urlscan.io logo urlscan.io
SecurityTrails logo

www.ksl.com Open in urlscan Pro
64.147.131.201  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatiti...
Submission: On March 20 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 94 IPs in 13 countries across 95 domains to perform 298 HTTP transactions. The main IP is 64.147.131.201, located in Sandy, United States and belongs to DDMINC, US. The main domain is www.ksl.com. The Cisco Umbrella rank of the primary domain is 67665.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 7th 2022. Valid for: a year.
This is the only time www.ksl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 64.147.131.201 11319 (DDMINC)
2 108.138.17.12 16509 (AMAZON-02)
12 65.9.94.183 16509 (AMAZON-02)
23 64.147.131.160 11319 (DDMINC)
1 2a00:1450:400... 15169 (GOOGLE)
1 64.147.128.167 11319 (DDMINC)
3 2a00:1450:400... 15169 (GOOGLE)
6 3.124.173.63 16509 (AMAZON-02)
1 2 151.139.128.10 20446 (STACKPATH...)
3 65.9.95.7 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 130.211.32.235 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
8 18.66.147.119 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 3.232.49.172 14618 (AMAZON-AES)
5 7 54.194.106.129 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
13 52.213.135.234 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
3 2603:c020:400... 31898 (ORACLE-BM...)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
17 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 104.22.58.219 13335 (CLOUDFLAR...)
10 2606:4700:440... 13335 (CLOUDFLAR...)
2 3 35.244.159.8 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 64.147.130.148 11319 (DDMINC)
1 34.96.67.224 396982 (GOOGLE-CL...)
12 2a00:1450:400... 15169 (GOOGLE)
3 54.187.159.182 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
1 34.102.232.42 396982 (GOOGLE-CL...)
1 54.186.47.166 16509 (AMAZON-02)
1 65.9.97.56 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.95.39 16509 (AMAZON-02)
4 23.54.114.218 16625 (AKAMAI-AS)
1 2606:2800:233... 15133 (EDGECAST)
1 4 185.64.190.78 62713 (AS-PUBMATIC)
1 108.129.57.86 16509 (AMAZON-02)
1 51.75.86.98 16276 (OVH)
2 7 185.86.139.94 201081 (SMARTADSE...)
2 10 185.80.39.216 27381 (CASALE-MEDIA)
2 2 23.56.202.187 16625 (AKAMAI-AS)
4 23.37.42.132 16625 (AKAMAI-AS)
1 2600:9000:212... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
1 35.173.123.72 14618 (AMAZON-AES)
4 4 185.89.211.12 29990 (ASN-APPNEX)
2 2 216.52.2.86 32475 (SINGLEHOP...)
1 216.52.2.6 30282 (AS-INAPCD...)
5 5 213.19.147.44 26120 (RHYTHMONE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 193.0.160.130 54312 (ROCKETFUEL)
1 69.166.1.10 27630 (AS-XFERNET)
1 1 147.75.85.234 54825 (PACKET)
6 6 3.71.149.231 16509 (AMAZON-02)
1 1 18.214.42.172 14618 (AMAZON-AES)
1 18.196.251.66 16509 (AMAZON-02)
2 2 185.29.132.245 30419 (MEDIAMATH...)
10 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.168 1299 (TWELVE99 ...)
6 185.64.190.80 62713 (AS-PUBMATIC)
1 2 178.250.1.9 44788 (ASN-CRITE...)
8 9 142.250.185.194 15169 (GOOGLE)
1 54.194.149.6 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 2 34.233.114.35 14618 (AMAZON-AES)
1 34.91.62.186 396982 (GOOGLE-CL...)
4 5 37.157.4.40 198622 (ADFORM)
5 3.33.220.150 16509 (AMAZON-02)
2 2a05:d018:d29... 16509 (AMAZON-02)
2 198.47.127.20 3257 (GTT-BACKB...)
2 2 185.89.210.180 29990 (ASN-APPNEX)
1 16 52.210.15.1 16509 (AMAZON-02)
5 5 52.58.113.67 16509 (AMAZON-02)
2 2 18.158.226.95 16509 (AMAZON-02)
3 3 70.42.32.191 22075 (AS-OUTBRAIN)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 2 54.152.101.92 14618 (AMAZON-AES)
1 1 52.204.125.50 14618 (AMAZON-AES)
1 8.18.47.7 398989 (DEEPINTENT)
2 2 70.42.32.159 22075 (AS-OUTBRAIN)
1 1 104.111.217.14 16625 (AKAMAI-AS)
2 2 3.248.98.105 16509 (AMAZON-02)
2 2 198.148.27.140 19189 (PULSEPOINT)
4 5 151.101.194.49 54113 (FASTLY)
1 1 202.241.208.56 4694 (IDCF IDC ...)
1 1 80.77.87.162 46636 (NATCOWEB)
1 2 52.46.151.131 16509 (AMAZON-02)
1 1 185.183.112.155 60350 (VP)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 185.255.84.153 200271 (IGUANE-)
2 2 162.19.80.92 16276 (OVH)
7 69.173.144.165 26667 (RUBICONPR...)
1 8.43.72.98 26667 (RUBICONPR...)
1 192.132.33.46 18568 (BIDTELLECT)
1 35.230.100.254 396982 (GOOGLE-CL...)
1 52.95.115.255 ()
1 1 85.114.159.118 ()
1 3 2606:4700:10:... ()
1 2 77.243.60.138 ()
2 2 35.201.96.126 ()
1 185.64.189.229 ()
2 2 51.222.80.231 ()
2 2 18.198.69.109 ()
1 1 51.255.68.171 ()
1 2a02:fa8:8806... ()
1 98.98.134.243 ()
1 1 52.220.229.2 ()
1 72.251.241.206 ()
1 2 2606:4700::68... ()
1 195.5.165.20 ()
1 1 35.214.223.115 ()
1 35.186.193.173 ()
1 1 34.102.253.54 ()
1 1 164.92.213.94 ()
298 94
7    64.147.131.201 (Sandy, United States)

ASN11319 (DDMINC, US)
PTR: ksl.com
www.ksl.com
news-api.ksl.com
2    108.138.17.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-12.fra56.r.cloudfront.net
nexus.ensighten.com
12    65.9.94.183 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-94-183.prg50.r.cloudfront.net
d3njgrq4uvb497.cloudfront.net
23    64.147.131.160 (Sandy, United States)

ASN11319 (DDMINC, US)
PTR: img.bonnint.net
static.ksl.com
img.ksl.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    64.147.128.167 (Syracuse, United States)

ASN11319 (DDMINC, US)
media.ksl.com
3    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    3.124.173.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
data.privacy.ensighten.com
2    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn.mouseflow.com
3    65.9.95.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-7.prg50.r.cloudfront.net
js.stripe.com
1    2600:9000:223d:7200:10:ce97:9fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
tag.durationmedia.net
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
prebidads.revcatch.com
4    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    130.211.32.235 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 235.32.211.130.bc.googleusercontent.com
static.rubyblu.com
6    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.de
8    18.66.147.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-119.fra60.r.cloudfront.net
tagan.adlightning.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2606:4700:20::681a:de1 (United States)

ASN13335 (CLOUDFLARENET, US)
app.protectsubrev.com
4    3.232.49.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-49-172.compute-1.amazonaws.com
be.durationmedia.net
7    54.194.106.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-106-129.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
9    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2606:4700:10::6816:43d (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
13    52.213.135.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-135-234.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    2603:c020:400d:3000:bf17:cd18:9a23:846c (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
deseret.technoratimedia.com
sync.technoratimedia.com
8    2606:4700:20::681a:ce1 (United States)

ASN13335 (CLOUDFLARENET, US)
pages.protectsubrev.com
app.protectsubrev.com
17    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    104.22.58.219 (None, )

ASN13335 (CLOUDFLARENET, US)
media.twiliocdn.com
10    2606:4700:4400::6812:2894 (United States)

ASN13335 (CLOUDFLARENET, US)
cookie-cdn.cookiepro.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
ksl-d.openx.net
us-u.openx.net
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com
1    64.147.130.148 (Sandy, United States)

ASN11319 (DDMINC, US)
PTR: messages-microservice.ksl.com
messages-microservice.ksl.com
1    34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com
cdn.siftscience.com
12    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
2    2600:9000:2057:d800:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    34.102.232.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com
hexagon-analytics.com
1    54.186.47.166 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-47-166.us-west-2.compute.amazonaws.com
m.stripe.com
1    65.9.97.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-97-56.prg50.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    65.9.95.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-39.prg50.r.cloudfront.net
public.servenobid.com
4    23.54.114.218 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-114-218.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2606:2800:233:f76:14f7:d635:25c4:c8d7 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    108.129.57.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-57-86.eu-west-1.compute.amazonaws.com
g2.gumgum.com
1    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
7    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
10    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
2    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2600:9000:2127:2800:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
1    35.173.123.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-123-72.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
4    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    216.52.2.86 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    216.52.2.6 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
5    213.19.147.44 (Castricum, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
6    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    18.214.42.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-42-172.compute-1.amazonaws.com
ssp.disqus.com
1    18.196.251.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-251-66.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
10    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.168 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com
d5p.de17a.com
6    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
9    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
1    54.194.149.6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-149-6.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
2    34.233.114.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-114-35.compute-1.amazonaws.com
a.audrte.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
5    37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    2a05:d018:d29:3602:8a7a:282c:c25e:4d1f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
2    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
16    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
5    52.58.113.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-113-67.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    18.158.226.95 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-226-95.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
3    70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    54.152.101.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-101-92.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    52.204.125.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-125-50.compute-1.amazonaws.com
sync.ipredictive.com
1    8.18.47.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    104.111.217.14 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-14.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    3.248.98.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-98-105.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
5    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    202.241.208.56 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    185.183.112.155 (Meaux, France)

ASN60350 (VP, FR)
sync.adotmob.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    185.255.84.153 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    162.19.80.92 (France)

ASN16276 (OVH, FR)
PTR: ns3011863.ip-162-19-80.eu
gu.dyntrk.com
7    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.46.bidtellect.com
bttrack.com
1    35.230.100.254 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 254.100.230.35.bc.googleusercontent.com
pixel.rubyblu.com
1    52.95.115.255 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
3    2606:4700:10::6816:1957 (None, )

ASN- ()
mwzeom.zeotap.com
spl.zeotap.com
2    77.243.60.138 (None, )

ASN- ()
uipglob.semasio.net
2    35.201.96.126 (None, )

ASN- ()
visitor.fiftyt.com
1    185.64.189.229 (None, )

ASN- ()
aud.pubmatic.com
2    51.222.80.231 (None, )

ASN- ()
pixel.onaudience.com
2    18.198.69.109 (None, )

ASN- ()
loada.exelator.com
1    51.255.68.171 (None, )

ASN- ()
dsp.nrich.ai
1    2a02:fa8:8806:13::1370 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    98.98.134.243 (None, )

ASN- ()
pixel-sync.sitescout.com
1    52.220.229.2 (None, )

ASN- ()
cm-supply-web.gammaplatform.com
1    72.251.241.206 (None, )

ASN- ()
cm.adgrx.com
2    2606:4700::6812:19ad (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    35.214.223.115 (None, )

ASN- ()
csync.loopme.me
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
1    164.92.213.94 (None, )

ASN- ()
match.adsby.bidtheatre.com
Apex Domain
Subdomains		 Transfer
32 ksl.com
www.ksl.com — Cisco Umbrella Rank: 67665
static.ksl.com — Cisco Umbrella Rank: 108884
img.ksl.com — Cisco Umbrella Rank: 100084
media.ksl.com — Cisco Umbrella Rank: 170712
news-api.ksl.com — Cisco Umbrella Rank: 90711
messages-microservice.ksl.com — Cisco Umbrella Rank: 108115
767 KB
31 googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 134
d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
360 KB
28 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 452
ads.pubmatic.com — Cisco Umbrella Rank: 457
image6.pubmatic.com — Cisco Umbrella Rank: 717
simage2.pubmatic.com — Cisco Umbrella Rank: 676
image2.pubmatic.com — Cisco Umbrella Rank: 852
image4.pubmatic.com — Cisco Umbrella Rank: 921
simage4.pubmatic.com — Cisco Umbrella Rank: 1177
aud.pubmatic.com
47 KB
23 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
googleads.g.doubleclick.net — Cisco Umbrella Rank: 32
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 310
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
193 KB
17 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1388
usersync.gumgum.com — Cisco Umbrella Rank: 1829
6 KB
14 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 939
eus.rubiconproject.com — Cisco Umbrella Rank: 526
token.rubiconproject.com — Cisco Umbrella Rank: 531
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 949
pixel.rubiconproject.com — Cisco Umbrella Rank: 317
24 KB
14 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1888
public.servenobid.com — Cisco Umbrella Rank: 3482
9 KB
12 cloudfront.net
d3njgrq4uvb497.cloudfront.net
434 KB
10 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 425
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524
dsum.casalemedia.com — Cisco Umbrella Rank: 1223
9 KB
10 cookiepro.com
cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 6098
182 KB
10 protectsubrev.com
app.protectsubrev.com — Cisco Umbrella Rank: 47460
pages.protectsubrev.com — Cisco Umbrella Rank: 50628
58 KB
8 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 271
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
2 KB
8 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1693
225 KB
8 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 2931
data.privacy.ensighten.com — Cisco Umbrella Rank: 8419
89 KB
7 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 743
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 582
3 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 516
3 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 955
q.stripe.com — Cisco Umbrella Rank: 6067
m.stripe.com — Cisco Umbrella Rank: 966
113 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
secure.adnxs.com — Cisco Umbrella Rank: 381
6 KB
6 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4219
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 68
2 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 595
1 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 285
2 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
1 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 590
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
221 KB
5 durationmedia.net
tag.durationmedia.net — Cisco Umbrella Rank: 6827
be.durationmedia.net — Cisco Umbrella Rank: 7030
35 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 497
2 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 283
s.amazon-adsystem.com — Cisco Umbrella Rank: 269
aax-eu.amazon-adsystem.com
57 KB
4 technoratimedia.com
deseret.technoratimedia.com — Cisco Umbrella Rank: 170678 Failed
ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 3421
sync.technoratimedia.com — Cisco Umbrella Rank: 1308
8 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
21 KB
3 zeotap.com
mwzeom.zeotap.com
spl.zeotap.com
1002 B
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 756
1 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22457
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27572
896 B
3 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 870
ap.lijit.com — Cisco Umbrella Rank: 575
2 KB
3 openx.net
ksl-d.openx.net — Cisco Umbrella Rank: 161704
us-u.openx.net — Cisco Umbrella Rank: 420
58 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6069
adservice.google.de — Cisco Umbrella Rank: 8720
1 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
223 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 exelator.com
loada.exelator.com
2 KB
2 onaudience.com
pixel.onaudience.com
906 B
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1900
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 538
701 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 675
624 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 530
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 635
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 649
741 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2219
1 KB
2 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2544
1 KB
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 688
930 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4624
562 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 460
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 776
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
952 B
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1034
16 KB
2 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 8877
279 B
2 rubyblu.com
static.rubyblu.com — Cisco Umbrella Rank: 101940
pixel.rubyblu.com — Cisco Umbrella Rank: 141396
8 KB
2 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 6519
55 KB
1 bidtheatre.com
match.adsby.bidtheatre.com
555 B
1 playground.xyz
ads.playground.xyz
462 B
1 ctnsnet.com
ipac.ctnsnet.com
370 B
1 loopme.me
csync.loopme.me
225 B
1 iprom.net
core.iprom.net
280 B
1 adgrx.com
cm.adgrx.com
283 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com
650 B
1 sitescout.com
pixel-sync.sitescout.com
191 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 nrich.ai
dsp.nrich.ai
566 B
1 adition.com
dsp.adfarm1.adition.com
524 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 730
163 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 788
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1558
281 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 951
660 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 961
700 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 487
763 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 846
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
465 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 736
610 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 785
265 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 515
35 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1460
293 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 926
243 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 823
498 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1068
465 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2769
329 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1486
160 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 2996
483 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 706
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 272
25 KB
1 hexagon-analytics.com
hexagon-analytics.com — Cisco Umbrella Rank: 5201
297 B
1 siftscience.com
cdn.siftscience.com — Cisco Umbrella Rank: 8364
21 KB
1 twiliocdn.com
media.twiliocdn.com — Cisco Umbrella Rank: 20381
119 KB
1 revcatch.com
prebidads.revcatch.com — Cisco Umbrella Rank: 66596
7 KB
1 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 444
121 KB
298 95
Domain Requested by
17 tpc.googlesyndication.com www.ksl.com
tagan.adlightning.com
d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com
16 usersync.gumgum.com 1 redirects g2.gumgum.com
ads.pubmatic.com
14 static.ksl.com www.ksl.com
static.ksl.com
13 ads.servenobid.com www.ksl.com
public.servenobid.com
g2.gumgum.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
ads.pubmatic.com
12 pagead2.googlesyndication.com www.ksl.com
tpc.googlesyndication.com
d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com
tagan.adlightning.com
12 d3njgrq4uvb497.cloudfront.net www.ksl.com
d3njgrq4uvb497.cloudfront.net
10 simage2.pubmatic.com ads.pubmatic.com
10 cookie-cdn.cookiepro.com www.ksl.com
9 cm.g.doubleclick.net 8 redirects g2.gumgum.com
9 securepubads.g.doubleclick.net www.ksl.com
tagan.adlightning.com
9 img.ksl.com www.ksl.com
d3njgrq4uvb497.cloudfront.net
8 tagan.adlightning.com www.ksl.com
tagan.adlightning.com
d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com
7 match.prod.bidr.io 5 redirects www.ksl.com
eus.rubiconproject.com
6 token.rubiconproject.com eus.rubiconproject.com
6 image2.pubmatic.com ads.pubmatic.com
6 ups.analytics.yahoo.com 6 redirects
6 app.protectsubrev.com www.ksl.com
6 data.privacy.ensighten.com www.ksl.com
6 www.ksl.com 1 redirects www.ksl.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 sync-tm.everesttech.net 4 redirects ads.pubmatic.com
5 x.bidswitch.net 5 redirects
5 match.adsrvr.org ads.pubmatic.com
g2.gumgum.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 www.googletagservices.com www.ksl.com
tagan.adlightning.com
d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com
4 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
4 sync.1rx.io 4 redirects
4 ib.adnxs.com 4 redirects
4 eus.rubiconproject.com public.servenobid.com
eus.rubiconproject.com
g2.gumgum.com
4 ssum-sec.casalemedia.com 1 redirects public.servenobid.com
g2.gumgum.com
ssum-sec.casalemedia.com
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 ads.pubmatic.com www.ksl.com
public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
4 pages.protectsubrev.com www.ksl.com
4 be.durationmedia.net www.ksl.com
4 www.google-analytics.com www.ksl.com
3 sync.outbrain.com 3 redirects
3 ssbsync.smartadserver.com 1 redirects public.servenobid.com
eus.rubiconproject.com
3 q.stripe.com www.ksl.com
3 www.google.com www.ksl.com
3 js.stripe.com www.ksl.com
js.stripe.com
3 www.googletagmanager.com www.ksl.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 mwzeom.zeotap.com
2 gu.dyntrk.com 2 redirects
2 creativecdn.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 bh.contextweb.com 2 redirects
2 ad.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 us-u.openx.net 2 redirects
2 cms.quantserve.com 1 redirects g2.gumgum.com
2 a.sportradarserving.com 2 redirects
2 secure.adnxs.com 2 redirects
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
g2.gumgum.com
2 a.audrte.com 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 dis.criteo.com 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 sync.mathtag.com 2 redirects
2 p.rfihub.com 2 redirects
2 ad.turn.com 2 redirects
2 ce.lijit.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 sync.technoratimedia.com ad-cdn.technoratimedia.com
g2.gumgum.com
2 googleads4.g.doubleclick.net tagan.adlightning.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com www.ksl.com
2 ex.ingage.tech www.ksl.com
2 www.google.de www.ksl.com
2 stats.g.doubleclick.net www.ksl.com
2 region1.analytics.google.com www.ksl.com
2 cdn.mouseflow.com 1 redirects www.ksl.com
2 nexus.ensighten.com www.ksl.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 cm-supply-web.gammaplatform.com 1 redirects
1 pixel-sync.sitescout.com
1 pubmatic-match.dotomi.com
1 dsp.nrich.ai 1 redirects
1 spl.zeotap.com 1 redirects
1 aud.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 aax-eu.amazon-adsystem.com ads.pubmatic.com
1 simage4.pubmatic.com ads.pubmatic.com
1 pixel.rubyblu.com www.ksl.com
1 bttrack.com eus.rubiconproject.com
1 pixel.rubiconproject.com eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 visitor.omnitagjs.com ssbsync.smartadserver.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 tg.socdm.com 1 redirects
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 match.sharethrough.com public.servenobid.com
1 ssp.disqus.com 1 redirects
1 prebid.a-mo.net 1 redirects
1 sync.go.sonobi.com public.servenobid.com
1 sync.targeting.unrulymedia.com 1 redirects
1 ap.lijit.com public.servenobid.com
1 cs-server-s2s.yellowblue.io public.servenobid.com
1 sync.adkernel.com public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 onetag-sys.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 ad-cdn.technoratimedia.com www.ksl.com
1 public.servenobid.com www.ksl.com
1 s0.2mdn.net d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com
1 googleads.g.doubleclick.net d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com
1 c.amazon-adsystem.com www.ksl.com
1 m.stripe.com m.stripe.network
1 hexagon-analytics.com
1 cdn.siftscience.com www.ksl.com
1 messages-microservice.ksl.com www.ksl.com
1 adservice.google.com www.ksl.com
1 adservice.google.de www.ksl.com
1 ksl-d.openx.net www.ksl.com
1 news-api.ksl.com www.ksl.com
1 media.twiliocdn.com www.ksl.com
1 deseret.technoratimedia.com www.ksl.com
1 hbopenbid.pubmatic.com www.ksl.com
1 static.rubyblu.com www.ksl.com
1 prebidads.revcatch.com www.ksl.com
1 tag.durationmedia.net www.ksl.com
1 media.ksl.com www.ksl.com
1 imasdk.googleapis.com www.ksl.com
298 142
Subject Issuer Validity Valid
*.ksl.com
Go Daddy Secure Certificate Authority - G2		 2022-06-07 -
2023-06-17		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
nexus.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-07 -
2023-10-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.privacy.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-03 -
2024-02-16		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-02-06 -
2023-05-13		 3 months crt.sh
*.durationmedia.net
Amazon RSA 2048 M01		 2023-02-23 -
2023-10-14		 8 months crt.sh
*.revcatch.com
GTS CA 1P5		 2023-01-30 -
2023-04-30		 3 months crt.sh
ads.rubyblu.com
GTS CA 1D4		 2023-01-24 -
2023-04-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-07-07		 4 months crt.sh
www.google.de
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-29 -
2023-09-29		 a year crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2022-07-13 -
2023-08-11		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M02		 2023-02-09 -
2023-06-27		 5 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
cookiepro.com
Cloudflare Inc ECC CA-3		 2023-03-20 -
2024-03-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.siftscience.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-10 -
2024-02-10		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-14 -
2023-06-13		 4 months crt.sh
*.hexagon-analytics.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-12-01		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-08 -
2023-04-08		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
gumgum.com
Amazon RSA 2048 M01		 2023-02-14 -
2023-10-05		 8 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-06-29		 4 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon RSA 2048 M01		 2023-02-23 -
2023-05-22		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-02-09 -
2024-01-26		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-21 -
2023-04-20		 a year crt.sh
www.rubyblu.com
R3		 2023-03-08 -
2023-06-06		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.iprom.net
R3		 2023-03-01 -
2023-05-30		 3 months crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh

