7t99QAA
.casalemedia.com/	1970-01-20 09:09:59	Name: CMPS Value: 5164
.casalemedia.com/	1970-01-20 09:09:59	Name: CMPRO Value: 5164
.analytics.yahoo.com/	1970-01-20 15:45:59	Name: IDSYNC Value: 198o~27xy
.yahoo.com/	1970-01-20 15:46:20	Name: A3 Value: d=AQABBLGzWWMCEGOavfHNOuPzht17agn7YzMFEgEBAQEFW2NjYwAAAAAA_eMAAA&S=AQAAAsNgsV_IXnXZimjnLr5U_Tc
.lijit.com/	1970-01-20 15:45:59	Name: ljt_reader Value: FjDgrRZHjWXsarNlQ0KNADTS
.gumgum.com/	1970-01-20 15:45:59	Name: vst Value: e_1853ca9c-49a4-4026-a9ae-8c310de83d68
.rfihub.com/	1970-01-20 16:21:59	Name: eud Value: H4sIAAAAAAAA_zslzmtoZmZmYWRsYGFpaWwEAHz-X0IQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MrQwNzCzNLW0MBbiM9R18THxN7UwT45MzTcBAF5LuAclAAAA
.rfihub.com/	1970-01-20 16:21:59	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MrQwNzCzNLW0MBbiM9R18THxN7UwT45MzTcBAF5LuAclAAAA
.servenobid.com/	1970-01-20 07:10:27	Name: pid_337 Value: y-5f6Kr_1E2uH3XqUtE0EH16B_4_9IGWzVoBDlzTQ-~A
.lijit.com/	1970-01-20 15:45:59	Name: _ljtrtb_273657 Value: 273657
.servenobid.com/	1970-01-20 07:10:27	Name: pid_339 Value: y-tHbYZGZE2uFhQdtfViERidOylmXsU9pxO19Mgk8-~A
.1rx.io/	1970-01-20 15:45:59	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-29d83875-89fc-4ec8-89ad-a2b06582c176-003%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%7D
.servenobid.com/	1970-01-20 07:10:27	Name: pid_324 Value: 5144588521870695983
.smartadserver.com/	1970-01-20 16:30:37	Name: pid Value: 1711862179451461867
.servenobid.com/	1970-01-20 07:10:27	Name: pid_309 Value: e_1853ca9c-49a4-4026-a9ae-8c310de83d68
.prebid.a-mo.net/	1970-01-20 07:01:49	Name: _sv3_11 Value: 1
.openx.net/	1970-01-20 15:45:59	Name: i Value: 9b3d0212-51aa-4cbb-956d-90aa8c5f1622\|1666823089
.servenobid.com/	1970-01-20 07:10:27	Name: pid_310 Value: FjDgrRZHjWXsarNlQ0KNADTS
.servenobid.com/	1970-01-20 07:10:27	Name: pid_312 Value: 1818209918264144733
.bidswitch.net/	1970-01-20 15:45:59	Name: tuuid Value: bfdcf2c3-9160-40f3-b4fd-7daa9841ea16
.bidswitch.net/	1970-01-20 15:45:59	Name: c Value: 1666823090
.bidswitch.net/	1970-01-20 15:45:59	Name: tuuid_lu Value: 1666823090
.servenobid.com/	1970-01-20 07:10:27	Name: pid_317 Value: 1711862179451461867
.emxdgt.com/	1970-01-20 07:43:35	Name: euid Value: 50861666823090036653f1
.creativecdn.com/	1970-01-20 15:45:59	Name: u Value: Ti1ekD0aDn4Z61advGj0
.creativecdn.com/	1970-01-20 15:45:59	Name: ts Value: 1666823090
.servenobid.com/	1970-01-20 07:10:27	Name: pid_333 Value: Y1mzseaCGB828_ByG7t99QAAFCwAAAIB
.adnxs.com/	1970-01-20 09:09:59	Name: uuid2 Value: 7261830710824795818
.quantserve.com/	1970-01-20 09:09:59	Name: d Value: EHkBDQG2J_7KwQA
.quantserve.com/	1970-01-20 16:30:37	Name: mc Value: 6359b3b2-1ed1b-6c334-413cd
.everesttech.net/	1970-01-20 15:45:59	Name: everest_g_v2 Value: g_surferid~Y1mzsgAAAYTV9QAr
.mathtag.com/	1970-01-20 16:26:18	Name: uuid Value: 2dec6359-b3b2-4d00-9997-d3c98eee5cad
.emxdgt.com/	1970-01-20 07:43:35	Name: eapn_id Value: 7261830710824795818
x.yieldlift.com/	1970-01-20 07:43:35	Name: ylxuid Value: 80f64e3a-9296-4467-b3e5-9a4cdf35bd4f
.casalemedia.com/	1970-01-20 09:09:59	Name: CMTS Value: 5133
.servenobid.com/	1970-01-20 07:10:27	Name: pid_314 Value: 80f64e3a-9296-4467-b3e5-9a4cdf35bd4f
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s85109\|Y1mzt