This page contains 54 frames:

Primary Page: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Frame ID: 884D81CE045EAFF34D2DBE62AD56AAC3
Requests: 121 HTTP requests in this frame

Frame: https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 51AA839B14B00830A64E3A33D03A1DB2
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 474F7EB9611A08E8537D3F12674E3805
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 54F365CE002D658B187CB5F8DCCE0106
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AE7F9B0A4887B7700FF0187E3CA05A4F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 214A68BCEC0DFEBF0EBEA93F3D911F83
Requests: 2 HTTP requests in this frame

Frame: https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 662B05CF111BF554F2C42C7E0F623FC9
Requests: 15 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Frame ID: B752E2E3E2572D3016D82A9F267F08AF
Requests: 8 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Frame ID: 40FEA7E13BE509446B96CAB7EA9B0654
Requests: 9 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Frame ID: 0459F5EB13A142873989F0C1E80EC213
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGMiVxd0BMAE&v=APEucNXD2h31w5LHqn-nxNSnc8P33y2iaiOWZwwWhyj7RbsBK0TRtMPR6vwQVtzOxnIAqs3Yl6-fYwJhG2Bp7NNhNKaDIm8S7g
Frame ID: D83F8EE703E7A853969033E859C2C54E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F56BA292FBBAF1F7ABAE0FEB07C7E08E
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: B971DF94595A59ADF5E24F453BF64321
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Frame ID: 13BEC7AE3B1032BF1E4AA5B89F7F529A
Requests: 14 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.24.0
Frame ID: 75076BB522C0F3C01D0272BAD99AA5E6
Requests: 2 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: A769A7B918D4943979D1660EAE22A3D6
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: ABBF658668F11A1325726E7CD86B3BE6
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 0B76B0F3C41B6F89702097A56CC3D940
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: FF8BF02A9879AC1BA49CFCA0F2DB275B
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 842905EA2FF5DE41778F25BBB5883B67
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 22F182E8BE469EB6F6335ADB5F8BCA09
Requests: 9 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 5F741236786AED669F5CD3CB319B60E6
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 15A354D68EBEB4EF63582A5F36BA30E3
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 645EC89EAA8DC80CE401567921843B96
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:16d56417-dd4c-4300-b9aa-69d8e7efa347&gdpr=0&gdpr_consent=
Frame ID: 8BB0733824C42253CB63A19D58CA3850
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7805569497189692645
Frame ID: E3561595BDC462ACF81C89947E7FB175
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 2A2E2550A6F0A1F5EAAB642F0E22B519
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=b0716417-dd4b-4a00-80ec-a9208ff39d1d&gdpr=0&gdpr_consent=
Frame ID: E24FBD0893EFF43758423F56C217837D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZBfdSgAAApCRDQAG&gdpr=0&gdpr_consent=&_test=ZBfdSgAAApCRDQAG
Frame ID: 51165396D13C29B52EEA1E4BB33886BE
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81YWU3ZTIwZS1lOGI5LTQ0ZGMtODU3My1jZWY2MjgyNDU4OWE=&gdpr=0&gdpr_consent=
Frame ID: F409AAE0A2885301312CE70E65EFCA53
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: F3B302A8BEAF76B23F029B866489072D
Requests: 5 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: ADEFEEB85CDF83655FB05075A350997C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZBfdS8Co5tAAAIOYO.UAAAAA
Frame ID: FDF6AD35491AEBBB299D1EEE5A991F33
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=2eb9a1cb-af76-4c04-9dfa-25ce4543fa4d
Frame ID: 78187E2F491470BA9F6F7B525ECE4FDD
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: E41A0542965E61BAAC83E63EB76718DB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=IozpCbiYIOiQ73cp6ppk&pi=gumgum&tc=1
Frame ID: 6CA6C30EFBE3273CE59D0D25AF43034B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 648276DC165784D7FC825E1B5074D5D3
Requests: 4 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ck-RqiAflPlpH8P7c0yN-3BJw_xpHZOsJxlcgX43
Frame ID: 46855534CED700F612BB1E39090F1FE5
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&redir=true&gdpr=0&gdpr_consent=
Frame ID: E51A782F50E4CCE116C4F832199ACAC9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5579419736757048559&gdpr=0&gdpr_consent=
Frame ID: 4993592A0B3C9618AF2DE45B8734938D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7212476651056265366&gdpr=0&gdpr_consent=
Frame ID: 5AF635B8916EC1001DB9D7BF6A42C42A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FeVGqeltUCdT8eymih_UWiU6Ovo&gdpr=0&gdpr_consent=
Frame ID: D4BC25295ECEFCBC7022E41B57E786B0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE5vU7IL7sAACAg-Hj57A&gdpr=0&gdpr_consent=
Frame ID: 7FAC75828EF1A0F3FA5ACA20C2FFA59E
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: B1E10DF85D3F637B64AD0A67824435D9
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1
Frame ID: 65B5BB33310A204EA9F3E2CFBE461B63
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&gdpr=0&gdpr_consent=
Frame ID: 20ABE58C201DD9D8FDB2C0B7AB8BFEF8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=q3k6bxl4vm26
Frame ID: 324E2FA372ED8F597D65BCD7329E9475
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 69B95EC6BF5CBC98B3091F4965EF7DC6
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 0748342A5E69C6354FEB8B7380040BE3
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 091DCE4959CA216C374D73950B7C250A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 1A70949C0D472A3B52D88580490FEA25
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5967651718
Frame ID: FA475CEB74A682E6BA018075E1D69F67
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: F64B15830C9641F7B854052348735590
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1
Frame ID: B2FD4560FB47B0BFAC487A25274013FE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Frozen strawberries sold at Costco, Trader Joe's and Aldi recalled after hepatitis A infections | KSL.comKSL homepageKSL homepageMessages (0)account - logged outSupportKSL homepageKSL homepageclose sub menucheck marksearchMessages (0)account - logged outSupportBack ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com
Overall confidence: 100%
Detected patterns
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • cdn\.sift(?:science)?\.com/s\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js

Page Statistics

298
Requests

85 %
HTTPS

24 %
IPv6

95
Domains

142
Subdomains

94
IPs

13
Countries

3521 kB
Transfer

10118 kB
Size

101
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.ksl.com/ensighten_news HTTP 307
  • https://nexus.ensighten.com/deseretdigital/ksl-com/Bootstrap.js
Request Chain 36
  • https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5.js HTTP 301
  • https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5_eu.js
Request Chain 59
  • https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.cif1r6eaya77 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.cif1r6eaya77&_bee_ppp=1
Request Chain 182
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 183
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 188
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=5579419736757048559
Request Chain 189
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=GVw8sRZHJKyhEmuUSSyc4wj3
Request Chain 191
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1679285578828 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3816890823 HTTP 302
  • https://sync.1rx.io/usersync/turn/7434213496204211953?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-49a8d4a9-6d13-4178-8b2f-c6165c7b5fcf-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-49a8d4a9-6d13-4178-8b2f-c6165c7b5fcf-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-49a8d4a9-6d13-4178-8b2f-c6165c7b5fcf-003
Request Chain 192
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5140084924258708728
Request Chain 194
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=68c6aa77-a31c-42fb-874b-6c9ebe58eb59&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 195
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-4Yxabc5E2uFnMAv28KroAMQ9ySD3PtT390sUo5M-~A
Request Chain 196
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-492e9ed7-296a-3797-b587-3d5b67c1f6bd
Request Chain 197
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-4Yxabc5E2uFnMAv28KroAMQ9ySD3PtT390sUo5M-~A
Request Chain 200
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:16d56417-dd4c-4300-b9aa-69d8e7efa347&gdpr=0&gdpr_consent=
Request Chain 201
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7805569497189692645
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pdj1iS53R8-bp6gYOam5oQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 205
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=553623175 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1
Request Chain 206
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Mzk1UnRPak0wSFVTM0NXTHgzdFZGbWRYQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTVEOEY1ODktMkU3Ny00N0NGLTlCQTctQTgxODM5QTlCOUEx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENLGtmyaP0tN45dbVIr6JSc&google_cver=1
Request Chain 210
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9186688692752709113
Request Chain 213
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-3Vq.ZLxE2uWDRIIdYYYrDGyAnXffHM8-~A&gdpr=0
Request Chain 215
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5579419736757048559
Request Chain 216
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5ae7e20e-e8b9-44dc-8573-cef62824589a&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_5ae7e20e-e8b9-44dc-8573-cef62824589a&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=b10ef0a0-0159-4f1f-8635-fe5df9a2688e&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=d86575a8-4f90-4af1-a03b-271c755e720f
Request Chain 217
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%284svinRr87yVt9Lb4SI16CNQyB4eV8sR82WlH3nsyxPxFQV-VyOW4IceaV0ryEykm%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%284svinRr87yVt9Lb4SI16CNQyB4eV8sR82WlH3nsyxPxFQV-VyOW4IceaV0ryEykm%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_5ae7e20e-e8b9-44dc-8573-cef62824589a&obuid=ENC(4svinRr87yVt9Lb4SI16CNQyB4eV8sR82WlH3nsyxPxFQV-VyOW4IceaV0ryEykm) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid=4svinRr87yVt9Lb4SI16CNQyB4eV8sR82WlH3nsyxPxFQV-VyOW4IceaV0ryEykm&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Request Chain 218
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=ad027281-e541-4305-96ee-13e4fe76669e
Request Chain 219
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-15e546a9-e96d-5027-53f1-eca68a1fd45a$ip$37.58.58.250
Request Chain 221
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=cd1c0b43-468b-4f93-8878-2abfb71b3cb6
Request Chain 224
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5ae7e20e-e8b9-44dc-8573-cef62824589a&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=rWsdrrnrwqteyAml3Uo_&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24SXONSHE4TOOJ3XC5DFPFAW23BTKVXV6JTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24SXONSHE4TOOJ3XC5DFPFAW23BTKVXV6JTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=rWsdrrnrwqteyAml3Uo_&us_privacy=1---
Request Chain 225
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=e9c4f6db-b7b4-48ee-8f09-941cd79e2b70
Request Chain 226
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=8HeaTlRlfebF&ev=1&pid=558355
Request Chain 227
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=2574575548534406320
Request Chain 229
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=b0716417-dd4b-4a00-80ec-a9208ff39d1d&gdpr=0&gdpr_consent=
Request Chain 230
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZBfdSgAAApCRDQAG HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZBfdSgAAApCRDQAG&gdpr=0&gdpr_consent=&_test=ZBfdSgAAApCRDQAG
Request Chain 234
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZBfdS8Co5tAAAIOYO.UAAAAA
Request Chain 235
  • https://cs.admanmedia.com/sync/gumgum?puid=e_5ae7e20e-e8b9-44dc-8573-cef62824589a&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=2eb9a1cb-af76-4c04-9dfa-25ce4543fa4d
Request Chain 237
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBfdSghJmZ8sif1FkjKm7QAABIYAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBfdSghJmZ8sif1FkjKm7QAABIYAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 239
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZBfdSghJmZ8sif1FkjKm7QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRE0EEA5RYuJyoPV-3SXVw&google_cver=1
Request Chain 240
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZBfdSghJmZ8sif1FkjKm7QAABIYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHNtrapP-ttacN_OHwMqcv0&google_cver=1
Request Chain 241
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 242
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZBfdSwAC7eWRGAAG HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZBfdSwAC7eWRGAAG&_test=ZBfdSwAC7eWRGAAG
Request Chain 243
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084924258708728
Request Chain 244
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5579419736757048559
Request Chain 246
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=IozpCbiYIOiQ73cp6ppk&pi=gumgum&tc=1
Request Chain 247
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 250
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=8213165784806031838&gdpr=0&gdpr_consent=
Request Chain 251
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=cc5cdc27-f49e-4177-996c-094aa3fceeb7&gdpr=0&gdpr_consent=
Request Chain 252
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=03010010_6417dd4b0a410&knw= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03010010_6417dd4b0a410&gdpr=0&gdpr_consent=
Request Chain 274
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ck-RqiAflPlpH8P7c0yN-3BJw_xpHZOsJxlcgX43
Request Chain 276
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5579419736757048559&gdpr=0&gdpr_consent=
Request Chain 277
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7212476651056265366&gdpr=0&gdpr_consent=
Request Chain 278
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FeVGqeltUCdT8eymih_UWiU6Ovo&gdpr=0&gdpr_consent=
Request Chain 279
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFNXZVN0lMN3NBQUNBZy1IajU3QQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAE5vU7IL7sAACAg-Hj57A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2574575548534406320&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAE5vU7IL7sAACAg-Hj57A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2574575548534406320%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2574575548534406320&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAE5vU7IL7sAACAg-Hj57A&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE5vU7IL7sAACAg-Hj57A&gdpr=0&gdpr_consent=
Request Chain 283
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 284
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&addseg=19,36,42
Request Chain 285
  • https://pixel.onaudience.com/?partner=214&mapped=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=6fa1fb77f4d713622844e11defc01757&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=d106aa53903531f7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=029c1f54-4c95-4d1f-6cf1-ffbb294caa7d&reqId=c8f4b6d8-5862-48dd-4c24-d4e68b2161c1&zcluid=d106aa53903531f7&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEDZd7ughCoiwIIGLYb7WLfE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=029c1f54-4c95-4d1f-6cf1-ffbb294caa7d&reqId=c8f4b6d8-5862-48dd-4c24-d4e68b2161c1&zcluid=d106aa53903531f7&zdid=1332
Request Chain 286
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d86575a8-4f90-4af1-a03b-271c755e720f&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=90f26a68-ba20-4cf6-a04b-0e6de2996647&expires=1&user_group=2&ssp=pubmatic&bsw_param=d86575a8-4f90-4af1-a03b-271c755e720f&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d86575a8-4f90-4af1-a03b-271c755e720f&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 291
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=q3k6bxl4vm26
Request Chain 293
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 295
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 296
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5967651718
Request Chain 299
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5579419736757048559
Request Chain 300
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7434213496204211953&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 301
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:4b6eb08f-73cb-485b-b2ca-c07bbd684378&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

298 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
www.ksl.com/article/50602859/ 		111 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.201 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
ksl.com
Software
Apache /
Resource Hash
5237af6f5bc44201f8182c56a81a09e1595b1e0b6b495576d487e4568676e86a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, must-revalidate, private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Mar 2023 04:12:53 GMT
Expires
Mon, 20 Mar 2023 04:12:53 GMT
Keep-Alive
timeout=1, max=100
Server
Apache
Strict-Transport-Security
max-age=2592000;
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
X-Server
b02
Bootstrap.js
nexus.ensighten.com/deseretdigital/ksl-com/
Redirect Chain
  • https://www.ksl.com/ensighten_news
  • https://nexus.ensighten.com/deseretdigital/ksl-com/Bootstrap.js
469 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/deseretdigital/ksl-com/Bootstrap.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Server
108.138.17.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-12.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
5a2861f22132f9e613d60c0cf4695ad90e7a9bc5a93fa7f55271d74a7b850ab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 15:47:56 GMT
x-amz-version-id
099bk9RywctlCKVNzgu6HqCeRgi6mPKa
content-encoding
br
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
217498
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 17 Mar 2023 15:47:32 GMT
server
CloudFront
etag
W/"eba5b8fad60e220d66fdfc3e5da654fa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
R3gj6gWPCkLteJtGvxVcnrKW2puPy0EeJjWGJBbBVmLLxlb37QbWAQ==

Redirect headers

Date
Mon, 20 Mar 2023 04:12:53 GMT
Strict-Transport-Security
max-age=2592000;
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Location
https://nexus.ensighten.com/deseretdigital/ksl-com/Bootstrap.js
Cache-Control
max-age=300
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
273
Expires
Mon, 20 Mar 2023 04:17:53 GMT
styles--ksl-f959.css
d3njgrq4uvb497.cloudfront.net/ 		82 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/styles--ksl-f959.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-183.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7c4de52590b8796a00be1ad80242a15875d929508aaa6d211236ea8741a0ae1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 08:31:55 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Mon, 13 Mar 2023 21:33:09 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
502859
etag
W/"20a405a2cb52c595720ba4a63fb49d83"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-id
HDnsL_B0jkjUwWA_hVsNHabItvxAkwkBdgxhtFnQPp8igf-k_32Txg==
ksl-header.css
static.ksl.com/ksl-responsive-header/ 		62 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/ksl-responsive-header/ksl-header.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
02eb04d67c2aa1fc80a323c7aa6d9a0ffebaf83c9bb6effeb3b57b9ce2669b7f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:07:24 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
329
x-cache
img01 Hit from varnish
content-length
7087
last-modified
Tue, 14 Mar 2023 15:04:33 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-varnish
609068254 601930551
cache-control
s-maxage=3600, max-age=3600
x-server
v19
accept-ranges
bytes
expires
Mon, 20 Mar 2023 04:12:24 GMT
29209990.JPG
img.ksl.com/slc/2920/292099/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2920/292099/29209990.JPG?filter=kslv2/responsive_toppicks
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
84acc3dec54345b4c7a801462e4d29e76a792c33b2174f6fcc1cf07abdd1f8c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 03:35:07 GMT
x-amz-version-id
s5w9tiHjTxMdjDaqq.ii691ypYNady8Z
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
YXC5S2NJNRFXYGWW
age
2267
x-amz-server-side-encryption
AES256
x-cache
img02 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
35096
x-amz-id-2
/+lqKZ03R2bMqLqL2YUrAJZZ6o5HeH2LpX8cshROir9rchQ0jc8xQajhee5x1r9Gli2IjTr0gnY=
last-modified
Mon, 20 Mar 2023 03:33:19 GMT
server
AmazonS3
etag
"fa215ffae654a1f067741de15d438da5"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
264144017, 611415612 609382674
cache-control
max-age=604800
accept-ranges
bytes
29208601.jpg
img.ksl.com/slc/2920/292086/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2920/292086/29208601.jpg?filter=kslv2/responsive_toppicks
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
3a7924127644a96f12db8ab1b60889e8097d0f047f75eb8c4242b1a26cbf5911

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 22:05:34 GMT
x-amz-version-id
2nbVCe..ziPhrERGfMHol5xPWnZPhEPO
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
H6J4XKQVQ6119XFM
age
108439
x-amz-server-side-encryption
AES256
x-cache
img02 Hit from varnish
x-amz-replication-status
PENDING
content-length
12477
x-amz-id-2
SAV0OV9jHmdlDBZTY5BML5OmNjyKHOggNQpvdCr/v57Rb7xvuQ5wD2KqEhQj3v1zidkphR+hGJY=
last-modified
Sat, 18 Mar 2023 22:05:33 GMT
server
AmazonS3
etag
"b893d96da226aab542abc04b3ec4bdf5"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
228847014 229390858, 615417634 520659439
cache-control
max-age=604800
accept-ranges
bytes
29205970.jpg
img.ksl.com/slc/2920/292059/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2920/292059/29205970.jpg?filter=kslv2/responsive_toppicks
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
f0cea43c88e72cd19370d57f3efe7da1758e11393be827569b4148560a0becb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 01:43:06 GMT
x-amz-version-id
tfSkDUN_Ipj47yRvKg9FxY.h0pAK7aF7
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
E1TZ9JHD68TMK989
age
8987
x-amz-server-side-encryption
AES256
x-cache
img01 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
13274
x-amz-id-2
tz+Xs6VTiUxQLPgG+M9ULYKYe3J3AabuF7Ga2tApFZRyWzS79+LHFe/ZagSmR/Kdf7WTkjkS9Yw=
last-modified
Fri, 17 Mar 2023 23:47:14 GMT
server
AmazonS3
etag
"d58d98e38a877c8cfab8bea124474fbd"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
726554614 724947554, 609814409 584907497
cache-control
max-age=604800
accept-ranges
bytes
29083691.png
img.ksl.com/slc/2908/290836/ 		172 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2908/290836/29083691.png
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
8962cda663958c916414d04ee15873722d4d0604001d8bdf4f4e7460a37dfe73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 16:40:59 GMT
x-amz-version-id
zB5.tr4erNxSTXiYdMfYJtGVA81FmDYG
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
3K7AVG792SQGERZK
age
1164715
x-amz-server-side-encryption
AES256
x-cache
img01 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
176229
x-amz-id-2
897ARpCNcLxl8+LcbawCZKypyTN1jZd074A2Z6FdjC/SezMryn3V41izjlSTqmQGxnMkGSRQftM=
last-modified
Tue, 27 Dec 2022 16:17:01 GMT
server
AmazonS3
etag
"97afc5df1893f00e6eafe362577c0bf4"
content-type
image/png
access-control-allow-origin
*
x-varnish
405413705, 606001873 576667429
cache-control
max-age=2592000
accept-ranges
bytes
video-js.min.css
d3njgrq4uvb497.cloudfront.net/videojs/ 		40 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/videojs/video-js.min.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-183.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01df456b85acb77a180ad7d890f265ea448289bdae9a4b54c58d919b4d484c2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 13:01:01 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 17:16:24 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
54713
etag
W/"61258f13580ad009b643f05009d9522d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
xayKVrsstScp70P8R8SRIdBBC2_1Sufff8s44zBvkTQoHsTk5Zl4ew==
videojs-contrib-ads.css
d3njgrq4uvb497.cloudfront.net/videojs/ 		917 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/videojs/videojs-contrib-ads.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-183.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
839e7c6761776f0e1c251d29d443dd8e29c6d3beefeeb8925c58a74ba784bd30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:30 GMT
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 17:18:43 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
5079
etag
"624ba37a147ffd05f3831a0c60d7666c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
917
x-amz-cf-id
g9aCPP5C3Tn2SMagiQqRG8mNPHRJvMZvCAgX8aLgpwkfYdtGNmkhEg==
videojs.ima.css
d3njgrq4uvb497.cloudfront.net/videojs/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/videojs/videojs.ima.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-183.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:30 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 17:16:26 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
8641
etag
W/"faad6d610a7700f489432ee9abfaf760"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
KaiolReFGcZDzSPdrqzs0Z1X7ZyLdB1DeA2ts0LfbuylaomSKvktTw==
videojs-share.css
d3njgrq4uvb497.cloudfront.net/videojs/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/videojs/videojs-share.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-183.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afed9a0ab525a556166288e945e61b4e4adb9de9c074d8185f86b8f5f5fda311

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:30 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Tue, 02 Aug 2022 22:33:46 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
6591
etag
W/"be1a982b20ecda84c022f2730dc00db6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
T4lcUDMr3Wh6A3el26StY_FBhMxvm0zYIUsvCTbEpTLISNfomJ3IUw==
video.min.js
d3njgrq4uvb497.cloudfront.net/videojs/ 		568 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/videojs/video.min.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-183.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e65aecb8a21b66d9aeeea4d926d72d0f1023ca305327859bb69117e813468fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 01:59:51 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 17:16:25 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
12290
etag
W/"929b380ce08bc33ab90d3cb84bda8476"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ok52xZfZUkY9csXjqFMfi1ZtlqsTGxHoC735Wc2W4wIVQygBRlyvfw==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0afdfec0cc81ad101710150812834831dd21e1d766c380af5114509ff56b7eb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123281
x-xss-protection
0
expires
Mon, 20 Mar 2023 04:12:53 GMT
videojs-contrib-ads.js
d3njgrq4uvb497.cloudfront.net/videojs/ 		67 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/videojs/videojs-contrib-ads.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-183.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ebe4963ca08a041fcbb87a4232bf58b1ae55c3b5623a3a2d9d79491bb46c674

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 01:59:51 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 17:18:44 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
9510
etag
W/"8907ec0b8999349b1ee9aa3cdfe6344e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Z9RY3D9f03x-gVOBrYZmJZGrtpZPkOJGV7eoihZY7Yz-q7vrNZJK-A==
videojs.ima.min.js
d3njgrq4uvb497.cloudfront.net/videojs/ 		35 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/videojs/videojs.ima.min.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-183.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33cc0a21c1ca8eab50680298fedb8440589988e511a82348b00290bb111a4c8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 01:59:51 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 17:16:27 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
9512
etag
W/"ec23ab961163dde45026fe11f7852efb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
8wFn1ZGYLUH59LHU94k53ucRZG9zi1wwwewlm9Occzl1C8-e2Y3zvA==
videojs-share.min.js
d3njgrq4uvb497.cloudfront.net/videojs/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/videojs/videojs-share.min.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-183.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4926c7670bd5a97ba531632202ff2adb8e8c81ae1dc49b35a7699a478c559b77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 01:59:51 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Tue, 02 Aug 2022 22:33:47 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
9510
etag
W/"518c1fc506a1ebc06dd1aec02b41d277"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
cPhO7CqNZ4W-muHhbe97qoYe0Y-Kc1Pw-C8xTbBna5b-0vQoEGs4yw==
weather-300x168.jpg
media.ksl.com/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.ksl.com/weather-300x168.jpg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.147.128.167 Syracuse, United States, ASN11319 (DDMINC, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5791b4aa284121c24888809970bd0c9c51b7a76653616708b33e0e976d39aa29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 20 Mar 2023 04:11:05 GMT
x-amz-version-id
GSkvBiy9UXJsoyP2Rp9gHBZf977Pyfa_
Via
1.1 varnish (Varnish/6.2)
x-amz-request-id
1243EB4SG13VN8X2
x-amz-server-side-encryption
AES256
X-Cache
Hit from varnish
Connection
keep-alive
Content-Length
15472
x-amz-id-2
yLknhY/YecEHrJOqSSzJQUzx3EsNwKEC6lMMTK3qtEf7WpN1DWuCiCEw5db9Zpv/68AhJBvJTTE=
Last-Modified
Sun, 19 Mar 2023 23:33:55 GMT
Server
AmazonS3
ETag
"3350c8886588e4890ba38b2ac85c3665-1"
Content-Type
image/jpeg
access-control-allow-origin
*
X-Varnish
111973332 110228107
Accept-Ranges
bytes
autoplay_icon.svg
static.ksl.com/images/ 		653 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ksl.com/images/autoplay_icon.svg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
d0cc949db47eadda0e59235f19200cbbabebfa345bb06430bb69f0c159c80421
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 22:37:55 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
6500098
x-cache
img01 Hit from varnish
content-length
369
last-modified
Fri, 08 May 2015 20:22:40 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
x-varnish
609814408 32787
cache-control
s-maxage=31536000, max-age=31536000
x-server
v26
accept-ranges
bytes
expires
Tue, 03 Jan 2023 22:42:55 GMT
51d664bc63e53f2a4398cf2601a38704.svg
static.ksl.com/beta/node_modules/ksl-responsive-header/dist/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ksl.com/beta/node_modules/ksl-responsive-header/dist/51d664bc63e53f2a4398cf2601a38704.svg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
21cd559db3c100842a8ef209f2579e691ee47e2d1469ebeaaaac7cbd439509ab
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:09:33 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
200
x-cache
img02 Hit from varnish
content-length
1333
last-modified
Mon, 20 Apr 2020 23:44:49 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-varnish
615417633 614506562
cache-control
max-age=300, no-transform
x-server
v06
accept-ranges
bytes
expires
Mon, 20 Mar 2023 04:14:33 GMT
react.production.min.js
static.ksl.com/javascript/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/javascript/react.production.min.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
ed51c6c44f063fffd3fef1042b859a00d4cbdcee5dbc742c758f7a275ff85f58
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:37:58 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
452095
x-cache
img01 Hit from varnish
content-length
5003
last-modified
Fri, 01 Nov 2019 02:01:34 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-varnish
606001872 229243043
cache-control
s-maxage=604800, max-age=604800
x-server
v17
accept-ranges
bytes
expires
Tue, 14 Mar 2023 22:42:58 GMT
react-dom.production.min.js
static.ksl.com/javascript/ 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/javascript/react-dom.production.min.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
db2ee7a386958f6e858c181063d50b9bd3dfe79f9318bc1550d15482a5e49350
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:36:29 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
452184
x-cache
img02 Hit from varnish
content-length
38768
last-modified
Fri, 01 Nov 2019 02:01:34 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-varnish
611415611 248428952
cache-control
s-maxage=604800, max-age=604800
x-server
v07
accept-ranges
bytes
expires
Tue, 14 Mar 2023 22:41:29 GMT
serverComponent.php
nexus.ensighten.com/deseretdigital/ksl-com/ 		186 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/deseretdigital/ksl-com/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/deseretdigital/ksl-com/code/&publishedOn=Fri%20Mar%2017%2015:47:29%20GMT%202023&ClientID=2719&PageID=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50602859%2Ffrozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-12.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
88f71e17183eeb8d6698c31da6fe9b6dab22d4b746e2f836f19d78f78c90160f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:53 GMT
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
no-cache, no-store
content-length
186
x-amz-cf-id
HtYkbT9zZ2MZ_3ssCr7YdE_yv-1cpHhDK9j-ieGtgpyAcrleEhntvg==
expires
Mon, 20 Mar 2023 04:12:52 GMT
sprite.svgz
static.ksl.com/ksl-svg-sprite/ 		442 KB
155 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/ksl-svg-sprite/sprite.svgz
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
d603af607eb4e551f73c7777de0c3ce668fcf3c205a95906290e3fdcbf07bd08
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:11:32 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
81
x-cache
img01 Hit from varnish
content-length
157374
last-modified
Tue, 17 Jan 2023 18:59:39 GMT
server
Apache
etag
"266be-5f27a4d37fcc0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-varnish
607416006 606301979
cache-control
max-age=300
x-server
v10
accept-ranges
bytes
expires
Mon, 20 Mar 2023 04:16:32 GMT
28975546.png
img.ksl.com/slc/2897/289755/ 		572 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2897/289755/28975546.png
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
70f9faa8791e1eca1aca0920a81c75bdef3cd8d90e5c229529622031bb1f16cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 22:37:59 GMT
x-amz-version-id
gMmWPw1XCYxvELeldFIgGlBNUPZM2ezx
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
CPB37RCYMPF1RXH6
age
1316095
x-amz-server-side-encryption
AES256
x-cache
img01 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
572
x-amz-id-2
S3jlPvoo7za/LKhO2IaqPAECQBDWqsWFiCwOPMCE5/vRE+FwfaoCh5kI7Gnh1b1g/NvzsHqCOyI=
last-modified
Thu, 13 Oct 2022 05:04:38 GMT
server
AmazonS3
etag
"f29a09cb308c045842e407cadddbb5f2"
content-type
image/png
access-control-allow-origin
*
x-varnish
376501329, 607509138 394474272
cache-control
max-age=2592000
accept-ranges
bytes
28818089.png
img.ksl.com/slc/2881/288180/ 		721 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2881/288180/28818089.png
Requested by
Host: d3njgrq4uvb497.cloudfront.net
URL: https://d3njgrq4uvb497.cloudfront.net/styles--ksl-f959.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
dc2b6002b3518b4b196486f9f3e91e2b27b73df5c54d8418e0d442b6a8196c74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d3njgrq4uvb497.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 22:36:30 GMT
x-amz-version-id
icJqxYHE4IDLMONrkAWzZ_.nhS3rrsNe
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
5JE4VN814NFPC2EK
age
1316184
x-cache
img02 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
721
x-amz-id-2
xhNfUWqB9jnGx6eLbO6RHBDi8uqsSiBYXPzVLT+0597WxprD43q4vNruGqq9WETbvJQq4YgVOA0=
last-modified
Tue, 21 Jun 2022 23:18:42 GMT
server
AmazonS3
etag
"0e908cc4cf238de319eaa1e6f85989f9"
content-type
image/png
access-control-allow-origin
*
x-varnish
377213134, 615222652 415676235
cache-control
max-age=2592000
accept-ranges
bytes
nunito-sans-v5-latin-600.woff2
static.ksl.com/fonts/nunito-sans/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/fonts/nunito-sans/nunito-sans-v5-latin-600.woff2
Requested by
Host: static.ksl.com
URL: https://static.ksl.com/ksl-responsive-header/ksl-header.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
d18c05b903e42fe072a80fb16a7aae87c94e506237fce86f68ad8241fa70f759
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://static.ksl.com/ksl-responsive-header/ksl-header.css
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:35 GMT
via
1.1 varnish (Varnish/6.1)
last-modified
Mon, 06 Apr 2020 21:54:59 GMT
server
Apache
age
19
etag
"4204-5a2a6517d72c0"
x-frame-options
SAMEORIGIN
x-cache
img02 Hit from varnish
x-varnish
612395562 614866258
access-control-allow-origin
*
cache-control
max-age=300
x-server
v11
accept-ranges
bytes
content-length
16900
expires
Mon, 20 Mar 2023 04:17:35 GMT
nunito-sans-v5-latin-regular.woff2
static.ksl.com/fonts/nunito-sans/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/fonts/nunito-sans/nunito-sans-v5-latin-regular.woff2
Requested by
Host: static.ksl.com
URL: https://static.ksl.com/ksl-responsive-header/ksl-header.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
6b6bdb341440c662d46a4fe200f47772ede3040d2ce52ecfcab8f017f4fa2738
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://static.ksl.com/ksl-responsive-header/ksl-header.css
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:09:02 GMT
via
1.1 varnish (Varnish/6.1)
last-modified
Mon, 06 Apr 2020 21:54:59 GMT
server
Apache
age
231
etag
"4218-5a2a6517d72c0"
x-frame-options
SAMEORIGIN
x-cache
img02 Hit from varnish
x-varnish
614411779 612912062
access-control-allow-origin
*
cache-control
max-age=300
x-server
v08
accept-ranges
bytes
content-length
16920
expires
Mon, 20 Mar 2023 04:14:02 GMT
nunito-sans-v5-latin-700.woff2
static.ksl.com/fonts/nunito-sans/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/fonts/nunito-sans/nunito-sans-v5-latin-700.woff2
Requested by
Host: static.ksl.com
URL: https://static.ksl.com/ksl-responsive-header/ksl-header.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
90767fabd53fe6949c8e19f3ab9d3da69cfc52c7bbfafe42739ed14c2e837920
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://static.ksl.com/ksl-responsive-header/ksl-header.css
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:11:24 GMT
via
1.1 varnish (Varnish/6.1)
last-modified
Mon, 06 Apr 2020 21:54:59 GMT
server
Apache
age
90
etag
"4270-5a2a6517d72c0"
x-frame-options
SAMEORIGIN
x-cache
img01 Hit from varnish
x-varnish
606826095 606333812
access-control-allow-origin
*
cache-control
max-age=300
x-server
v15
accept-ranges
bytes
content-length
17008
expires
Mon, 20 Mar 2023 04:16:24 GMT
nunito-sans-v5-latin-300.woff2
static.ksl.com/fonts/nunito-sans/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/fonts/nunito-sans/nunito-sans-v5-latin-300.woff2
Requested by
Host: static.ksl.com
URL: https://static.ksl.com/ksl-responsive-header/ksl-header.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
dd0d7b0bd9b543ac1655f000d5db598194d9a6c0c79815600b59ee49a81e8c62
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://static.ksl.com/ksl-responsive-header/ksl-header.css
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:11:25 GMT
via
1.1 varnish (Varnish/6.1)
last-modified
Mon, 06 Apr 2020 21:54:59 GMT
server
Apache
age
89
etag
"410c-5a2a6517d72c0"
x-frame-options
SAMEORIGIN
x-cache
img01 Hit from varnish
x-varnish
599322046 604259874
access-control-allow-origin
*
cache-control
max-age=300
x-server
v12
accept-ranges
bytes
content-length
16652
expires
Mon, 20 Mar 2023 04:16:25 GMT
29208907.jpeg
img.ksl.com/slc/2920/292089/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2920/292089/29208907.jpeg?filter=kslv2/responsive_story_lg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
cee130c3062ab4254621ea1544f7abd397515bad9a96b97a0eb8cd5b0aa3f230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 02:32:27 GMT
x-amz-version-id
CCpfwipKFosoj2UG0ShvVnH5x7ZBGbdN
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
WMG6DN393RV2CBRJ
age
6027
x-amz-server-side-encryption
AES256
x-cache
img01 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
76746
x-amz-id-2
KVaoBB1AzwZVbOPKECxUZc35rxb8NL01qnpS9/vouR4dhc9fsVyQQw4zF7VzHyFqQIhGgzaoR/0=
last-modified
Sat, 18 Mar 2023 20:42:46 GMT
server
AmazonS3
etag
"8c0f6bed3f2667939cecdba746af4645"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
728689415 725937829, 607544855 606876502
cache-control
max-age=604800
accept-ranges
bytes
25487033.jpg
img.ksl.com/slc/2548/254870/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2548/254870/25487033.jpg?filter=kslv2/responsive_top_sm
Requested by
Host: d3njgrq4uvb497.cloudfront.net
URL: https://d3njgrq4uvb497.cloudfront.net/styles--ksl-f959.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
006b8f60f30ed5210c6d4cc52dd703f0d62124d5ace9a5a45fede025465a2fbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d3njgrq4uvb497.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 21:41:38 GMT
x-amz-version-id
HWcxP4QaG6lNbYquoGMc5v8P2C5OyEDp
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
KYX1S3ESJ2RV6R5T
age
109876
x-amz-server-side-encryption
AES256
x-cache
img02 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
4869
x-amz-id-2
29x433GavVDsB1dX690krvzeI4NQh6fJQpENWJmpr4p3f22a5fQNYD5Cvcdb1biyf3B1CQl4pCI=
last-modified
Sat, 28 Jan 2023 21:41:30 GMT
server
AmazonS3
etag
"1e762976631565a6187b5f17402e6d30"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
229651412, 612068629 517591801
cache-control
max-age=604800
accept-ranges
bytes
29084669.png
img.ksl.com/slc/2908/290846/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2908/290846/29084669.png
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
7e5732c22bd4d4f04611ace5230fc4409f3c4ce9f73801781da68d680d295eb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 16:41:00 GMT
x-amz-version-id
RjutE7IUMXcP1IN6JU7Su0qIDiEcMO0z
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
XRMK7XPJYYNMDF76
age
1164715
x-amz-server-side-encryption
AES256
x-cache
img02 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
80487
x-amz-id-2
fHOhSQxocYJzxzJqU7PVocaSELxhmabAo/KcJY78JfH0JpUSG1VB7c1x7KKL91ns8zAqTyEsZUY=
last-modified
Wed, 28 Dec 2022 12:14:28 GMT
server
AmazonS3
etag
"9227fd02062f00c3177d9af42e536b11"
content-type
image/png
access-control-allow-origin
*
x-varnish
20331383, 612558194 597710304
cache-control
max-age=2592000
accept-ranges
bytes
d4e3.ttf
d3njgrq4uvb497.cloudfront.net/ 		5 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/d4e3.ttf
Requested by
Host: d3njgrq4uvb497.cloudfront.net
URL: https://d3njgrq4uvb497.cloudfront.net/styles--ksl-f959.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-183.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eca0b00bcdc228fa9087597c23b3108ad4c079791b6ddd56658e48ce83939b6e

Request headers

Referer
https://d3njgrq4uvb497.cloudfront.net/styles--ksl-f959.css
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 00:15:47 GMT
content-encoding
gzip
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
1828627
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 23 Feb 2023 10:00:40 GMT
server
AmazonS3
etag
W/"d4e3b2047c5b4ae0e7d9e0da5a0608e1"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/font-sfnt
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-id
1lqJjSDa-1y4o2RRqsi1hCMmclHelFp22SMfQ0cBkhl7DcQpi4xH9Q==
gtm.js
www.googletagmanager.com/ 		230 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TVLZ5Z&l=kslDataLayer
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d9e911e2a1b9067f01cf538f8c887744113596e0394bd44ec0dd5cb4d8d46632
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76045
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 20 Mar 2023 04:12:54 GMT
app--ksl-eabf.js
d3njgrq4uvb497.cloudfront.net/ 		270 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/app--ksl-eabf.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-183.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04a279b71eef60b3cdd816fb23751fd2eb86de757f4285914613ded6792dcc86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 20:21:34 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 16:51:08 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
287481
etag
W/"65fccb4f59b768469b549da65ed6cb11"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-id
A5AbBqUSb7vkJlR_LGFrgiiy0sFWtICiWakJwiEID0GhwPHhh9HDew==
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=0&c=2719&i=6lr0nn&p=ksl-com&s=328&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI2bHIwbm4iLCJwYWNrZXQiOjAsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APAZIiwidHlwZSI6ImJpbGxpbmciLCJzdGFydCI6MTY3OTI4NTU3NDE5MlsAwGQiOi0xLCJzb3VyYzIAAisAYXR1cyI6ImYAQGFzb25lANRdLCJkYXRhUGF0dGVyEgDCbGlzdCI6W10sImlkXQDAMjg1NTc0MTkyfV19
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:54 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 20 Mar 2023 04:12:53 GMT
5b4de110-bc3f-40aa-8751-c3176bbf87d5_eu.js
cdn.mouseflow.com/projects/
Redirect Chain
  • https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5.js
  • https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5_eu.js
188 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5_eu.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
8bb1e570f448fdb47a0a89e9875bd0e87dc3a371b284f913b8c75d65d98386bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:54 GMT
content-encoding
gzip
last-modified
Tue, 21 Feb 2023 09:22:04 GMT
server
etag
"37964df6d545d91:0"
x-hw
1679285574.cds002.fr8.hn,1679285574.cds101.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
55985