.ipredictive.com/	1970-01-20 15:45:59	Name: cu Value: d5a327e2-6bf2-4684-a347-6312107d6a11\|1666823090333
.zemanta.com/	1970-01-20 15:45:59	Name: zuid Value: 7MIL7xQxEMWlrlSOAZjI
.360yield.com/	1970-01-20 09:09:59	Name: tuuid Value: 4dd0ddda-dcad-4955-955b-3e55032725f2
.360yield.com/	1970-01-20 09:09:59	Name: tuuid_lu Value: 1666823090
sync.srv.stackadapt.com/	1970-01-20 15:45:59	Name: sa-user-id Value: s%3A0-bab8f7fd-8b26-4e71-628a-af4aca590235.msBoT3MAkuWBPxu0kN4WvmM%2Be9XivMet8RQ3zN5kILw
.srv.stackadapt.com/	1970-01-20 15:45:59	Name: sa-user-id-v2 Value: s%3Aurj3_YsmTnFiiq9KylkCNZJGdVY.zMZHJPyJY9hy6VeVyzKfVlBoqhqCaIFh1WBkyfYiK3k
.outbrain.com/	1970-01-20 09:09:59	Name: obuid Value: 184bc161-659d-4e1b-8a20-60c00918b416
.disqus.com/	1970-01-20 15:45:59	Name: zeta-ssp-user-id Value: ua-6a177f00-6390-31a3-baa4-843c604861ee
.prebid.a-mo.net/	1970-01-20 07:01:49	Name: _sv3_4 Value: 1
.trafficroots.com/	1970-01-20 15:45:59	Name: PARTNER_ID_3379 Value: 758a859c06
.smartadserver.com/	1970-01-20 15:45:59	Name: csync Value: 86:1818209918264144733\|137:758a859c06
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 860d38bb64dbde98
.amazon-adsystem.com/	1970-01-20 12:57:30	Name: ad-id Value: A9J8Y2YzSU2MhDuvKSAB3nA
.amazon-adsystem.com/	1970-01-20 16:36:23	Name: ad-privacy Value: 0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.xv5vphvgz5o7&_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://messages-microservice.ksl.com/user Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000;
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1828d094b1c52109b5bbf4ad1ec2d302.safeframe.googlesyndication.com
ad-cdn.technoratimedia.com
ad.360yield.com
ad4m.at
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
ap.lijit.com
app.protectsubrev.com
b1sync.zemanta.com
be.durationmedia.net
bh.contextweb.com
c.amazon-adsystem.com
cdn.mouseflow.com
cdn.siftscience.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
cookie-cdn.cookiepro.com
creativecdn.com
cs.emxdgt.com
csync.loopme.me
d3njgrq4uvb497.cloudfront.net
data.privacy.ensighten.com
demand.trafficroots.com
deseret.technoratimedia.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
g2.gumgum.com
hbopenbid.pubmatic.com
hexagon-analytics.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
img.ksl.com
js.stripe.com
ksl-d.openx.net
m.stripe.com
m.stripe.network
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
media.ksl.com
media.twiliocdn.com
messages-microservice.ksl.com
news-api.ksl.com
nexus.ensighten.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pages.protectsubrev.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.rubyblu.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebidads.revcatch.com
public.servenobid.com
q.stripe.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.ksl.com
static.rubyblu.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tag.durationmedia.net
tagan.adlightning.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.example.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.ksl.com
x.bidswitch.net
x.yieldlift.com
104.18.19.126
104.22.58.219
104.76.200.221
108.157.4.6
124.146.215.52
129.80.94.115
13.248.245.213
13.32.23.199
13.32.28.197
130.211.32.235
138.197.50.103
142.250.185.66
142.250.186.34
147.75.85.234