Redirect headers

date
Mon, 20 Mar 2023 04:12:54 GMT
x-hw
1679285574.cds002.fr8.hn,1679285574.cds237.fr8.c
location
https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5_eu.js
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-hw-loc
https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5.js
content-length
0
/
js.stripe.com/v3/ 		450 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-7.prg50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a36b286884ad3a00927d234d57deb8cc4db0ff64c687420556e64110849addc0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 20 Mar 2023 04:12:54 GMT
via
1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
5
x-cache
Hit from cloudfront
last-modified
Fri, 17 Mar 2023 20:34:31 GMT
server
Cloudfront
etag
W/"1417cc20391f9c2d81704f666841ff88"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
MwudpuEGzI27AzqGUuncsQGftj4Yuh8F4OzhZC7iWAl9l_FfvfTuRg==
dm.js
tag.durationmedia.net/sites/11159/ 		119 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.durationmedia.net/sites/11159/dm.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7200:10:ce97:9fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
716f7e72daced30c3bb44b2e2180e7b9bcab9491270cf3d1b8f1d07011c116b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
PkNp3HJE31b4TtcaT76S6wK1SXrwyHVS
content-encoding
gzip
via
1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
date
Mon, 20 Mar 2023 04:12:15 GMT
x-amz-cf-pop
FRA56-P3
age
40
x-cache
Hit from cloudfront
content-length
33140
last-modified
Fri, 18 Nov 2022 21:00:33 GMT
server
AmazonS3
etag
"79681baec1e13a5f46f41d05ff7735f7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=900
accept-ranges
bytes
x-amz-cf-id
xTWQYOXT4WLPDn6CTj_WdkDYdcfRsHlPb-pXrE6wGsbpzmi6LsOPdA==
ads.js
prebidads.revcatch.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prebidads.revcatch.com/ads.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
7815473f068f708bcde391e444f1e2d3f19d1ead1174a2281a8833648356b80d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 15:54:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1472132
x-powered-by
RCW03
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMnxjk03z%2BqhFwZw57vxHDcIo5H9%2BxM%2FfBWSx4Mt1gP%2FRV2aQ%2Fq545%2BnPJe%2FGtcwUma8JXUmfBp8DRjuTMMzClvYpBWt7yXXOfCNDk3XZY%2BIYWCCf1xZ4sv6bwf%2BWaLNYrkgJiZrCsaIBIhBc8dE7FOl1kPO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7aab1e97b93c377c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 02 Apr 2023 03:17:22 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 20 Mar 2023 02:23:33 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6561
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 20 Mar 2023 04:23:33 GMT
tracker.js
static.rubyblu.com/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.rubyblu.com/tracker.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.32.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
235.32.211.130.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
45df8300639a2c449239e3f0ddd1575ec2a867266840be6309b69903f032d919

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:08:04 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 23 Jan 2023 23:09:32 GMT
server
nginx/1.18.0
age
290
etag
W/"63cf13ac-531a"
content-type
application/javascript
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7784
expires
Mon, 20 Mar 2023 05:08:04 GMT
js
www.googletagmanager.com/gtag/ 		231 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JW89DL7T5D&l=kslDataLayer&cx=c
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2bfb59a3136f5b49db2158068b8b0fff3ac5dc575b4539d0cd67469357caf29d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81066
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Mar 2023 04:12:54 GMT
ksl-header.js
static.ksl.com/ksl-responsive-header/ 		136 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/ksl-responsive-header/ksl-header.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
878a331836150935afb12b3ec3e5521dadd7902173b4fd24adfee940a3931b61
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:07:18 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
335
x-cache
img01 Hit from varnish
content-length
39439
last-modified
Tue, 14 Mar 2023 15:04:33 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-varnish
607119405 608191135
cache-control
s-maxage=3600, max-age=3600
x-server
v20
accept-ranges
bytes
expires
Mon, 20 Mar 2023 04:12:18 GMT
e2cbc300a657f96fd81e3fa01c2a4e88-Comments.min.js
d3njgrq4uvb497.cloudfront.net/react/ 		464 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/react/e2cbc300a657f96fd81e3fa01c2a4e88-Comments.min.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-183.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66b6068dbe1948f57441d09c9844769b99e7881997b5fe3255e0a694cb89b849

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 20:53:07 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Tue, 07 Mar 2023 20:52:43 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
1063188
etag
W/"e2cbc300a657f96fd81e3fa01c2a4e88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-id
h9udRaHPTHjzgeVRfFn_XN7yaafQXxy-xkpjBJOtVWClLKZXEt2EKg==
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4b507096f8201c08f51e78f7e5c2366b095be888bcdbd8560e40915086f0452
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27446
x-xss-protection
0
server
sffe
etag
"1516 / 979 of 1000 / last-modified: 1679090814"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 20 Mar 2023 04:12:54 GMT
op.js
tagan.adlightning.com/deseretdigital/ 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/op.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5e4a948e5ab44de45754e4bcefe5d1b7f95cd3215ff08f5187d8a22a615bef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
LtqL58crAteE1VkKI0YHZp1hBo0iT49G
content-encoding
gzip
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
date
Mon, 20 Mar 2023 04:12:05 GMT
x-amz-cf-pop
FRA60-P4
age
84
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24680
x-amz-meta-git_commit
8db6969
last-modified
Fri, 17 Mar 2023 14:37:59 GMT
server
AmazonS3
etag
"7ce792783a7c183c5e0ed9832692dbe3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
EpmIsak0642i_7nFFOmTISnP-v822pPCItdFVbao1Ri0uIgjOtVQsQ==
collect
region1.analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JW89DL7T5D&gtm=45je33f0&_p=187697769&_gaz=1&cid=153597568.1679285574&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679285574&sct=1&seg=0&dl=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50602859%2Ffrozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections&dt=Frozen%20strawberries%20sold%20at%20Costco%2C%20Trader%20Joe%27s%20and%20Aldi%20recalled%20after%20hepatitis%20A%20infections%20%7C%20KSL.com&en=page_view&_fv=1&_nsi=1&_ss=1&ep.DDM_Device_ID=gs0g1jlf8yxr&ep.Random_Session_ID=1679285574237.t63c2e0i&ep.Local_Timestamp=2023-03-20T04%3A12%3A54.237%2B00%3A00&ep.Page_URL=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50602859%2Ffrozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections&ep.Referrer=&ep.Host_Name=www.ksl.com&ep.Container_Version=59&ep.Content_Grouping_1=News&ep.Content_Grouping_2=Utah&ep.Content_Grouping_3=Business&ep.Entity=KSL%20News&ep.Objective=Content&ep.Author=Brenda%20Goodman%2C%20CNN&epn.Content_ID=50602859&ep.Publish_Date=2023-03-19T10%3A42%3A00-06%3A00&ep.Source=cnn_wire&ep.Team=wire&ep.Template=Article&ep.Topic=government&ep.Login_Method=traditional&ep.DDM_Hit_ID=4chrn8fsprgx&ep.Previous_URL=not%20specified&ep.User_Registration_Date=&ep.Has_Video=false&epn.Word_Count=395&ep.Login_State=false&ep.Update_Date=2023-03-19T10%3A42%3A00-06%3A00&ep.DDM_Session_ID=n7ozpowy7ffu&ep.KSL_Member_ID=&up.DDM_Device_ID=gs0g1jlf8yxr
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JW89DL7T5D&cid=153597568.1679285574&gtm=45je33f0&aip=1
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JW89DL7T5D&cid=153597568.1679285574&gtm=45je33f0&aip=1&z=1424194989
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
active
www.ksl.com/api/2017/member/ 		49 B
433 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ksl.com/api/2017/member/active
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.201 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
ksl.com
Software
Apache /
Resource Hash
f49b521799308f8cf36318142dbab92925dcae0ca9e2e35050f7d7635ce6c4b0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 20 Mar 2023 04:12:54 GMT
Strict-Transport-Security
max-age=2592000;
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
max-age=0, must-revalidate, private
X-Server
b15
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
49
Expires
Mon, 20 Mar 2023 04:12:54 GMT
comments
www.ksl.com/api/2017/member/reauth/ 		15 B
399 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ksl.com/api/2017/member/reauth/comments
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.201 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
ksl.com
Software
Apache /
Resource Hash
e8d480780dad17fd64ac42eee77b9a8e485f2d81cc3dc232e2520a0e8058bffb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 20 Mar 2023 04:12:54 GMT
Strict-Transport-Security
max-age=2592000;
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
max-age=0, must-revalidate, private
X-Server
b15
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
15
Expires
Mon, 20 Mar 2023 04:12:54 GMT
50602859
www.ksl.com/api/2017/comments/meta/ 		54 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ksl.com/api/2017/comments/meta/50602859
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.201 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
ksl.com
Software
Apache /
Resource Hash
c540e4cdf2839e9e93c1fe120c44c9e1a05923f6d03c13f96a9fffc80483085d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 20 Mar 2023 04:12:54 GMT
Strict-Transport-Security
max-age=2592000;
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
max-age=0, must-revalidate, private
X-Server
b15
Connection
Keep-Alive
Keep-Alive
timeout=1, max=99
Content-Length
54
Expires
Mon, 20 Mar 2023 04:12:54 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 03:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3476
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 20 Mar 2023 04:14:58 GMT
catch_rp.js
app.protectsubrev.com/ 		377 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.protectsubrev.com/catch_rp.js?cb=0.6243211402258728
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
502bb63550cd079d5447f95d545f65bb1ad7edf88d42bd409b6e8c9f11a11566

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Dec 2022 16:25:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2242758
x-powered-by
RCW03
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2EvEFyKaNmAqvxfU4xf9RtmOEsgAyFeDO205khMZ3xh%2Frn3hhYTolRJwd9SHrr%2B9xUczfkCum5j6rnJg7gR1yPT%2BBmyNFxauFMOwsiwcrmtak5KsDrG0q533zOSYQlELj41TFXbC460ktlWtOws2JAAvMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7aab1e98da3c92b4-FRA
expires
Fri, 24 Mar 2023 05:13:36 GMT
scriptloaded
be.durationmedia.net/ 		61 B
682 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/scriptloaded?siteId=11159
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.49.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-49-172.compute-1.amazonaws.com
Software
/
Resource Hash
9903035e5b61b366e5709819a66349add4a4d132af460c00dc37babc30774ebb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:53 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options
DENY
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
transfer-encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
0
b-8db6969-0d54047a.js
tagan.adlightning.com/deseretdigital/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b512b1e143d27297a87f49b35f418f656508da018781e9e87019fa2922b6fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:44:35 GMT
content-encoding
gzip
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
x-amz-version-id
ktqVwPB8xkChf39sZlqPrBHeThdUR.QP
x-amz-cf-pop
FRA60-P4
age
350899
x-cache
Hit from cloudfront
content-length
33929
x-amz-meta-git_commit
8db6969
last-modified
Mon, 07 Nov 2022 21:20:45 GMT
server
AmazonS3
etag
"b172b73159838e1e11f525531ea3264f"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
xjcJ6gUrDL8F-DK28Zp733EUlW_GZpN0axS9qYVDzuoErRxm6BNfAA==
bl-e5e97ea-60de4a95.js
tagan.adlightning.com/deseretdigital/ 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-e5e97ea-60de4a95.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7113168867063276dff6573f2640bc5573deef8d952bd3323eb3690b09ab481e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 14:38:20 GMT
content-encoding
gzip
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
x-amz-version-id
xv3aBW8UIoi8H.fyYsmXJIbjVKulxOwE
x-amz-cf-pop
FRA60-P4
age
221675
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15901
x-amz-meta-git_commit
e5e97ea
last-modified
Fri, 17 Mar 2023 14:37:37 GMT
server
AmazonS3
etag
"1fbb82777b5f7d515202aed8a8904806"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
XpLCKE1PsINdRbM85MnztkD-SS8lsuKIGBf_kMWixBQjHO3ENtx6yA==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/webp
deseret
match.prod.bidr.io/cookie-sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.cif1r6eaya77
  • https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.cif1r6eaya77&_bee_ppp=1
24 B
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.cif1r6eaya77&_bee_ppp=1
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
HTTP/1.1
Server
54.194.106.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-106-129.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
73da3b369596f2ea8e701ec80155bf93c638eb66f1de5eac9a88f2eb8e565fd8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 20 Mar 2023 04:12:54 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
24
content-type
text/plain

Redirect headers

location
https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.cif1r6eaya77&_bee_ppp=1
Date
Mon, 20 Mar 2023 04:12:54 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
pubads_impl_2023031301.js
securepubads.g.doubleclick.net/gpt/ 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb7d39384f8a58e23c5e8c78b974aabb9cd28238d451301a12b43c321783fe6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11594
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136873
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 08:34:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 19 Mar 2024 00:59:40 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		371 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ksl.com
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aabeb632ac757d0d73d2b6793d99e7e1336eed6e3d81d89c5110bf2ba809aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151
x-xss-protection
0
expires
Mon, 20 Mar 2023 04:12:54 GMT
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:43d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.ksl.com
access-control-max-age
3600
cf-cache-status
DYNAMIC
cf-ray
7aab1e995885380f-FRA
content-length
0
date
Mon, 20 Mar 2023 04:12:54 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Headers
adreq
ads.servenobid.com/ 		1 KB
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5966
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.135.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-135-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a12f379aef8aaf2d0d311ea397be93e72db9d8f452d94b5edd2d8d763c1b06bb

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Mar 2023 04:12:54 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7e3cf25bf2aa1d2346217aacdcc2b16cfe5b73b7e80ed69a04de2c0176b9a05b

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Mon, 20 Mar 2023 04:12:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-encoding
gzip
content-type
application/json
openrtb
ex.ingage.tech/v1/ 		69 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:43d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f00a90cc987d76e2471f6af12b39890292636c09e640efc9ee58c160416c9ad8

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 04:12:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ksl.com
access-control-allow-credentials
true
cf-ray
7aab1e9a3d01914d-FRA
deseret
deseret.technoratimedia.com/openrtb/bids/ 		0
0
deseret
deseret.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://deseret.technoratimedia.com/openrtb/bids/deseret?src=prebid_prebid_7.24.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:bf17:cd18:9a23:846c Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://www.ksl.com
access-control-max-age
86400
date
Mon, 20 Mar 2023 04:12:54 GMT
server
nginx
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-72877204-2&cid=153597568.1679285574&jid=1200545991&gjid=411899445&_gid=897988952.1679285574&_u=aCDAgEAjAAAAAEAEK~&z=15736512
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 20 Mar 2023 04:12:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=187697769&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50602859%2Ffrozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections&ul=en-us&de=UTF-8&dt=Frozen%20strawberries%20sold%20at%20Costco%2C%20Trader%20Joe%27s%20and%20Aldi%20recalled%20after%20hepatitis%20A%20infections%20%7C%20KSL.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEAjAAAAAAAEK~&jid=1200545991&gjid=411899445&cid=153597568.1679285574&tid=UA-72877204-2&_gid=897988952.1679285574&gtm=45He33f0n71TVLZ5Z&cg1=News&cg2=Utah&cg3=Business&cd1=gs0g1jlf8yxr&cd2=gs0g1jlf8yxr&cd3=1679285574238.kirbxlx6&cd5=2023-03-20T04%3A12%3A54.238%2B00%3A00&cd6=1.0&cd7=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50602859%2Ffrozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections&cd8=&cd9=www.ksl.com&cd10=GTM-TVLZ5Z&cd11=59&cd12=0&cd13=News&cd14=Utah&cd15=Business&cd16=KSL.com%20-%20News%2FContent&cd17=Content&cd18=Brenda%20Goodman%2C%20CNN&cd20=50602859&cd23=2023-03-19T10%3A42%3A00-06%3A00&cd24=cnn_wire&cd25=wire&cd26=Article&cd27=government&cd28=traditional&cd31=4chrn8fsprgx&cd33=not%20specified&cd41=0&cd43=395&cd47=0&cd49=2023-03-19T10%3A42%3A00-06%3A00&cd50=n7ozpowy7ffu&cd51=n7ozpowy7ffu&cd4=153597568.1679285574&z=395671159
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Mar 2023 17:22:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39010
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
catch.css
app.protectsubrev.com/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.protectsubrev.com/catch.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW02
Resource Hash
90ccee6904ff98b13b372eaaa87d8629cf12fedc238801722557c19562540b2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Nov 2022 16:43:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2242756
x-powered-by
RCW02
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AizvHFxOhwpEYByipfkXul%2B7%2B38q1s8VlqRrXslw5PWAsLxkodgOzXMPu%2BiLf9lYRaKai8hjC3MmQwqW5re5T59MU6CR8FixjI3DPsjvXaXgjIFSRfC9DpOMfeu5eo4yZ69C4rpY%2F72IAftVNOxKgCvbiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7aab1e9a1b0a92b4-FRA
expires
Fri, 24 Mar 2023 05:13:38 GMT
/
pages.protectsubrev.com/ 		27 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pages.protectsubrev.com/?new
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ce1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW02
Resource Hash
6bad31a10bc9efb086d6cf1e534fb1dc8f3e972250b991792c7831d08a00b85d