150.136.26.45
151.101.194.49
151.101.64.176
151.139.128.11
162.254.186.187
173.231.178.117
18.156.32.70
18.232.40.53
18.66.2.120
18.66.248.14
185.184.8.90
185.29.134.248
185.64.189.112
185.64.189.115
185.64.190.79
185.80.39.216
185.86.137.107
185.86.139.113
185.89.211.116
193.0.160.129
198.148.27.140
2001:4860:4802:34::36
213.19.147.44
216.52.2.19
23.203.77.3
23.205.235.133
2600:9000:21f3:3200:10:ce97:9fc0:93a1
2606:2800:220:1:248:1893:25c8:1946
2606:2800:233:f76:14f7:d635:25c4:c8d7
2606:4700:20::681a:bd1
2606:4700:20::681a:de1
2606:4700:20::ac43:4591
2606:4700:4400::ac40:950d
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:802::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2003
2a00:1450:4001:811::2006
2a00:1450:4001:827::2001
2a00:1450:4001:827::2004
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:400c:c0b::9c
2a05:d018:d29:3602:b152:500b:646e:5f14
2a06:98c1:3120::3
3.122.84.21
3.124.173.63
3.126.56.137
34.102.232.42
34.247.205.196
34.252.126.43
34.255.156.219
34.96.67.224
34.98.64.218
35.214.174.31
35.230.100.254
35.244.174.68
35.81.202.99
38.91.45.7
44.195.225.141
44.205.83.43
51.75.86.98
52.223.40.198
52.23.100.184
52.46.128.147
52.50.22.36
54.187.159.182
54.247.105.151
64.147.128.162
64.147.130.148
64.147.131.160
64.147.131.201
69.166.1.12
69.173.144.139
69.173.144.165
69.173.151.100
70.42.32.63
72.251.249.9
88.221.168.201
99.86.4.76
006b8f60f30ed5210c6d4cc52dd703f0d62124d5ace9a5a45fede025465a2fbe
01df456b85acb77a180ad7d890f265ea448289bdae9a4b54c58d919b4d484c2e
08c94f13753f2ebeeb9a2205148a786f051576c29f24bc0cead7d06b801496b5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0e1f708de0d2d94680628b72eb1465c75d09e5302cddc7a35c03b9f15846f236
149d88231ced3fea53140468e652aec0ae4ce336efcbd8c7c1ef6e2e75335541
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
16b38b6f240f06a90ae6e36cb1824781d5c04326efec5b6463a6a5834a4914ab
16e35ac491872655adb980937753a5e334ee137f59d934049990b735964c95a2
16eb3534055e2d58d7a4d02d4e40e5b04274ea3f490a343ba2be6572f65655eb
1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d
1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658
21cd559db3c100842a8ef209f2579e691ee47e2d1469ebeaaaac7cbd439509ab
230fa627d3bd338d03ee0fad3202075426114b03584c8106c24725a17eca5962
240d75e35ca91c207c7dd234bdbd81c438e4febda057fff7bb2252f4eb1011a8
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5
25b260ed99a4bb7bb9790faae68565a32fc4582cd5d768ce36fdc4a5ba30e2f8
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
2af6de0161679525ed17e3cab74b1f2ecbadbf3a3e83706d44549aa377daec16
2cca6512b76d32b8a264f673d11cac918644e7a3128cc27bceb7b8a18ace1ff4
2d0ed89b05ae0f532c44a3cf820f4f31118b60e5a750c42f9a150705112f7657
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
32dddeed43e3fbde44d76523d3a40dc8a00aaaee5f9f319f21e7c769ef2a43cc
332b59a58a5497379a0c8013a0a72663fd85680fe19d7d30c5ed0c7322510e9b
33cc0a21c1ca8eab50680298fedb8440589988e511a82348b00290bb111a4c8d
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3d5ef5208fc3f2d69568af5bc061bacac841da199c81e78e43692f73f21a8bd4
3ee298de82e9ba8d1f18236e1f6c06af46af3b53de9b2a27f83dca73b3991783
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
45df8300639a2c449239e3f0ddd1575ec2a867266840be6309b69903f032d919