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 20 Mar 2023 04:12:55 GMT
content-encoding
br
referrer-policy
origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
RCW02
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69BxPHcVkpZ3O455WLJXE%2F5Si19V%2BRk0xP7Zk0PdzX6HLY6g2AR0BXnuwovKDQ0Ii2vMA3UezISmLNg7poPemvffr5S981cjWzUFf0zktvhpPiLWJj9GJ3Hnyi6E87Mmtgxdqav1CQ6dupwl7iSmzC2rtrBo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
cf-ray
7aab1e9a58793a7e-FRA
expires
Wed, 22 Mar 2023 04:12:55 GMT
truncated
/ 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f3a01e144ec2db45bb24f5ee5e9ed1da37760b01593395c01e4c1e4780b89ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
16020764746327031843
tpc.googlesyndication.com/simgad/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16020764746327031843
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2af6de0161679525ed17e3cab74b1f2ecbadbf3a3e83706d44549aa377daec16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 08:49:43 GMT
x-content-type-options
nosniff
age
328991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1455
x-xss-protection
0
last-modified
Thu, 20 Sep 2018 16:19:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Mar 2024 08:49:43 GMT
l
www.google.com/ads/measurement/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=efmk
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
ga-audiences
www.google.com/ads/ 		42 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-72877204-2&cid=153597568.1679285574&jid=1200545991&_u=aCDAgEAjAAAAAEAEK~&z=31818035
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-72877204-2&cid=153597568.1679285574&jid=1200545991&_u=aCDAgEAjAAAAAEAEK~&z=31818035
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		198 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NKMQVGQ&l=headerDataLayer
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
990f0017dd83b5511960d1fdc55cf41655c19eb61ff76a77ab4da8107310c83f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70600
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 20 Mar 2023 04:12:54 GMT
twilio-conversations.min.js
media.twiliocdn.com/sdk/js/conversations/releases/2.1.0/ 		497 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.twiliocdn.com/sdk/js/conversations/releases/2.1.0/twilio-conversations.min.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.58.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf64852d6ba356ad309f01e973172dedbcd33fcc0823bb2e98484028c12a8074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:55 GMT
x-amz-version-id
kmnyC8T27McvTZPCCp_8FCeAkqAXOEAz
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 03 Mar 2022 12:06:00 GMT
server
cloudflare
x-amz-request-id
KM8T2MQW56A69V2F
etag
W/"bb47e650bbd0511e8523e9288befd45b"
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7aab1e9a9ff63a80-FRA
x-amz-id-2
gEqGchONrhXvEnoPR/J4KduRCKIkICvM9dtNQ33/h7To/wIhg/WJWKcrKNb1Q1VNzff8zL0sA2M=
expires
Thu, 31 Dec 2037 23:55:55 GMT
messages.js
static.ksl.com/m-ksl-messages-twilio-client/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/m-ksl-messages-twilio-client/messages.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
32dddeed43e3fbde44d76523d3a40dc8a00aaaee5f9f319f21e7c769ef2a43cc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:08:19 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
275
x-cache
img01 Hit from varnish
content-length
3214
last-modified
Fri, 23 Sep 2022 19:53:18 GMT
server
Apache
etag
"35f8-5e95d877e8780-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-varnish
608906238 607927404
cache-control
max-age=300
x-server
v19
accept-ranges
bytes
expires
Mon, 20 Mar 2023 04:13:19 GMT
getHeaderWeather
news-api.ksl.com/v1/weather/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://news-api.ksl.com/v1/weather/getHeaderWeather
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.201 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
ksl.com
Software
Apache /
Resource Hash
1dd28991ee707451a7875572d971022354cbdc6283ba4d0d4c1b48caef0c98af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 20 Mar 2023 04:12:56 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
true
X-Server
bapi16
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
785
active
www.ksl.com/api/2017/member/ 		49 B
432 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ksl.com/api/2017/member/active
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.201 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
ksl.com
Software
Apache /
Resource Hash
f49b521799308f8cf36318142dbab92925dcae0ca9e2e35050f7d7635ce6c4b0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 20 Mar 2023 04:12:54 GMT
Strict-Transport-Security
max-age=2592000;
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
max-age=0, must-revalidate, private
X-Server
b15
Connection
Keep-Alive
Keep-Alive
timeout=1, max=98
Content-Length
49
Expires
Mon, 20 Mar 2023 04:12:54 GMT
otSDKStub.js
cookie-cdn.cookiepro.com/scripttemplates/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e85a649094d881201f7a886c94cd19e72196c761da5017c9269b03b35ca9c5c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 04:12:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
XP5ufGIMVAznk1F+pqtwzg==
age
67961
x-ms-lease-status
unlocked
last-modified
Fri, 17 Mar 2023 01:35:19 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4720f86f-101e-0031-31b3-58d95e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
7aab1e9b7acf9153-FRA
expires
Tue, 21 Mar 2023 04:12:54 GMT
42225788-6fb1-438d-91a0-0da32c771fe8.json
cookie-cdn.cookiepro.com/consent/42225788-6fb1-438d-91a0-0da32c771fe8/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/42225788-6fb1-438d-91a0-0da32c771fe8/42225788-6fb1-438d-91a0-0da32c771fe8.json
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7921b1571870bdf998d2ec79a1302ff957c0856603a32052cb73f525f7a7184
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 04:12:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
A7mz8WZigWp0YtJ6Uv+hQQ==
age
20998
x-ms-lease-status
unlocked
last-modified
Mon, 13 Mar 2023 20:18:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f3b55265-f01e-0039-3fe8-55c351000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
7aab1e9bbf733671-FRA
jstag
ksl-d.openx.net/w/1.0/ 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ksl-d.openx.net/w/1.0/jstag?nc=6686-KSL_News
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8aa3cbfde867ccc251bae5512b3da5d3c7843eac7cfa0c237ddc36b5b08873cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:55 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58320
expires
Mon, 20 Mar 2023 05:12:55 GMT
otBannerSdk.js
cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/ 		381 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/otBannerSdk.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 04:12:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
DjzI+HdyHvhC2OCs+qd+pw==
age
30203
x-ms-lease-status
unlocked
last-modified
Fri, 21 Oct 2022 01:41:20 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6bc1f510-201e-0093-3c67-47e347000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
7aab1e9c1b1a9153-FRA
expires
Tue, 21 Mar 2023 04:12:55 GMT
en.json
cookie-cdn.cookiepro.com/consent/42225788-6fb1-438d-91a0-0da32c771fe8/2bf65cc3-af43-4615-8660-543f2a769de1/ 		136 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/42225788-6fb1-438d-91a0-0da32c771fe8/2bf65cc3-af43-4615-8660-543f2a769de1/en.json
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1352d98291981d5de453bedf44dbc99a22689eebbae5d548daddc7e1128ee697
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 04:12:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
YMDhuQpSORPTArtcZ8QwYQ==
age
20998
x-ms-lease-status
unlocked
last-modified
Mon, 13 Mar 2023 20:18:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
60557f97-e01e-0057-6fe8-55967e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
7aab1e9c5ffe3671-FRA
otFlat.json
cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/assets/otFlat.json
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 04:12:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
JuDKxv1jf1Hw0JXasvCaSg==
age
16351
x-ms-lease-status
unlocked
last-modified
Fri, 21 Oct 2022 01:41:03 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
5603c07d-901e-0072-7867-473f02000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
7aab1e9ca8453671-FRA
expires
Tue, 21 Mar 2023 04:12:55 GMT
otPcPanel.json
cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/assets/v2/ 		63 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/assets/v2/otPcPanel.json
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df9aee0014c1553fa6f462aa38714f3f35678bba639483b6141e42e52ec2951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 04:12:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
iFWm653zpCZXOB0KT4+Hvg==
age
21864
x-ms-lease-status
unlocked
last-modified
Fri, 21 Oct 2022 01:41:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
be773df2-a01e-0079-79e8-55c469000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
7aab1e9ca8473671-FRA
expires
Tue, 21 Mar 2023 04:12:55 GMT
otCommonStyles.css
cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/assets/otCommonStyles.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 04:12:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
oQsmwuIlJWH4cKDxpI1ltA==
age
20998
x-ms-lease-status
unlocked
last-modified
Fri, 21 Oct 2022 01:41:29 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
3da7d909-d01e-0063-1867-47a5b6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
7aab1e9ca8493671-FRA
expires
Tue, 21 Mar 2023 04:12:55 GMT
ot_close.svg
cookie-cdn.cookiepro.com/logos/static/ 		651 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-cdn.cookiepro.com/logos/static/ot_close.svg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 04:12:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
67782
x-ms-lease-status
unlocked
last-modified
Fri, 17 Mar 2023 01:35:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d2162641-801e-0051-59b1-58a5c1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
7aab1ea03dc79153-FRA
expires
Tue, 21 Mar 2023 04:12:55 GMT
cookiepro_logo.png
cookie-cdn.cookiepro.com/logos/static/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-cdn.cookiepro.com/logos/static/cookiepro_logo.png
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
088dbe5e4bb2f902e2e7c62ca7a15bae5cb55f4708d99f7c4daae7148a19a865
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 04:12:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
content-md5
IipuN9Einq/0wIZw6VIt/g==
age
67957
cf-polished
origSize=36419
content-length
36343
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Fri, 17 Mar 2023 01:35:38 GMT
server
cloudflare
etag
0x8DB2687E99050AE
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
ae7b4702-701e-00b1-16b1-582658000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7aab1ea03dc99153-FRA
expires
Tue, 21 Mar 2023 04:12:55 GMT
poweredBy_cp_logo.svg
cookie-cdn.cookiepro.com/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-cdn.cookiepro.com/logos/static/poweredBy_cp_logo.svg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 04:12:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
uInNdQwuuw8s7lYl3cE7eQ==
age
67962
x-ms-lease-status
unlocked
last-modified
Fri, 17 Mar 2023 01:35:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
88c64d6a-b01e-0075-7ab1-585361000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
7aab1ea03dca9153-FRA
expires
Tue, 21 Mar 2023 04:12:55 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ksl.com
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ksl.com
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		224 KB
56 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2240090808306212&correlator=3273926761667082&eid=31072886%2C31068367%2C44777629&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fifs&iu_parts=6686%2Cddm.ksl%2CNews%2CBiz&enc_prev_ius=%2F0%2F1%2F2%2F%2F3%2C%2F0%2F1%2F2%2F%2F3%2C%2F0%2F1%2F2%2F%2F3%2C%2F0%2F1%2F2%2F%2F3%2C%2F0%2F1%2F2%2F%2F3&prev_iu_szs=728x90%7C970x90%2C620x300%2C300x250%2C300x250%7C300x600%2C300x250%7C300x600&ifi=1&adks=4044648982%2C1981691399%2C212271976%2C4073741235%2C4073741232&sfv=1-0-40&prev_scp=pos%3Dtop%26hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D728x90%26hb_pb_pubmatic%3D0.08%26hb_adid_pubmatic%3D2596b10e96aff7d%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.08%26hb_adid%3D2596b10e96aff7d%26hb_bidder%3Dpubmatic%7Cpos%3Darticlebottom%7Cpos%3Dinline%7Cpos%3Dright%7Cpos%3Dright2&cust_params=v%3Dnews%26cc%3Dstories%26article-id%3D50602859%26pt%3DArticle%26stca%3Dgovernment%26author%3Dbrendagoodman%252Ccnn%26pageviewid%3D4chrn8fsprgx&sc=1&cookie_enabled=1&abxe=1&dt=1679285575595&lmt=1679285575&dlt=1679285573403&idt=1443&adxs=259%2C315%2C315%2C985%2C985&adys=154%2C2807%2C1538%2C503%2C1845&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C0%7C3&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50602859%2Ffrozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections&frm=20&vis=1&psz=1082x103%7C614x250%7C614x2380%7C300x250%7C300x250&msz=1082x250%7C614x250%7C614x250%7C300x250%7C300x250&fws=4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600&ga_vid=153597568.1679285574&ga_sid=1679285576&ga_hid=187697769&ga_fc=true
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8b206f455fa6852b58f8ac728574ded89a3c41282d231812dd5883c960c2d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56347
x-xss-protection
0
google-lineitem-id
-1,-2,6188126338,6159281755,6246231496
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,138423274812,138425849509,138425785781
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 51AA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Mar 2023 04:12:55 GMT
expires
Tue, 19 Mar 2024 04:12:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
0
app.protectsubrev.com/caught/rc-CfZeub/647177755/ 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.protectsubrev.com/caught/rc-CfZeub/647177755/0
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ce1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
31cac46c8e8573e832b5fbacba230031c96d7aded5521f96fc0edaea5dbf0175

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
RCW03
server
cloudflare
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDmRKQMX9ar3jruh%2BS15qEIKVcFFiXwC%2Bpv6tv21X4UZzcWjLN19WOq0Yhc0izAK%2B6nmgZ0GB8tHWzJPDryLE%2FiX28lJshhsxSs4baeHD3BINwCq2GzueAG77141lTDNmlQiXhsYmWTbsiSq1oC5Is5jWw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, private, max-age=172800
access-control-allow-credentials
true
cf-ray
7aab1ea05c453a7e-FRA
access-control-allow-headers
*, Authorization, Origin, X-Requested-With, Content-Type, Range
expires
Wed, 22 Mar 2023 04:12:56 GMT
rules
app.protectsubrev.com/api/ 		3 KB
1019 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.protectsubrev.com/api/rules?id=rc-CfZeub
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ce1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
fe1a293cdb4905ed390da36b47fa01878068dc52306b495f97d39c56f00ea2fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
634
x-powered-by
RCW03
last-modified
Mon, 20 Mar 2023 04:02:21 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wDluP697F3hIeHAn7f3gb5cN7tMBpd2NTBF3l0exXWGXV8Fz8CsCdhUURgLlOGheMEgDdN%2FOCuQq5b%2BymfunUFVBz14k1gMhzG1iu77U%2BVJrwDazMg8z03Dax2Nhch5ERj0a49s%2BIRmdUVPNAprAapqjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=172800
access-control-allow-credentials
true
x-ratelimit-limit
150
cf-ray
7aab1ea05c473a7e-FRA
access-control-allow-headers
*, Authorization, Origin, X-Requested-With, Content-Type, Range
x-ratelimit-remaining
149
expires
Wed, 22 Mar 2023 04:02:21 GMT
/
pages.protectsubrev.com/ 		21 B
311 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pages.protectsubrev.com/
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ce1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW02
Resource Hash
57de05264028a31a958c3315bb559a979fced7919c8920a4c36beaa14c5db5a1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 20 Mar 2023 04:12:55 GMT
content-encoding
br
referrer-policy
origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
RCW02
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylxIIfwduaCluWPxZsyJGJMxOfGefnzShaTQpSN1E7IYVod1LlG1V0NicfOrVvSk1liQAQt80EncJyEQXkYyBrotDg8DfKUJPCCemXcVpN%2FayZcEJMIYXF1OS3XH6yXk5L6OOIqeMxLrUF2SsqGKwBL9O5wM"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
cf-ray
7aab1ea08c663a7e-FRA
expires
Wed, 22 Mar 2023 04:12:55 GMT
user
messages-microservice.ksl.com/ 		0
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://messages-microservice.ksl.com/user
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.130.148 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
messages-microservice.ksl.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 20 Mar 2023 04:12:56 GMT
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, DELETE, PUT, PATCH, OPTIONS
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, X-Requested-With
Keep-Alive
timeout=5
s.js
cdn.siftscience.com/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.siftscience.com/s.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.67.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 22:54:25 GMT
content-encoding
gzip
age
1660711
x-guploader-uploadid
ADPycduzt_kd3QeV39vk3tr9dAtEk9wOI6V4qi0xJZZHXO3abWGo7haeVziNa-wjpruo6C9BKkpQUBk-nKK8YP_MOEqaeA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20500
last-modified
Tue, 28 Feb 2023 22:39:30 GMT
server
UploadServer
etag
"476f50cbc514dd2a147e8856d7d6a2eb"
x-goog-generation
1677623970358201
x-goog-hash
crc32c=v7KhDA==, md5=R29Qy8UU3SoUfohW19ai6w==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
20500
accept-ranges
bytes
expires
Wed, 28 Feb 2024 22:54:25 GMT
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 474F 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-7.prg50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3013
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 20 Mar 2023 03:24:18 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Fri, 10 Mar 2023 23:35:19 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
x-amz-cf-id
wtGqHnNfgRyHy2CWJQP3M1uqnQGqIjSsYoQ7AKPrSYh5S98ux_yeYA==
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023031301&st=env
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e401852875cdea39d8313586fc94ad91645c96a2d3238c42c9d5a1ff9d95637
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11151
x-xss-protection
0
csp-report
q.stripe.com/ Frame 474F 		0
640 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 20 Mar 2023 04:12:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1679285576480689
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 474F 		0
641 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 20 Mar 2023 04:12:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1679285576480863
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 474F 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-7.prg50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Mon, 20 Mar 2023 03:33:18 GMT
x-content-type-options
nosniff
via
1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
2487
x-cache
Hit from cloudfront
content-length
631
last-modified
Fri, 10 Mar 2023 23:35:18 GMT
server
Cloudfront
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
cYsva5sit-7rksZoM3zOlO5WdxBSEbS5_VAVPKWZrYLEsNv3dFvrRQ==
inner.html
m.stripe.network/ Frame 54F3 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:d800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
286
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 20 Mar 2023 04:08:10 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-id
KISCrrLB9HcZm_nn4UEr4IftOmPo2Y2GbIiyBsu56C9Q4f5ugHxcXg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 20 Mar 2023 04:12:56 GMT
279988.gif
hexagon-analytics.com/images/ 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hexagon-analytics.com/images/279988.gif?bk=46e0e4c3e4&tm=27&r=870579827&v=106&cs=UTF-8&h=www.ksl.com&l=en-US&S=c1d68fcac0d1e637de071416a311eba0&ui=0&uu=cfce05ace6df4c2201d1e0e91dc39fb&t=Frozen%20strawberries%20sold%20at%20Costco%2C%20Trader%20Joe%27s%20and&u=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50602859%2Ffrozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.64%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
42.232.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:56 GMT
via
1.1 google
x-content-type-options
nosniff
server
nginx
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Jan 1970 00:00:00 GMT
csp-report
q.stripe.com/ Frame 54F3 		0
414 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50602859/frozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/csp-report

Response headers

x-stripe-bg-intended-route-color
green
pragma
no-cache
date
Mon, 20 Mar 2023 04:12:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-client-envoy-start-time-us
1679285576480972
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AE7F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
131367
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Mar 2023 15:43:29 GMT
expires
Sun, 17 Mar 2024 15:43:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 214A 		783 B
966 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
16b0808c85e4ef10eb72d297bcd9cd52f3789d0c6432ab99b11625485d19c71d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mrfypkWwM_ELEidBp7uwgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-mrfypkWwM_ELEidBp7uwgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 20 Mar 2023 04:12:56 GMT
expires
Mon, 20 Mar 2023 04:12:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
out-4.5.42.js
m.stripe.network/ Frame 54F3 		86 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:d800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 20 Mar 2023 04:11:46 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
age
71
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
N4cUlKNfVwlFA9t-ULD1P_amtlhQ0D1FqIh8QB64oVkl0YiIif1RDg==
n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js
pagead2.googlesyndication.com/bg/ Frame AE7F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 10:13:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
151175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14330
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Mar 2024 10:13:21 GMT
6
m.stripe.com/ Frame 54F3 		156 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.47.166 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-47-166.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
92462dcb28996eb531aff968f2cb19691a54fcf1611546b2e6f65cca501b2592
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Mon, 20 Mar 2023 04:12:56 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1679285576686983
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1679285576686396
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
getstylesettings
app.protectsubrev.com/api/ 		2 KB
787 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.protectsubrev.com/api/getstylesettings?id=rc-CfZeub&v=0
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ce1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW02
Resource Hash
c7d2c0791ad181a85f3590f792a95ed07df8b248146bf42a6eb032ea370fdb17

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 04:12:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
408
x-powered-by
RCW02
last-modified
Mon, 20 Mar 2023 04:06:08 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7r2x4tbUWz%2BUPIs5d%2FQJH06F50UZVUGaq%2BtOpKO7gDCDNGKpJE906H98F75yk6fXHcCfjkJ1gbXbYy266CFHkNFHPZfQHg19FrX1q0UlwOJTzqSrzI42gMWyj8coHX3mXK62MGDfxW3Y1fv5ayyi4%2BE3g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=172800
access-control-allow-credentials
true
x-ratelimit-limit
150
cf-ray
7aab1ea42f2a3a7e-FRA
access-control-allow-headers
*, Authorization, Origin, X-Requested-With, Content-Type, Range
x-ratelimit-remaining
149
expires
Wed, 22 Mar 2023 04:06:08 GMT
getstylesettings
app.protectsubrev.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.protectsubrev.com/api/getstylesettings?id=rc-CfZeub&v=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ce1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW02
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*, Authorization, Origin, X-Requested-With, Content-Type, Range
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
allow
GET,HEAD
cache-control
no-cache, private max-age=600
cf-cache-status
DYNAMIC
cf-ray
7aab1ea34e803a7e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 20 Mar 2023 04:12:56 GMT
expires
Mon, 20 Mar 2023 04:22:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gy2yJq32TX44UlQoNiHQnDyeTHMF%2Bq411Q9jqrsGwZxgtCvqWFtXpH6T1a1ed7J08c4Yei0IK5BvP%2BPVz5n2itHllE3NdzRsV8kLkmbLBrSrIRkKNQUpgMdyBMyVifsXmUsW%2FFCoK0G0mKfa1dcfXIr3RA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
x-powered-by
RCW02
sodar
pagead2.googlesyndication.com/pagead/ Frame 214A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023031301&jk=2240090808306212&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
container.html
d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 662B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Mar 2023 04:12:55 GMT
expires
Tue, 19 Mar 2024 04:12:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
b-8db6969-0d54047a.js
tagan.adlightning.com/deseretdigital/ Frame B752 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b512b1e143d27297a87f49b35f418f656508da018781e9e87019fa2922b6fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:44:35 GMT
content-encoding
gzip
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
x-amz-version-id
ktqVwPB8xkChf39sZlqPrBHeThdUR.QP
x-amz-cf-pop
FRA60-P4
age
350901
x-cache
Hit from cloudfront
content-length
33929
x-amz-meta-git_commit
8db6969
last-modified
Mon, 07 Nov 2022 21:20:45 GMT
server
AmazonS3
etag
"b172b73159838e1e11f525531ea3264f"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
s1QdC1xNAw7TTNqCrKMOwQTFyUZLVY9RD8BVLCTHcwpn5UHB5_mfmg==
14782244841963067896
tpc.googlesyndication.com/simgad/ Frame B752 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14782244841963067896
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e62675168e711cfdc3d2909263c24f01cd2e35ffce01b845439e94d3b39fee93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 20:22:41 GMT
x-content-type-options
nosniff
age
287415
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41337
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 23:56:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Mar 2024 20:22:41 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame B752 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 18:08:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
36268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9101
x-xss-protection
0
server
cafe
etag
583283675565503348
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Apr 2023 18:08:28 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame B752 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 15:43:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
44985
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Apr 2023 15:43:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B752 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 Mar 2023 04:12:56 GMT
b-8db6969-0d54047a.js
tagan.adlightning.com/deseretdigital/ Frame 40FE 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b512b1e143d27297a87f49b35f418f656508da018781e9e87019fa2922b6fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:44:35 GMT
content-encoding
gzip
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
x-amz-version-id
ktqVwPB8xkChf39sZlqPrBHeThdUR.QP
x-amz-cf-pop
FRA60-P4
age
350901
x-cache
Hit from cloudfront
content-length
33929
x-amz-meta-git_commit
8db6969
last-modified
Mon, 07 Nov 2022 21:20:45 GMT
server
AmazonS3
etag
"b172b73159838e1e11f525531ea3264f"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
OIE1B7HkTgHFua_GjA5fMf4wZ9brriaMxttFHSI4V-wr41MWzff3Tg==
7268132028914645905
tpc.googlesyndication.com/simgad/ Frame 40FE 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7268132028914645905
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14ba0590f8b6cff18ecbbd872cb9d773732b3f5f32ccd25f9ddf6d6fea615a09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 13:33:44 GMT
x-content-type-options
nosniff
age
139152
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96934
x-xss-protection
0
last-modified
Wed, 08 Mar 2023 17:06:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 17 Mar 2024 13:33:44 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 40FE 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 18:08:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
36268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9101
x-xss-protection
0
server
cafe
etag
583283675565503348
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Apr 2023 18:08:28 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 40FE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 15:43:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
44985
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Apr 2023 15:43:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 40FE 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 Mar 2023 04:12:56 GMT
b-8db6969-0d54047a.js
tagan.adlightning.com/deseretdigital/ Frame 0459 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b512b1e143d27297a87f49b35f418f656508da018781e9e87019fa2922b6fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:44:35 GMT
content-encoding
gzip
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
x-amz-version-id
ktqVwPB8xkChf39sZlqPrBHeThdUR.QP
x-amz-cf-pop
FRA60-P4
age
350901
x-cache
Hit from cloudfront
content-length
33929
x-amz-meta-git_commit
8db6969
last-modified
Mon, 07 Nov 2022 21:20:45 GMT
server
AmazonS3
etag
"b172b73159838e1e11f525531ea3264f"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
9MJ7905g6QVBBdGxm-avf8HyWQW5JkOZoslwGISNG-0gDteXihqsaQ==
1363984447753339019
tpc.googlesyndication.com/simgad/ Frame 0459 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1363984447753339019
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be46529915d38c1b927c8fd86786c7e41c7fc7b4e17d98263f052956c475c575
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 20:21:23 GMT
x-content-type-options
nosniff
age
114693
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93356
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 16:03:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 17 Mar 2024 20:21:23 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 0459 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 18:08:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
36268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9101
x-xss-protection
0
server
cafe
etag
583283675565503348
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Apr 2023 18:08:28 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 0459 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 15:43:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
44985
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Apr 2023 15:43:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0459 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 Mar 2023 04:12:56 GMT
cloudy.svg
static.ksl.com/images/weather/New2013/SVG/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ksl.com/images/weather/New2013/SVG/cloudy.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
99d263c750a5a08339b548f9fdf21574af1c454d2f48463ca8597c511de4762e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 03:07:00 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
3956
x-cache
img01 Hit from varnish
content-length
3383
last-modified
Sat, 28 Sep 2013 07:26:19 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
x-varnish
608545789 601777417
cache-control
s-maxage=31536000, max-age=31536000
x-server
v03
accept-ranges
bytes
expires
Wed, 19 Apr 2023 03:07:00 GMT
rain.svg
static.ksl.com/images/weather/New2013/SVG/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ksl.com/images/weather/New2013/SVG/rain.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
900d69b36ed036b05ea15c5f1964278e36dde5956f4c18a2bccf54b022429641
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 18:23:21 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
35374
x-cache
img02 Hit from varnish
content-length
1000
last-modified
Sat, 28 Sep 2013 07:26:19 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
x-varnish
612358581 573910030
cache-control
s-maxage=31536000, max-age=31536000
x-server
v05
accept-ranges
bytes
expires
Tue, 18 Apr 2023 18:23:21 GMT
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=1&c=2719&i=6lr0nn&p=ksl-com&s=15717&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI2bHIwbm4iLCJwYWNrZXQiOjEsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APIXaHR0cHM6Ly9zdGF0aWMua3NsLmNvbS9rc2wtc3ZnLXNwcml0ZS8HAPAMLnN2Z3oiLCJ0eXBlIjoiZmV0Y2giLCJzdGFynADANjc5Mjg1NTczODkyigBHZCI6MRQAgDMsInNvdXJjOwDSRkVUQ0hfTUFOQUdFUkMA0XR1cyI6ImFsbG93ZWS0AEBhc29uswDUXSwiZGF0YVBhdHRlchIAsWxpc3QiOltdLCJpaADfODA0NDcxNTAyOTJ9LOUABfEAbmV4dXMuZW5zaWdodGVu6gDhZGVzZXJldGRpZ2l0YWz5AAABAfIcc2VydmVyQ29tcG9uZW50LnBocD9uYW1lc3BhY2U9Qm9vdHN0cmFwcGVyJjsBIEpzzAEfPWMAGGNjb2RlLyYJAvAEZWRPbj1GcmklMjBNYXIlMjAxNwUA8gc1OjQ3OjI5JTIwR01UJTIwMjAyMyZDTAIgRD1LAoEmUGFnZUlEPckBxCUzQSUyRiUyRnd3d8wB8BAlMkZhcnRpY2xlJTJGNTA2MDI4NTklMkZmcm96ZW4txwDwPndiZXJyaWVzLXNvbGQtYXQtY29zdGNvLXRyYWRlci1qb2VzLWFuZC1hbGRpLXJlY2FsbGVkLWFmdGVyLWhlcGF0aXRpcy1hLWluZmVjWQIWcyYCYnNjcmlwdOQBCycCLTI0JwI3OTY5JwLCaW5zZXJ0QmVmb3JlQgACJgI_bG9hIwIgvzc3ODQzMzIwODc4IwL_ly81MCMCDCBtdbkEQ29uT2KyAx9MKQI3PzkwNCkCB_IWZDNuamdycTR1dmI0OTcuY2xvdWRmcm9udC5uZXQvdmlkZW9qcwgAby5taW4uahQDEj45NjbxACc4NRQDD_EAQq85MTU3Mzk0MDU28QAH8QJpbWFzZGsuZ29vZ2xlYXBpcz8FYGpzL3Nka5EDf2VyL2ltYTPpABUdOOkAODQwMiQGD-kAQq84MjEyMDY1NzYz6QAHD9oBGO9qcy1jb250cmliLWFkc_sAEz80MDL7AAEfN-QBTK84MTE4MzIxNzEz5AEID_sAGk8uaW1h2wIXTDQwMjfbAk80MDI49wBNrzAzNTQ5MzYwNDXyATVfc2hhcmX5ABoeOPkALzMx-QBMvzc3OTIxNzQ3MjEx-QAHArsIBCoIUi9qYXZhsAfQL3JlYWN0LnByb2R1Y9IHD_AAGS4zNfAAHzTpAU-PMDYwMDcyNTjwABf2DGltYWdlcy9hdXRvcGxheV9pY29uX2xnLnBuZ8EIIGltDQAM5Qo9NDAz5Qo4NDA0vggPwQRDjzAwNDU4MzYxmwYID9YBDE8tZG9t2gEkAOAAIWVucQsD7QsgNDHJBQXZCw_0AEKPOTI0MTkwNTe6BAkA8QoCmwahdGFnbWFuYWdlcqEG9hRndG0uanM_aWQ9R1RNLVRWTFo1WiZsPWtzbERhdGFMYXllcuwBAv0CAkIICa0KPTQwM60KRzQyMjLFAw-tCj2PMzczMTIxNjCvBQgP9QBPDsoDCvUAD_ABQhQ3-wAfN7oEB5Fqcy5zdHJpcGXlAT92My_FAREfMrQDACgyM3UIiWlubmVySFRNRgoPlQ4mrzc3MjIzMzQ2NjSUBAhxdGFnLmR1cpEPUW1lZGlhQQrQc2l0ZXMvMTExNTkvZMICD-AAEw-wAQAAjgUFoAMP4AA8jzk3OTkxNzM4dAUJYHByZWJpZB8JgXJldmNhdGNoswEAEQAPFAsSPjQyMzAJARQAD9YARo8zNDk5MDcwMCgOCA8qCQtQYXBwLS1EEU9lYWJmFwoULjE4IAk3MjY0YgQPbQNCQTg3NDAZCg8gCSYP7QAjDhQJD-0ACxJBlgUPARAqBewAD1QFCDVpbWcQCYFzbGMvMjkyMAUAIzg2BwDQMDEuanBnP2ZpbHRlckkG9wZ2Mi9yZXNwb25zaXZlX3RvcHBpY2vvDQ9CCAMuMzkAES80MwMNT585MjA5MDE4MTgDDQgPBQFZDt0DDwUBWQ_2AggNBQGjODk3LzI4OTc1NQcALzQ2KwoRPjM4OTwIEDMODQXBBA_aA0OPMTQ2ODk4NzHHBAgP5AA4DnsGD-QAWR85KwgHD-QAOA-sAgEPuQ9NIzc4yAEvMjDkAAfzAnJlZ2lvbjEuYW5hbHl0aWNzqBEBawfwAGcvY29sbGVjdD92PTImdAsL9SwtSlc4OURMN1Q1RCZndG09NDVqZTMzZjAmX3A9MTg3Njk3NzY5Jl9nYXo9MSZjaWQ9MTUzNTk3NTY4LtQX8BE0JnVsPWVuLXVzJnNyPTE2MDB4MTIwMCZ1YWE9JnVhYgUAMGZ2bAcAMG1iPRgAEG0MABFwBQAQdgYAoHc9MCZfcz0xJnNiAAQsGFA0JnNjdBUAf2VnPTAmZGzbFnxRJmR0PUY8FzglMjA-FwAPAMFvbGQlMjBhdCUyMENEF3ElMkMlMjBUSRegJTIwSm9lJTI3cyQAEG4qADBBbGTzFwRUFwAYAABWFzUlMjBYF4UlMjBBJTIwaVwXUCUyMCU3VgAwS1NM4AHwCSZlbj1wYWdlX3ZpZXcmX2Z2PTEmX25zaQcAEHNeAfAcZXAuRERNX0RldmljZV9JRD1nczBnMWpsZjh5eHImZXAuUmFuZG9tX1Nlc8oaACIABuUBwDIzNy50NjNjMmUwaSwA8AFMb2NhbF9UaW1lc3RhbXA9khjwEi0wMy0yMFQwNCUzQTEyJTNBNTQuMjM3JTJCMDAlM0EwMDkAAKgYT19VUkzPAX0AAAGAZWZlcnJlcj2oAKBIb3N0X05hbWU9Xw0DERsAGQCyQ29udGFpbmVyX1bzGzQ9NTkYAP8EZW50X0dyb3VwaW5nXzE9TmV3cxsAAm8yPVV0YWgbAAKRMz1CdXNpbmVzOgDURW50aXR5PUtTTCUyME8AME9iamAZMHZlPYwAMGVudEkA0EF1dGhvcj1CcmVuZGEpGmJvb2RtYW55AoNDTk4mZXBuLjAAANsBBAMaADwAElCGHFVfRGF0ZcoBQDE5VDG3ARA0ygFVMDAtMDbEARFTwRuQPWNubl93aXJlQwBWVGVhbT0NADBtcGxMABJBchoBIQChb3BpYz1nb3ZlcpgcABQA0ExvZ2luX01ldGhvZD1mGhBpZBIgYWwcAACrAjBIaXSrAMA0Y2hybjhmc3ByZ3gbAIFQcmV2aW91c0cCIG5vZgOQc3BlY2lmaWVkIACQVXNlcl9SZWdplwMAUgAC2QAAGwBQSGFzX1aVF1A9ZmFsc7oA8AFuLldvcmRfQ291bnQ9Mzk1JgACmAAgU3TDAAQoAHIuVXBkYXRlSwAE7gIPJAEIAMAAB0oDwG43b3pwb3d5N2ZmdWMA_wFLU0xfTWVtYmVyX0lEPSZ1nAMJB_QNkmVuZEJlYWNvbgcLCp0QLjQwmQYoNDCZBq9TRU5EQkVBQ09Odh08jzE2MTQxNTUznAYIAI8S8QBzLmcuZG91YmxlY2xpY2vjDg-XBgwPdgYGCbAGQGFpcD1gHwOUHh9zKAEMDnYMKDQwmhQPKAFErzc4MzMzMTA3MjJwCggAbwQPwxIEM2FnL8QSCLkHCsYSVyZjeD1jMgIPeB0FPjQyNI8KKDQwuhQPyxI7IDgwAgtPNTI2NdARCA_9AFcPKwMBCP0AD4wLQQYDAQ-oCggAAwEDbwZQL2FwaS8EICEvbSsEYC9hY3RpdgQfA-gCD3whBS80NOMSAAEUAAVsDA98IT-vNzczMzE4ODg2N94CDA_eAAWgcmVhdXRoL2NvbbkiBzoPD-cAHAjKEw_nAECfOTU1ODU0MjA1xQEdBNkAZC9tZXRhL4EHBqwDD-cACB0zSxkZNLEUD-cAP684MDczOTg4MTEyrwMID_8SCwE9GvMUL2UyY2JjMzAwYTY1N2Y5NmZkODFlM2ZhMDFjMmE0ZTg4LUPwAQ9cGhguMjZ2GQoRAQy_Aw84EjGfOTcxMTEzNDkxMxEIAL4DAr4FFi2FDQBKJAYOAA_vFBQuNDH0ARg1ogQPnwU9jzU4MDg3Mjc5xAcID94AOA4oEBk03gAMwQEZQ4wXAGogDx4mIQTkAA83GwgPUxgkD6IDABg4UwgPrgE7BlMYD-gmCA_KACMfNJoBAAnKAA-aAUEF0AAfNZoBCA8jGUwQNKATBSAHD7ABPA8jGREP4AA5D8YBAQngAA_GAUIE5gAfOekaCA8JGkI3NDk2IhkPvAE9DwkaEA_WAC8PsgECCNYAD7IBQwPcAB8x5gcIL2JlmhwBAVkMAIgFMGVkP6ccMUlkPagcBtAIA3AsD6sOAS41MMEHARQABYADf1JFUVVFU1SoDjqfNzc3NzY1OTAw9RgiITU5-hlPNTk3MPoZNQ5rBSg1ML4KD_MBQa84MDAxODI1Nzk2ERgZBP8aDwUBQA6KDQ8FAVkPxQsIDTIYDwUBSA71HQ8FAVgfN_MJCAKMIASzDZB3ZWF0aGVyLTPmFyA2OAgDBvADD-EcAyA0MOUmCy8kD90AT0A3NzI27wMvNzQiCQgP3QAxD8kEAQ_EA00G3QAPiwwIkHRhZ2FuLmFkbOcwQG5pbmcmGCovZOkwL29wmCAULjI2kAwZNaceD3YHPI83ODg4NDc2MbIpCQ_jAD0OEhMK4wAPkAVBFTfpAA-QBQgAPRWhaWMucnVieWJsdckBIHRyDjQfcr8BFR40oQwZNUMQAMYyYG5kQ2hpbFUxAHEAAYszAOIHD2oNIn82OTk0OTM30AsIAGQAD9UALA9BBwAJ1QAPsQFBMzgwNdwAD0AiCNFjZG4ubW91c2VmbG93sAEwcHJvtxn_F3MvNWI0ZGUxMTAtYmMzZi00MGFhLTg3NTEtYzMxNzZiYmY4N2Q11gEVHTMZMT80NTMlEEmPMDU2MDAzMTEyBggP-wBUDzALAAr7AA_8AUMDAQEPwhcJkHNlY3VyZXB1Yt0mDvEYAKUd-ARhZC9wcHViX2NvbmZpZz9pcHBkaBwGVAcgeGiYKg13LC81NXcGAAAUAAVACz9YSFI8CzufODU1MTMzMjc5cwYID_oAZghxBw_6AGIGGhMwdGFnhDRBaWNlc_gDEXS2GU8vZ3B01QMVHzarBQAPHBNOnzc5ODg2MTk4NAoOCQ_mADoPbQcAD-YACg_DFTIE5QAPbAcIALYDAMIBYWVub2JpZMQB32FkcmVxP2NiPTU5NjadAw8fNysJAAAUAA-dA0efOTcyNzcxOTM2xw8ID9gAMA91BAAYN_0uD3sDPtA5NzI3NzE5MzY4fV19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:56 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 20 Mar 2023 04:12:55 GMT
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=2&c=2719&i=6lr0nn&p=ksl-com&s=13177&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI2bHIwbm4iLCJwYWNrZXQiOjEsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APIpaHR0cHM6Ly9oYm9wZW5iaWQucHVibWF0aWMuY29tL3RyYW5zbGF0b3I_c291cmNlPXByZWJpZC3QAPAFIiwidHlwZSI6InhociIsInN0YXKnAMA2NzkyODU1NzQ1NzSVAEdkIjoxFAAyNSwiTgDiIjoiWEhSX01BTkFHRVJBANF0dXMiOiJhbGxvd2VkvQBAYXNvbrwA1F0sImRhdGFQYXR0ZXISALNsaXN0IjpbXSwiaWYAvzU3MDc2NTQ2MH0s7gBeHzXuAGYfMe4AB_ADZXguaW5nYWdlLnRlY2gvdjEv7AE_cnRivwEQHzfRAAAfN78BSa83NzI4MjkxNDk10QDYcWRlc2VyZXSgAbFub3JhdGltZWRpYYMDA6wBYy9iaWRzLykAQz9zcmOKAxJfkQNRXzcuMjR-BA-RAw0fONIBAB840gFJnzk3NDEzNDA4MqMCCAPYAA8BAefwJHN0YXRzLmcuZG91YmxlY2xpY2submV0L2ovY29sbGVjdD90PWRjJmFpcD0xJl9yPTMmdgkA9hd2PWo5OSZ0aWQ9VUEtNzI4NzcyMDQtMiZjaWQ9MTUzNTk3NTY4LnwFICZqGQCwMjAwNTQ1OTkxJmcQAPgJNDExODk5NDQ1Jl9naWQ9ODk3OTg4OTUyOADAX3U9YUNEQWdFQWpBAQD_AUVBRUt-Jno9MTU3MzY1MTJLBA8fOBwFAAAUAA8KBkevNzk5MTE1NDQzOUsEBw94Af9m8QV3d3cuZ29vZ2xlLWFuYWx5dGljc-8E9gVwbHVnaW5zL3VhL2xpbmtpZC5qc10CYnNjcmlwdCkICmoIPjQ0MNkEJzg22QTCaW5zZXJ0QmVmb3JlQgACawg_bG9haAghrzg3OTIwNDA0NDJeAgcP5gA_LzU55gAMMW11dNwJr09ic2VydmVyQ0zsADgfNsMFCPECdGFnYW4uYWRsaWdodG5pbmfPAQPZBf8LZGlnaXRhbC9iLThkYjY5NjktMGQ1NDA0N2HfARQ9NTIx-QA_NzEy3wFGrzgwNjMwMzczMDQ9BAgP8wBNHzPzAAwP7AFBBfkAHzXsAQjxBHBhZ2VzLnByb3RlY3RzdWJyZXbuAUY_bmV3rQMPFAwEHzfLAQEAFAAPCgZHnzg5Mzc1NzA2Ms0BCA_UAMEzdHBjZgVhc3luZGljGgQBqgH2DHNpbWdhZC8xNjAyMDc2NDc0NjMyNzAzMTg0M8EBMmltZz0ECmsFPjcyMpkCABQABcEBiWlubmVySFRNfAQP0w0ojzYxODAwNzkx0w0IBmsFAeAAsGFkcy9tZWFzdXJlDQ9QL2w_ZWIVCU9lZm1r4QAQD3oDACkyM20ED-EAOgBxCW8xMjEyMTZMBhEwdGFn3AUyaWNlMwf_D2FjdGl2ZXZpZXcvanMvY3VycmVudC9yeF9saWRhcmEFFBA34AAjZW5EDwK-DwEUAA_VAUWfODk2NTMwMzY41QEIP2FwcGYEAPYSY2F0Y2hfcnAuanM_Y2I9MC42MjQzMjExNDAyMjU4NzI44QEPMAgILzk2xQIACNsOD14FQb83OTI0NDMxOTEyM-oBBw9XBhP_A2wtZTVlOTdlYS02MGRlNGE5NeoBFA9LBwIpNzDeAg8qCTmvODE0MTAzNzYxM_QAaQ_SAwAJ9AAP7gFBBvoAD80QCHFpbWcua3NstgSBc2xjLzI5MjAFACM5OQcA9xc5MC5KUEc_ZmlsdGVyPWtzbHYyL3Jlc3BvbnNpdmVfdG9wcGljayYLD7gFAz4zOTKNEx83BQFOrzc4NDg2NjU1NTZ9BwgPBQFZDogODwUBWB837gQIDwUBBhI4CgKfODkwNy5qcGVnCwIGcHN0b3J5X2y2BwMHEg8LAgUeMdkTDwYBT684MDY3Nzc3NTMwXAoIDwYBWg5ODQ8GAVkPEAUIhW5ld3MtYXBpGwTyBnYxL3dlYXRoZXIvZ2V0SGVhZGVyVxEABu8GD3ILBBA4XgsL3AcBFAAF3AcPhhc9rzgwMjEwNTMyMjDSCAgP5ADRAJcKBN4F8gFhcGkvMjAxNy9tZW1iZXIvuAkGvgFfZmV0Y2hxCwEQOF0LDcABCP0OX0ZFVENISBk7nzczMzE4ODkwNrwGCAA-EyVpY6QCRmtzbC2ZBiEtaKUCEC8WAAILAA-hCBQuMjbsDyg4MjUaDK0HEkE2AQ_QESqPOTI2NzY4OTeaCQm_c2VjdXJlcHViYWStFQFCZ3B0Lx0A_wFfaW1wbF8yMDIzMDMxMzAx-gAULjU0kQQoODb6AKBhcHBlbmRDaGlstBIAgAEBLxsPxBIjrzgwMzU0MDY5ODmbBwgP9ABOHjWbCQr0AAzuAQ_TEjEE-wAvOTCFBQgPPw9FDoIID_EATyQ3OUUPD_EACACuBAKWFQGPCg9FDywP5wArQGVycm9UHi9yZQAeGwVMDx84Yg0HBugAoXRhZ21hbmFnZXLyADBndG1WDvICaWQ9R1RNLU5LTVFWR1EmbD3ABIBEYXRhTGF5ZZcAA2AJD2EOBy43N2MJKDg5tQUPkRY9jzY4MDc1NDczYwoID_kAUR84ZwwACvkAD9EDQSM3OP8ALzc3-AEHDlwKkzA4LzI5MDgzNgcAXzkxLnBuQAsQHjLdASg5MkcdD-QAQZ84MDczNzA1ODg0EQkP5AA4DiseD-QAWQ8kDAgA-AYHeAggbS1kCEBtZXNzmBZzLXR3aWxpb6MiFC8XAA-DBxQuNzeDByg5NPwTD4MHOmA3ODY1NzEoCw-vBAgP7wBID60DAQrvAA_JAkEE9gAvMTGNBgggY2_ZJFItY2RuLgsAMXByb6UFQGNvbnPiFP8WNDIyMjU3ODgtNmZiMS00MzhkLTkxYTAtMGRhMzJjNzcxZmU4LyUAEVYuanNvbogLD0YNBC85NxADAAAuAg9GDUiPMTI3MTU1MDVkHAgCHAEPJwF5D0EDABg4XxQPbQ4_BCcBD04CIQLCB_8EdGVtcGxhdGVzL290U0RLU3R1YjEEFBA5zycLnQ0oOTjoB39yZXBsYWNltQs0AFsnbzYzOTkwMTIECA8VAgYP7gAuD0sQAAruAA8wBEIxOTI49AAfMtwICA_0AAYPMAQa-xgyYmY2NWNjMy1hZjQzLTQ2MTUtODY2MC01NDNmMmE3NjlkZTEvZW4zBA-7DwUuNTBnGDg1MDlnGA-7D0J_OTc0ODgwORADMfAAMjAyMjEwLjEuMC9vdEJh2hs_U2RrHQMTLjUw0Q44NTA5KAkPTgc6rzgwMjkwNzc1NDS1EAgPKAIGDBwDD_oAKx01kCIL-gAPKQNBBgEBD3gTCA8BASFQYXNzZXQdBU9GbGF0_QIVLTEzCwYgNTGoIwUyBw_9Aj-vODEwNDQ2MDE4MwgMCA8CASjPdjIvb3RQY1BhbmVsCAEWAPQACiMGRzUxNDFyGw8IAT-vNzg3MDE3MzY5NAgBQ8BvdENvbW1vblN0eWyIHhdzgBoPDgUGLTE0OiARNRQADxECSJ83OTYzMzM0MDbqEQkAQAwgZC5rKxF4dykgdy_wBPcGanN0YWc_bmM9NjY4Ni1LU0xfTmV36AACMQQCfBQJIyE9NTAzXh44NTE29wUP_Q88nzk3MTQ0NjEzMcoTCA_lAD8NBQ8L5QAP4wRBFDfrAA8MCCJibG9nb3MvUQ0SLwcEQHByb18XAA_5DxEvNTLZAQAoMjPZAQD3IvIDSW1hZ2VfU0VUQVRUUklCVVRFJQICoRYPCSMnIDczARBPNDY4NOQQBwLVAA8QDAAA5AAF-wDCcG93ZXJlZEJ5X2Nw_gAvc3b3EA49NTIzAw0gNTLlBQXAAw_-AEnQOTU1OTg2NTYwOX1dfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:56 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 20 Mar 2023 04:12:55 GMT
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=3&c=2719&i=6lr0nn&p=ksl-com&s=11146&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI2bHIwbm4iLCJwYWNrZXQiOjEsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0AP__J2h0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM_cHZzaWQ9MjI0MDA5MDgwODMwNjIxMiZjb3JyZWxhdG9yPTMyNzM5MjY3NjE2NjcwODImZWlkPTMxMDcyODg2JTJDMzEwNjgzNjclMkM0NDc3NzYyOSZvdXRwdXQ9bGRqaCZnZGZwX3JlcT0xJnZyZz0yMDIzMDMxMzAxJnB0dD0xNyZpbXBsPWZpZnMmaXVfcGFydHM9NjY4NiUyQ2RkbS5rc2wlMkNOZXdzJTJDQml6JmVuY19wcmV2X2l1cz0lMkYwJTJGMSUyRjIlMkYlMkYzJTJDJTJGMCUyRjElMkYyJTJGJTJGMyUyQyUyRjAlMkYxJTJGMiUyRiUyRjMlMkMlMkIAFDEmcHJ1APACX3N6cz03Mjh4OTAlN0M5NzAJAJAyQzYyMHgzMDARAVgwMHgyNQoAeTdDMzAweDYeAAUUAPAaJmlmaT0xJmFka3M9NDA0NDY0ODk4MiUyQzE5ODE2OTEzOTklMkMyMTJrAvgANzYlMkM0MDczNzQxMjM1DQDCMiZzZnY9MS0wLTQwrADyHHNjcD1wb3MlM0R0b3AlMjZoYl9mb3JtYXRfcHVibWF0aWMlM0RiYW5uZXIeAEhzaXplHAAD5gABOgAocGIaAEIwLjA4NABIYWRpZBoA8gAyNTk2YjEwZTk2YWZmN2QlAGhiaWRkZXInAAWCAAFdAAKXAA-OAAA6JTNEhQA6JTNEfAA_JTNEcwAINSUzRGoAIjdDDQHkYXJ0aWNsZWJvdHRvbSUWAGVpbmxpbmUPAFpyaWdodA4A8AUyJmN1c3RfcGFyYW1zPXYlM0RuZZYCIDZjSAGjc3RvcmllcyUyNmAA8ggtaWQlM0Q1MDYwMjg1OSUyNnB0JTNEQX0A8QAlMjZzdGNhJTNEZ292ZXLjAwA7AFB1dGhvcggB8AVyZW5kYWdvb2RtYW4lMjUyQ2NubkQAcWFnZXZpZXdcAPEENGNocm44ZnNwcmd4JnNjPTEmYz4EgF9lbmFibGVkVgL4CmJ4ZT0xJmR0PTE2NzkyODU1NzU1OTUmbG0SADcmZGwPAGAzNDAzJmkzAKA0NDMmYWR4cz0ywQAwQzMxcQICBgAgOTgMAMA5ODUmYWR5cz0xNTSlAiA4MAcEkDE1MzglMkM1MGAD8g4xODQ1JmJpdz0xNjAwJmJpaD0xMjAwJnNjcl94PQgAkHk9MCZidHZpPVEDgDElN0MyJTdDDAB0MyZ1Y2lzPRMAsDMlN0M0JTdDNSZvtASAJnVfaGlzPTIIAAJVACN1X2cAM3VfYWgANXVfYRQAkGNkPTI0JnVfcxoB-whkbWM9OCZiYz0zMSZ1YWNoPVd5SWlMQwQA8R9GdGRMR1poYkhObExHNTFiR3dzSWlJc1cxMHNabUZzYzJWZCZudnQ9MSZ1cmw9fwUyJTNBXgQwd3d3vgRzLmNvbSUyRhYCNiUyRhMC8AFGZnJvemVuLXN0cmF3YmVyQQLwNi1zb2xkLWF0LWNvc3Rjby10cmFkZXItam9lcy1hbmQtYWxkaS1yZWNhbGxlZC1hZnRlci1oZXBhdGl0aXMtYS1pbmZlYw8GoHMmZnJtPTIwJnZDAcAmcHN6PTEwODJ4MTBIATE2MTSlBCE3QwoAITM4cAEDugQCnARUMjUwJm02AADRBAMsABA1KwABNgABCgAA2wQCHgADCgBQJmZ3cz0PAgkEADImb2iJAQDaBAILBQASAgoOAPUDJmdhX3ZpZD0xNTM1OTc1NjgutwIQNBwAAKwGBRIAEDYSABBoLgCAODc2OTc3NjkRAPAMZmM9dHJ1ZSIsInR5cGUiOiJ4aHIiLCJzdGFycwcFBgMwNjA4YQc1ZCI6UQARNRQAUHNvdXJjOQCyWEhSX01BTkFHRVJBANF0dXMiOiJhbGxvd2VkiQdAYXNvbogH1F0sImRhdGFQYXR0ZXISALJsaXN0IjpbXSwiaWYAzzgwMzI3OTk3OTl9LLoH_________8bwAmFwcC5wcm90ZWN0c3VicmV2-QnwDS9jYXVnaHQvcmMtQ2ZaZXViLzY0NzE3Nzc1NS9dEA-kCAs9NzMwpAgBFAAPpAhHrzk3OTg3NzEyMTOkCAcP6gDt1WFwaS9ydWxlcz9pZD3aAQZyClJmZXRjaDMKCnQKPzczMdABADUxLCLQAV9GRVRDSHYKPDA0Nzj2Ci8xMdIBBwI4DlItY2RuLgsAMXByb78CgGxvZ29zL3N0LRAVLxsAEF8XAEYucG5n9AAgaW0NAA1mCz4yMzfyACc1NPIAUGFwcGVuTgsAZQABYQswbG9hEAAvcmVeCxuvNzM3MzcwNDY4NegAYS83NegADCBtdUUBwm9uT2JzZXJ2ZXJDTCICAlUMD_QAKy83Mq4DCAK2AQ_cAQ3CcG93ZXJlZEJ5X2Nw3wEgc3bSAQOhBA_fAQUfN98BARc33wEP9wBCrzk1NTk4NjU2NDjrAQdfcGFnZXORBQAGswIPpwMHHzanAwAAFAAPpwNKnzkyODgwMTIzNtQAB8JtZWRpYS50d2lsaW-sA8BtL3Nkay9qcy9jb267FgEJFvICcy9yZWxlYXNlcy8yLjEuMC8yABktJAB2Lm1pbi5qcw8BYnNjcmlwdJUCCbcETTQ3NzndAig4MbcEAsUDQENoaWy6Aw_KAy6fNDc0NTAyMTQ0CwF-PzgyNAsBDA_xAkITNxIBHzg6EAggYWRZBNBpY2UuZ29vZ2xlLmRl4heQaWQvaW50ZWdyzRe3LmpzP2RvbWFpbj2eEg8EAhA-NTU44QQuODnJBQ8EAjWvODg1NzE3NTcyNwQCBw_yAE0eNusBCfIAD-sBQgX5AA_cBAgN-QA_Y29t7AE6DvoAPzkyMtYFTY83NDQ2OTkxMPcDCyBzc9kFZC1taWNyb_ECMWtzbK4IMHVzZewTA7QGD-AFBi45NPsTARQAD-AFSAD8E280MDYzMzXVBAj0GmQ3MGE1YjY5NGIwYTAzYWU5M2NhZmJjYzBhZGRlMWJkLnNhZmVmcmFt5ANhc3luZGlj9QUBAQEFIAASLwgaUC9odG1sHAZwdGFpbmVyLg8ABu4DEWlLAA_yBQA-NTYxeQw3OTU5AgKwaW5zZXJ0QmVmb3JsFQ_zBSyvODA1MjQwNDg5OckICA8eAXgdMhoECh4BDxoEQQYkAQ_hCggA9ggzYWQyAwYMHwLwBGdldGNvbmZpZy9zb2Rhcj9zdj2MGZB0aWQ9Z3B0JnQPAAWeHWZzdD1lbnYuAg9IFwQuOTYDCjc5NjgrAg9IFz-PMjE5MTc4NTIJAXwPVgQADwkBVA80CggAKAqyc2lmdHNjaWVuY2UnBA_5CRM9NTk2BwRHNjA1M9wBD_kJOq84MDYyMjY5NDUwJAUID9AAKw3ZCwvQAA-5A0ME1wAPsAIIP3RwY7UDBAGrAwKxAx8yuAETPTYwNKEEODYwOZcND7gBOq83Nzk0MzA5OTA3tAgID-EAPBwzggUL4QAPyQFBBugAD4cLCA_oABNwLzIyNS9ydXshD5UHFT42MDmOAygxMWoFD9YBPI80OTIxNjE3NO4AZA2FCho27gAP4wFDA_UAHzWsAwiCanMuc3RyaXBNBXB2My9tLW91iB_xETkzYWZlZWIxN2JjMzdlNzExNzU5NTg0ZGJmYzUwZDQ36wEfIyoggHF0aXRsZT1GjiA4JTIwkCAADwDBb2xkJTIwYXQlMjBDliABTiUhMFSbIIAlMjBKb2UncyIAEG4oAHRBbGRpJTIwpCAAGAAApiA1JTIwqCCFJTIwQSUyMGmsICAlMlUgYCUyMEtTTKMG8AQmcmVmZXJyZXI9Jm11aWQ9TkEm_B8wTkEm5hBRaW9uPTbkJIBpZXc9ZmFsc4QKA_cLD9YKBy45NhcFEDHYDgX4Cw9BAzuPOTM0NzMyMDHPBgkPTAL_qA0QERo2TAIPnwRCBVMCDxcRCADaEQMDEgAYEACIA8RwdGNoYS9hcGkyL2H1DQ8vAw0gNjDtEACcFwYiI082MjAw_glF4Dc3MzAxNzE5NTQ4fV19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:56 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 20 Mar 2023 04:12:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48516
x-xss-protection
0
server
cafe
etag
9558409252473551586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 04:12:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B752 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRooF1SgsxYCMwjf5m2nCEfM0-ghx_kzQJucsKP-LrVuIZORNuTwrnR22p06FE9u00w-ZW5-2xOMP3nmFgQjB9M7e6VbHyQEDy5pD8tcXMkUN6YbDTqTABtPQ9SU4X6RaZgBXoOXf3VbK1XkG6tDIiKCAqYjHpQcRfjnjS85oHPAN3RTPcdMtq5A5SFFXt8vZjE1P7ZaKgngOJ2Xp3eu7F8cFcsuXs-OUwTdriGEkQ4Trq9TZF7579dD7GAjygSUvsIFRwjYFjt1vjDUdxg3pY7W6_k2zkuEQy5RTIENV0P2YAVUCKkVi_9J_mMT-A46aDVPmKRmXWWiEFtG8wUQ&sai=AMfl-YQvN5nkbTeRgRsrgiTPpHTGJnpoZ3FCVoab-Y_i6Q4hKKaI0mJUlaP-fU_Kqi2RfDsvQRM1dlrFsglvpnhyLBCe4o8SzCkc3svK6C2woAr1rAMNuzHcQxL6--FLISYEtvn3S3BGj2tx-YtTkB8&sig=Cg0ArKJSzOn26Wew2vmxEAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 20 Mar 2023 04:12:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 40FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv74Vk1lBjzd1z-mvEKXlK1VDc4M1ktRXkE2RO4v2gfRwHIiWZbxMJSiY3BdWqeuWg403mkZqrcPVWrSDtGH7O8OaU6VHorDUvQ2ZLAPsvMHhXdb6Jg4xNiR2sul-l6BIEtub-PFoWrnpnajzPdjGXlZXUzemh3z5sA42ngoOOlX7OcmRu3gc3wGLRO6MvtbN8F93h2fLCM_Mwf-A1Suak2xEIxhKSFvFdbqDGKS-KDMPt3NhGeEc_OmciA9O9TtL6vtqFT5HBNeeDGqYlIf1um0Eu_YCZteoGNAfqNqbwVCmS1LtLP99sYEKzXDejhlys&sai=AMfl-YTuoH5E06IWjnSKXA2d75-RMjBWmM2FDMBjDs2vaIe7zq1VjYQtz9JH6j9NJClbLx9kWUnAePJ5tY2wtdM65yXLsFI9BVNOFE2lVWzhq_jhevVfFGZ0fEUQAPBY1Klr4W_FgGNAw0w6csI5nvQ&sig=Cg0ArKJSzMJxBq7zdTpCEAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
bl-e5e97ea-60de4a95.js
tagan.adlightning.com/deseretdigital/ Frame 662B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-e5e97ea-60de4a95.js
Requested by
Host: d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com
URL: https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7113168867063276dff6573f2640bc5573deef8d952bd3323eb3690b09ab481e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 14:38:20 GMT
content-encoding
gzip
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
x-amz-version-id
xv3aBW8UIoi8H.fyYsmXJIbjVKulxOwE
x-amz-cf-pop
FRA60-P4
age
221677
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15901
x-amz-meta-git_commit
e5e97ea
last-modified
Fri, 17 Mar 2023 14:37:37 GMT
server
AmazonS3
etag
"1fbb82777b5f7d515202aed8a8904806"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
E264xAw_P_MczUMbYxFaS0P0mUi3O3WMyoy8JAccihj12k-Fx6jK4A==
b-8db6969-0d54047a.js
tagan.adlightning.com/deseretdigital/ Frame 662B 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Requested by
Host: d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com
URL: https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b512b1e143d27297a87f49b35f418f656508da018781e9e87019fa2922b6fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:44:35 GMT
content-encoding
gzip
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
x-amz-version-id
ktqVwPB8xkChf39sZlqPrBHeThdUR.QP
x-amz-cf-pop
FRA60-P4
age
350901
x-cache
Hit from cloudfront
content-length
33929
x-amz-meta-git_commit
8db6969
last-modified
Mon, 07 Nov 2022 21:20:45 GMT
server
AmazonS3
etag
"b172b73159838e1e11f525531ea3264f"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
55LQVQXtPK_emChV2W1UhZmrRFIYpFgzya9OmI1XvtBJmYVu597DjQ==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 662B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DwbcLzysRkjsasBybkSOprinVO4aTwL_rSRUmtb0xk6MsJP1MVfB8fea6jHy9udBfgAi4E_pwmpM06T0BXLS-M8vn3y4OppScEaQkWtXS0rhfl4n0
Requested by
Host: d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com
URL: https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 662B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js
Requested by
Host: d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com
URL: https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 15:43:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
44986
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Apr 2023 15:43:11 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 662B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com
URL: https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 18:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
36337
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8617
x-xss-protection
0
server
cafe
etag
263085479041318444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Apr 2023 18:07:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 662B 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com
URL: https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 Mar 2023 04:12:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0459 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOy7fwGhbINt0unmHCofA7ip2nhP5zPM-vJ7abEX9NWjcQ605l4gHsqVQOhxoXlpwywSqpnNFDGRVaQi_d0J4aJOaZ9y8eBrHfntEdhrnCG8gR8oRoXHYkwd4S32_fNUkbPLjMQ1tDVu5Mo-WrZw3fIzW4FEEOmyxytFHJRetH16bQ8BMTGvLN0wFB9pMSToAaNybsKWhhPr1ttyt0PrdzL-VpJMaaJoBB6YH2G4NCHy8hKUgu3fbTX79S95AQ9L8sGyVfGW_OK2AauGR_TsBQux0_JlQLR_jXDIYQhA4LuJDSIk94C43fp7DCHwMG3eg&sai=AMfl-YQIV2KRFWU0_-HxAeI8IZeeB_vHYW-m7OFqlSgxlDGC9JEcxUCZTHoKI_6zvXm2xaMF7o-rwepX4OjC9D6uw-VddtEAyG0JYxYmw8QjcTiSe6N1DJ7_FkqOn7FjT7shEV_nfkKhRn5p9tF7N7A&sig=Cg0ArKJSzKAjdRraKlfrEAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
apstag.js
c.amazon-adsystem.com/aax2/ 		222 KB
55 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.97.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-97-56.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e2d56cece389641b16dea99088a149ade31ad4dd2a3864f501c729dac4543e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 03:40:29 GMT
content-encoding
gzip
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront), 1.1 d9c696d6d0c92f63870873ced2895baa.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 20:24:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, PRG50-C1
age
1949
x-amz-server-side-encryption
AES256
etag
W/"a7e0149ce78dcfe46a1b0656ebdcc903"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
C7EPU0QPQ7oJBV4kfETCN9qO9LRlfzUMXilSt0fgKJZw4Eda8Q420g==
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=187697769&t=event&ni=true&_s=1&dl=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50602859%2Ffrozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections&ul=en-us&de=UTF-8&dt=Frozen%20strawberries%20sold%20at%20Costco%2C%20Trader%20Joe%27s%20and%20Aldi%20recalled%20after%20hepatitis%20A%20infections%20%7C%20KSL.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Block&ea=off&_u=aCDAgEAjAAAAAEAEK~&jid=&gjid=&cid=153597568.1679285574&tid=UA-72877204-2&_gid=897988952.1679285574&gtm=45He33f0n71TVLZ5Z&cg1=News&cg2=Utah&cg3=Business&cd1=gs0g1jlf8yxr&cd2=gs0g1jlf8yxr&cd3=1679285577201.vg3dr36d&cd5=2023-03-20T04%3A12%3A57.202%2B00%3A00&cd6=1.0&cd7=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50602859%2Ffrozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections&cd8=&cd9=www.ksl.com&cd10=GTM-TVLZ5Z&cd11=59&cd12=0&cd13=News&cd14=Utah&cd15=Business&cd16=KSL.com%20-%20News%2FContent&cd17=Content&cd18=Brenda%20Goodman%2C%20CNN&cd20=50602859&cd23=2023-03-19T10%3A42%3A00-06%3A00&cd24=cnn_wire&cd25=wire&cd26=Article&cd27=government&cd28=traditional&cd31=4chrn8fsprgx&cd33=not%20specified&cd41=0&cd43=395&cd47=0&cd49=2023-03-19T10%3A42%3A00-06%3A00&cd50=n7ozpowy7ffu&cd51=n7ozpowy7ffu&cd4=153597568.1679285574&z=1680924546
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Mar 2023 17:22:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39013
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame B752 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bfbfad8065924b34a58b528bcd737dbb0a163b934557c0d2f8e74e2252317d45