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b97e968aa80e42c87229686542fade5f77356a6ba0c7c79c4f06d75604a24e
4926c7670bd5a97ba531632202ff2adb8e8c81ae1dc49b35a7699a478c559b77
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49aabeb632ac757d0d73d2b6793d99e7e1336eed6e3d81d89c5110bf2ba809aa
4b976f6fd8096cc2e26a39c65bd6fae205c22abb2fd203bbcf08808eb6520fa0
4e87647c04238f9d428f13246e42f198db78822780af8aa60a1220593ddba1d5
4f3b3578690d40304bf10e306cb338fa2ada8a77453191606be2318a344a99f4
53210cac13f1d699d88ba443a917d9a6af46068eb0c3f1f8c3823b41bb512772
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57de05264028a31a958c3315bb559a979fced7919c8920a4c36beaa14c5db5a1
5af05e984dcb10c694137bcefacd441b3e6ca8dcbb6ff1a01ba470fb78627b3a
5c9bebe91312efaced97443b564351d9d60442e73d01f22f4b8db0d016ff4695
5eca1045fd7fb49c4334b59cea338eaa7c4d0ce40cd97a34b5aefb0f6bd7930e
6094fc8eafb14969bcf5807bbbb64263b40d0bf94190ea8a8f61e6ec1aea3fbe
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6619c3c9eaf6738dc2e1921e0682e82f4a5b0ac44a6b33d89812f576bc31ab41
691aafabd0acb93f9c117c9e8f26e6300ed026ac0e95920e8893039bfc92e949
6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6bdb341440c662d46a4fe200f47772ede3040d2ce52ecfcab8f017f4fa2738
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6e65aecb8a21b66d9aeeea4d926d72d0f1023ca305327859bb69117e813468fa
6f3a01e144ec2db45bb24f5ee5e9ed1da37760b01593395c01e4c1e4780b89ae
72f9b571512687c542093f438cf5ea55b5156bee846ad0ada94ad74b1fcde38f
73da3b369596f2ea8e701ec80155bf93c638eb66f1de5eac9a88f2eb8e565fd8
7632362b4d18aa6aceda06f8a1a3ed3a1a723bf590406693cbed50aeacff87af
7815473f068f708bcde391e444f1e2d3f19d1ead1174a2281a8833648356b80d
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839e7c6761776f0e1c251d29d443dd8e29c6d3beefeeb8925c58a74ba784bd30
84322a0760a893c42160c6f31523ea34fc5c9179da933964e332728833517007
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
899ed59decfe5fc6d8ac52db236dc207d0d8c24389158b3b69626017498bee2d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ac6182d6fe5f5ab5c586d42b103c220c29fdb3d60152b22858af6eb67f35614
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ebe4963ca08a041fcbb87a4232bf58b1ae55c3b5623a3a2d9d79491bb46c674
900d69b36ed036b05ea15c5f1964278e36dde5956f4c18a2bccf54b022429641
906912f63ed9b23084a272f9c7834b906fc166e315c7ff61d03d0ad0ef182042
90767fabd53fe6949c8e19f3ab9d3da69cfc52c7bbfafe42739ed14c2e837920
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9903035e5b61b366e5709819a66349add4a4d132af460c00dc37babc30774ebb
9aa297430269a62d1bd64fdd71e54bcdeb2ef17c2cbd4b621f5f5d8d625e0706
9e588de310412f6d59c7cfc44a3ef0be84d8f6b2f11451fcf94e1448c0e7bba9
9ee6085f6660e6e74960798d5525d811821b33e49be30b5721767b7f8fd50df7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a16c637ac787bc73344b1466b8de4f2b3dbbef8cc3893225d5c11abcfc18a9b6
a2222c3dc9fc1c733c5b4fba136dbda11bb70c8ca64d652a2ca9dc3cb64f8474
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7f0309146c2d9a52beabdd71050c8882f928cc7d973e7b5db626b2d6c4412cd
afed9a0ab525a556166288e945e61b4e4adb9de9c074d8185f86b8f5f5fda311
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27dded173930495b565debcd64baefdf1932bd368212a3f02dbbb7995eb625c
b29bc934b18a9ab1723ebcb44eb1b0e7049e37c182e88c10df21060ec73dbe1d
b30160a5df28c6851ae7a952ff434706872419312131200f85380637a94a7246
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b44aca1eae3e39ba997248990086d3869b5c11e0b9061db488cc214e12d77b78
b9ba09a14e06bae02928229d0b0ac85da9090b70ba878847c948373abd34443c
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbb4d50e0944d96aaf9ebe28d06208a021ab1307665648e300f624d23f2a1420
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bbcf897108e1e1009f78f980110e419d69af4c882f43d26e6e21a1428862d263
be9d8ca24570811430807b5e3ebb8289744632e9f5cac67ba8850c895fcf2ed1
bee00dc9ac61a6eae0a5a1efd6af3ba501f5d4208e5e21e1bbc545db78c161fe
bf64852d6ba356ad309f01e973172dedbcd33fcc0823bb2e98484028c12a8074
c12fd5e334137dda97808d8da5b958825c35c938f8d38a3bc8c48c211a7b9854
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c7d2c0791ad181a85f3590f792a95ed07df8b248146bf42a6eb032ea370fdb17
c8b95d6dd69d99adc6632665bf0fe969180105d4b30c64844602200a9d9dd10f
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d
d0cc949db47eadda0e59235f19200cbbabebfa345bb06430bb69f0c159c80421
d18c05b903e42fe072a80fb16a7aae87c94e506237fce86f68ad8241fa70f759
d29e0e8aa73bec0f750b4bc7fcf2c2d3b0447d5167830ca885515e50ebd8c1e4
d8746ac90a3da990f0766e8ef912ad5571c257126b93a16ac4d8191e698601d3
db2ee7a386958f6e858c181063d50b9bd3dfe79f9318bc1550d15482a5e49350
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dc2b6002b3518b4b196486f9f3e91e2b27b73df5c54d8418e0d442b6a8196c74
dd0d7b0bd9b543ac1655f000d5db598194d9a6c0c79815600b59ee49a81e8c62
de1f59ff1258d5a1a8000d6219083e896581ac7bb20cb394823e0e7f61e059fb
de7d881e5092890489156ca9b153405feb9f7d6d63e6dcc6239a563bcf117708
dface7334524d5b6f437b40f2c99ed3ae0dbea4e663cf6ee0b4ef0e37c4588d8
e27e356d232cb6ddc56dffc22982c95d398e3b394a69022d267c7705a3126f64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7dd164aaa9d160d282f9f599dbce8172195015768578991461dffa9cf8ba9fb
e8d480780dad17fd64ac42eee77b9a8e485f2d81cc3dc232e2520a0e8058bffb
eb12070a6b2aa3c1c3db3386bfe577c9ee57bbf7af2a7a541b2c5dd2e189ceac
ebcd5e90336ad4d1e139c96c1966ad56be1f7af66f1cabe9fc2d9a770bd70d6f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
eca0b00bcdc228fa9087597c23b3108ad4c079791b6ddd56658e48ce83939b6e
ed51c6c44f063fffd3fef1042b859a00d4cbdcee5dbc742c758f7a275ff85f58
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f49b521799308f8cf36318142dbab92925dcae0ca9e2e35050f7d7635ce6c4b0
f53763926a615f42e53c73ce5f4c83591942a0974656dca7090088778e3da1c3
fe1a293cdb4905ed390da36b47fa01878068dc52306b495f97d39c56f00ea2fc
fe28d1fc96429848a184cfdad635484afc33b177a3324eaf89d489230b788d30
fe7fcad93d5e528dcade9448ff76392d7f1ba32580f75a7c0985249bf4f5e66c
fe809dbf33b27fbe35bca04b3959f443e27f26203c88265930d81e575c99a695

www.ksl.com Open in urlscan Pro 64.147.131.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

234 Requests

87 %HTTPS

24 %IPv6

67 Domains

103 Subdomains

76 IPs

10 Countries

2937 kBTransfer

8977 kBSize

79 Cookies

71 Outgoing links

Page URL History

Redirected requests

234 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ksl.com Open in urlscan Pro
64.147.131.201 Public Scan

Screenshot
Live screenshot

Full Image

234
Requests

87 %
HTTPS

24 %
IPv6

67
Domains

103
Subdomains

76
IPs

10
Countries

2937 kB
Transfer

8977 kB
Size

79
Cookies

234 HTTP transactions
6 data transactions