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B752 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6iVHqcqPfcF6s8aj86D9lq4WrUPQOWVXn2uYQHwU_lJUg_gpVnon9TOY7YjyASVMlPrGf32pRkuAJhDnwMmbaez-Zx2wi4b2nIhq7ec6YttTp5X7KUyy6LTDgjJrFlt8v-CDiGfMmj1DauyQnE2RuIziq_xoN8aLVbRMEW4CzNof-MKHj2LZPNf0zV3bDnDzBfA47uAu1Fb1WuKSDhqj7ynHMwDAXddP2I_eo7y4_nTt90cjRyllmHttzIhOtu5vwrxTbgyB-33TOIM1qc9bJk1Eq2Zy09AkQUBQ3NM2F0pLg8BiR1od9ggl37LfIcInGrQ&sai=AMfl-YRMBONqCYzPCFgUtBHmUmNtPG-AJXVagtbs4VE0ulD6s4WsYTRkhYlyQU3TSgBgk3d86NHAyA_zW8LuoqOOELX2PQ6-g_xfDF4jI90Ibz5_j5_5nYUM3JyHo5a3dLB91y5b1q5zDmOkUIuIfKk&sig=Cg0ArKJSzGay10-BEnboEAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 20 Mar 2023 04:12:57 GMT
truncated
/ Frame 40FE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f836b22fe146bf85e4ed7e9ee95732f37691d0c6d81babf2a5b51be1c32af97

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 40FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEVoNfeQbgnJLtZJiV6zyx6RggvKsc66E8ubvaYucU3jlJbrqyCv5PVv20MGg7AD2asFx13yxQ-iwM7hHUJ4TB0z7dItgM8pys5VjMNicO0q9tsPxFk-4rzaQqSLTU08rDGJH8oq8mwM9OFsHEHiUjJlNHZIkh0xAgQ7h57uaP3HuJv3a_HzyYcUp2Zc5_2WA381XEmEbbMJAnN_fdLqyWwjLTpx0mes7iaH-0utRHadWO09JB6QbPUqemv5ZTVs5C3mjdozFJYTGTamui-Qh-zzkO4sTWMGvoR7kiNVyaVujf2_NrRLsqLm24YqaiqKp8kA&sai=AMfl-YQl7K4cuuA90Fz-YT-v92FPgiMl_4PeBXt2kx2L20_9g9dBMvDEwy5aYk-yUTREZ82COXrhksX1-BIXgD6b_Of7J41YvlCgQC6-cbGJf_V4PJquxS8FGYhRPO4rLNMIXbkogUa0HemVXnpdOYI&sig=Cg0ArKJSzBhh0z2mtTojEAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 20 Mar 2023 04:12:57 GMT
truncated
/ Frame 0459 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
585f644a3d7c359d59918c2310af6cda839313808538b4004a4b604c19664df7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0459 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunBBNwM8Qb0M84OpUYrbCFi4yrwdwAYwErtKZLtuWYe84kWaH5l2rO3JEudVC9JUMxVtOI_I3R2rNr4U9rwSy2V_baxHChkqOixFhQ-qcSut-5HSj-m4Wexn-wD1nVIDjmGPotoJsd-aYtkBwoUwGYypbpis26lCyp-AVk0DuxduDwTEiyJpXK06_3qqsCqP3A7Rf0xgfTcauifZjsvgULHZgdRgLfYAA7QbLGFmvTO_hkkT2xEke-l02mpYYZwOo-xExjrKEYyprbB3p_PnVaIv3Jv27LKz1ub60J-2UPCi54kOrAGrL2Dev-1Q1LxpvPCg&sai=AMfl-YT5gn1SUP3LMzaqc69hPemUpILNUqNMFMsOSi-3tzqYEItguNQr4SBk8qy4osDq29hPf9FK5dHsHA1dOGbhMgyrCwUHfPuuCKfJ3l78xHGxOj81m-zWJnbUw82fVFw2fc4FEpAxOq5wjoGcrYA&sig=Cg0ArKJSzC4QzeMOEXfoEAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 20 Mar 2023 04:12:57 GMT
generate_204
tpc.googlesyndication.com/ Frame AE7F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_dq3JQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame D83F 		0
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGMiVxd0BMAE&v=APEucNXD2h31w5LHqn-nxNSnc8P33y2iaiOWZwwWhyj7RbsBK0TRtMPR6vwQVtzOxnIAqs3Yl6-fYwJhG2Bp7NNhNKaDIm8S7g
Requested by
Host: d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com
URL: https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 20 Mar 2023 04:12:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 662B 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 18:18:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
35662
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9101
x-xss-protection
0
server
cafe
etag
583283675565503348
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Apr 2023 18:18:35 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/elements/html/ Frame 662B 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c884d0fa4ce72b3abf613a4b373bee64b6d65e9e888a4dfb80126f393e37621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 18:18:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
35662
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3014
x-xss-protection
0
server
cafe
etag
9808071744210312579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Apr 2023 18:18:35 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 662B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXh6floHSu7HBlBCBE4fMdWcs24F6vZ25qI7mU6lMsviiMgekJitSYgkd-DIbTq8H5AyrTA4PadzAloCW7c7EyhbXZG1pN4h-OtbvOmxrwI9SRa877ZOVSo82L0uow-643KbzUqUPv_dFzgMxeif8KHVFVuoVV1qSSCFYyXis7B8pCPCmOpRLL9ciySzHNr1cdDOo158mOrt-cClTmk8k6PSvGHJ526YRRJK7v-EQrRzR5fSxLg4SIjbCKxz6Pck7rKxyZRJO9CqA6nwJrAT-JlOAhRqO-3T-i_kn-bMqS89tL78Hm2Yx9q80So01l9Gwbna9TK6SegM6nUiUIPSmgb61erMOOW8bU1KQMmZLjjJUxmmMqFwsJRez4tOBD1LrRvX8vDhpQUud2nK4i7sFoDHNaXvrkaOaiD6FpHnUWXjtFnlrSUw6A8AqPMrVYLDCTO-5AaNh_rkci_EffXAlnrD29ZxSgodmVDdlc9PCCOQj4gdioJjkl7UZM_z9oZnb4mY7sVIUk-VLAIfz5ed5SnaMr7tx32__yJpwtV2dczTvImejINFqcVArIulgdiN1qVYKaBBw7DsTtOkKO9fn-gHjzs7hJfZR0ZXoLAunhsXroufdENAo5wmI9LP3lkbm_KthcIjrjGX0qfmLqpkNOirh5ZX9oJHRxuXh45t4_n36epNN4Pf3bibSM1EAw9QO3zshcWPSoufX_rD4zgjATt8b16TWiWgt0pWobdX-FZiBA4Kg-95nVfgzmhbEpiWtXfizLI4qzHpIQqf1zBQ2j4PaljnG6eLYkXBjJusrzk1MS3dHPy4t5sh-oVT5sQy3nVCXXV0Vcz8WBZC2kSsDN7ciWB0UnFsBNuqD0oj5CsL_tqsvpfziZTfTgidnaZa6-aau1uiAiXLUkD_1UVr6nyO5Ebe0bKCRWDJs8bG9MX8l_tUQtZW9SPJP0clXZLRr8Pytp8wfz7ezvcQHDJE3N1LgE-Hozb_d3at_2LZ4vXyJtM88g3xycC8vOacQ3YjUnvKvXrT0XnBqt7dMENj_G_NgRVAt47vgqgwKTI41uY-MjyhiQGye__CshKwx-AJW9ZizyUCcoAw2avQ6B9g5_qjn384Pog1K1qRP3D7bXNmN1dVfh_v7x_AYA5YrixmiGnXe9vpYqguFgSMRYRpuHyquY&sai=AMfl-YQhDVK37uMk9gGCWjHpHNYxCA6lVACrbqxSqKmpavEX_uKkw-jiwe9w5q6qmgmTkTFIVELqDcRzLMvlxj9VUJ81z9aQtd9LjZlakOPUqaJL002cmfSNYSeUB7gkhK9vqSsyP0g4XArcqRZ9pjP2u9I_a5qvQ5xwMmTxJTBU1hWLy-4kxf3gzJ--c8ALEPUhVJ7bux5p8H9iik0cBHilm5B3XewOg9DKnGEJt1DaZbxEZERYhTSZsJycojvk8BNuCjeOP8K_weJHhzc9dc3l7JU-Tz60uw5DKKj2pr04kMIaucxhdesemN41A5oa5i7JItCQEkZ6rMX72j4qKvjiUqe5GUPAG5uPtD7rLKmrN9HI8GKz2EV_79tWk969W6bdbhd4UNAeVRulmrD5HpQ4URtKIz13C-3vQcLt3ybI7Yw-mMDr8CxrpRjRnoywbBrQGJ-TLQL9nq4XpqdtCvCW9PEEWw&sig=Cg0ArKJSzDFgCkwBy6U6EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230315.60111&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 20 Mar 2023 04:12:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 20 Mar 2023 04:12:57 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 662B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 06:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163554
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Mar 2024 06:47:03 GMT
8802555451024282535
s0.2mdn.net/simgad/ Frame 662B 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8802555451024282535?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qn9dLCnIM3w6ulqrjvJ2Foxod0rgQ
Requested by
Host: d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com
URL: https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42bfcc13f63c3b068a4f59c188ad224ab48d2e3d91ce033311da926be2327249
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 15:52:26 GMT
x-content-type-options
nosniff
age
390031
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25554
x-xss-protection
0
last-modified
Fri, 30 Dec 2022 14:21:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Mar 2024 15:52:26 GMT
/
pages.protectsubrev.com/ 		21 B
499 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pages.protectsubrev.com/
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ce1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW02
Resource Hash
57de05264028a31a958c3315bb559a979fced7919c8920a4c36beaa14c5db5a1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 20 Mar 2023 04:12:57 GMT
content-encoding
br
referrer-policy
origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
RCW02
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHrayGEriqBcqTFVSfiyw0rREseHC0K4fuuP7t3GrxI3N7WUXDvDm4r0fRGL2dxDN7k8YnCjGgVDRxvXhgC1SmXDo8nLl5%2Ft%2BqAh0ZjTHZCISKa89H2OCnlI8A6ptt7s9C1f3bAXPYYb3BujPdDAWbI6lEQd"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
cf-ray
7aab1ead3eaf3a7e-FRA
expires
Wed, 22 Mar 2023 04:12:57 GMT
truncated
/ Frame 662B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04ba562698396e5908aa02541c734d86fd237785b35698f2854c4f78086d6cf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F56B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
157295
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Mar 2023 08:31:22 GMT
expires
Sun, 17 Mar 2024 08:31:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 662B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXh6floHSu7HBlBCBE4fMdWcs24F6vZ25qI7mU6lMsviiMgekJitSYgkd-DIbTq8H5AyrTA4PadzAloCW7c7EyhbXZG1pN4h-OtbvOmxrwI9SRa877ZOVSo82L0uow-643KbzUqUPv_dFzgMxeif8KHVFVuoVV1qSSCFYyXis7B8pCPCmOpRLL9ciySzHNr1cdDOo158mOrt-cClTmk8k6PSvGHJ526YRRJK7v-EQrRzR5fSxLg4SIjbCKxz6Pck7rKxyZRJO9CqA6nwJrAT-JlOAhRqO-3T-i_kn-bMqS89tL78Hm2Yx9q80So01l9Gwbna9TK6SegM6nUiUIPSmgb61erMOOW8bU1KQMmZLjjJUxmmMqFwsJRez4tOBD1LrRvX8vDhpQUud2nK4i7sFoDHNaXvrkaOaiD6FpHnUWXjtFnlrSUw6A8AqPMrVYLDCTO-5AaNh_rkci_EffXAlnrD29ZxSgodmVDdlc9PCCOQj4gdioJjkl7UZM_z9oZnb4mY7sVIUk-VLAIfz5ed5SnaMr7tx32__yJpwtV2dczTvImejINFqcVArIulgdiN1qVYKaBBw7DsTtOkKO9fn-gHjzs7hJfZR0ZXoLAunhsXroufdENAo5wmI9LP3lkbm_KthcIjrjGX0qfmLqpkNOirh5ZX9oJHRxuXh45t4_n36epNN4Pf3bibSM1EAw9QO3zshcWPSoufX_rD4zgjATt8b16TWiWgt0pWobdX-FZiBA4Kg-95nVfgzmhbEpiWtXfizLI4qzHpIQqf1zBQ2j4PaljnG6eLYkXBjJusrzk1MS3dHPy4t5sh-oVT5sQy3nVCXXV0Vcz8WBZC2kSsDN7ciWB0UnFsBNuqD0oj5CsL_tqsvpfziZTfTgidnaZa6-aau1uiAiXLUkD_1UVr6nyO5Ebe0bKCRWDJs8bG9MX8l_tUQtZW9SPJP0clXZLRr8Pytp8wfz7ezvcQHDJE3N1LgE-Hozb_d3at_2LZ4vXyJtM88g3xycC8vOacQ3YjUnvKvXrT0XnBqt7dMENj_G_NgRVAt47vgqgwKTI41uY-MjyhiQGye__CshKwx-AJW9ZizyUCcoAw2avQ6B9g5_qjn384Pog1K1qRP3D7bXNmN1dVfh_v7x_AYA5YrixmiGnXe9vpYqguFgSMRYRpuHyquY&sai=AMfl-YQhDVK37uMk9gGCWjHpHNYxCA6lVACrbqxSqKmpavEX_uKkw-jiwe9w5q6qmgmTkTFIVELqDcRzLMvlxj9VUJ81z9aQtd9LjZlakOPUqaJL002cmfSNYSeUB7gkhK9vqSsyP0g4XArcqRZ9pjP2u9I_a5qvQ5xwMmTxJTBU1hWLy-4kxf3gzJ--c8ALEPUhVJ7bux5p8H9iik0cBHilm5B3XewOg9DKnGEJt1DaZbxEZERYhTSZsJycojvk8BNuCjeOP8K_weJHhzc9dc3l7JU-Tz60uw5DKKj2pr04kMIaucxhdesemN41A5oa5i7JItCQEkZ6rMX72j4qKvjiUqe5GUPAG5uPtD7rLKmrN9HI8GKz2EV_79tWk969W6bdbhd4UNAeVRulmrD5HpQ4URtKIz13C-3vQcLt3ybI7Yw-mMDr8CxrpRjRnoywbBrQGJ-TLQL9nq4XpqdtCvCW9PEEWw&sig=Cg0ArKJSzDFgCkwBy6U6EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=89&vt=11&dtpt=88&dett=2&cstd=0&cisv=r20230315.60111&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 20 Mar 2023 04:12:57 GMT
n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js
pagead2.googlesyndication.com/bg/ Frame F56B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 10:13:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
151176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14330
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Mar 2024 10:13:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F56B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeYl0R90XZMP7OJCVgQec8ZnIDgAAAAA4AeAEAg&bg=!JCelJ3PNAAZEjmHWZI47ADkAdvg8WkSbLbg6UXuo65iyOuHe60n_UeZ6Mn0urQW3XXrTQ43XZ10dPcsOn7j8lT7EjMdin607ljQCAAAAY1IAAAACaAEHmQLzwQnXSn0z1QRalRryKCBkhwmkdYcfYlQt8hLLE1xd5C5naDEk3lwycBCwQHjUeb67VugvPCGYuhzLaKZ28frx5tcw53wNpRDdOiZzyMMA4AQEBxPPr1BDGuTTmdaPrt9EyxfDYTRUI2jHWsZ9meWCzUbXB1VY1UY1ISzYvc6gT0IgWy29zr7bcmLC6oJWwVtg7KSSwCUiIME3-1CXJkX7-lxU3PF910KitRrhHpLDP7LHvtCDCcYz2U1fTifK9RGH6CYXUg3cXRjfcroLMFRjtw8r3r_PhdXNwHzeNuTG0f0NGIBeQ832PTl6K_oY4iNmodoEh4K0aCtkNu8K2hfhhOdqYQ9OQQH-FP9JXJ-05w6GkZ_3h19qmATnZUZSpa0IwQXuoxpDuvhlR55Pcbve1cYmtrLK6XW9t7rpYH1PJsfTlK90DJ9Jkand0_EX0RTMUzFYt99ea1TN9xVPRtQw7Ome27UjeLOF9QpXqlazi2CXEVhq7eFNw7E6Dj3EmfPiiz4f1Q545vWI-G_sDU2Djd0uLFPA-x37Trwb7xn6j77NalnrNdJHil0kCoEgx3Lga4zkR01DL8B76SUGcCf3uxKCcV13P7xfqRikowPlp5MUViY5fc249Ecr8AUbpAbWVBLdqplmYOFIgkf3ewX_JrIylcv2W4cwch5QKf1nHVcTwad0DF2iS-7TAzH9ytSr5U8JptNEROR4uHlBgzFMLuMAExai1gbNSkprpf8vHJbKysBX8FTA7lTApCDZch_WygWV_wUHC89nRbyGHxV91dTMyJjZ_yaFCr9NhnuuBFgkuaRRooVdjy5DYSLwau4vBIvQs0yJnzPnS8tNc-EROlsG-E61ptHMSvFyqQjJM4ceGxlayz2ewMmitoDzeQz_S6wwAd1o8z5uX1m8QGm_xwfVNFofJ-nfFCA2wzVc7960Dw0Xb7xnyfQfA4F1J2DO03Vb29CX0P2agIuVo664haW2SZFrIoQ1tFI6TynUSHR1BCQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023031301&jk=2240090808306212&bg=!0tGl0YXNAAZEjmHWZI47ADkAdvg8WqyRkKplJeyXb0ZjmZGzJAejKoT3Tt112L6SsxnG-bu2WWqc0C0p7iomFXQ5cSmV9zSKxcICAAAGCFIAAAACaAEHCgB15ggiufsLfJRNEVsU1z_O6SS2q1sN-1Qe-uXwxnbHxpdBygV6sadTYvBa67ioSpk-hAsUhvsxAaumsrBYh82DzPdyVY-69PlRLrNezzelkyUfmg7aJhwWnd4GjvRplV5fol5LfraoVXqjkglg1f1vZ2qp-QyrmQKhRQ6D530ST8nBXDPWSAuazN8bguxuI9qa5ab0oUluVX0AZuzCy4TamvacyuArdh-JbMibfWJcSoGpzxM90BhmaprFD4MtfEoaFnF6HxbRptMd6vEELR4u5jCd-QxV2T6ABNssc80Uu2zDKKlw3-oOSY9h563NALuKnSLQv2qARxqQGCQKiA86oS-07e05PJbM51YyYfV1p6JxxyRbNvqQaU6O0hrFyj5v5-Tt06as_4L-2Fsn-_bWpw0nNXa7x0Id7LRrEtxp1Nhl57ZJnpDvxL4grx9oKDBDilwHhgi8suJ9feBJW-tsEOwGOeJrmUd2KMa1MawvD0vyBYX6VMaQws-uhUV-XgDq9ZZkW3keDENcRy7-GbGWh9CB7JTx2u8UD20lS0wYKTMZRH-b_kIwPDmsAzxuR_E9W316usdR4mq8VTk8hyW0Xq9RdWt7t0F4dcud24K-U0hRewxtcSOCgLPXZGn2H_uO8q6knb0AkVNm68u3K2Xq07IjMQeHU65M47KL4kCX8kLddCfofHeUAo13JpokpQ5-1EcXBMtTPAsWHNf3H8Zj9BnZmhpFJowOclWnecHdn68M20yhSjE5y7AaRXft4DIsP4G51lCR4h-HVJWxqB_I-qN3RGpeiyG5yMRkr2GJOoFbqL4s69vb0Qz1bPAGjOmveCkNH0ctBlunWH5ETq2A_duIOI_qXDtJp7LMre_SpiDXWdynOYYWppHUggna7PtJa-z-bO_hkToFH2oqriw-1sLh0SzlbeNY_10Zy1NYHrm_PyYL6cyt3gNgsJWzhUc1H7OVNb0w_hTNcx-XC7vA9aDJR0-aXhh7g7iMqd3bNv0i8NvTYLSb7ZHsQPlP_IXOpbBRa4QHu8e_y9D9urEoQFe3xqNTh2ec1g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 40FE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLXHAaL8ZSZI9sO7WHfwjLLZjj-z9qF5ZSMf7AXtDBhS7QADinY-hiq5aIe15HSeVW7JIIsYU0C7gpYioxAzt6T6GqHGUE3Keq5fQhWjAP03KFoY_9&sig=Cg0ArKJSzHxX4QcUXcjJEAE&id=lidar2&mcvt=1001&p=503,985,1103,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230315&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4073741235&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679285576419&rpt=872&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.html
public.servenobid.com/ Frame B971 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-39.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ae5f7dca940babf67426aa739d7d180e8dde58abbdde72922906b4722cb6194

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2226
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 20 Mar 2023 03:35:52 GMT
etag
W/"4dc57f6310f2853a6da322ffcbc1c102"
last-modified
Tue, 07 Mar 2023 01:05:50 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 1f7383179aa19c47a962c46236696426.cloudfront.net (CloudFront)
x-amz-cf-id
20Gw9Qhg3XH5E4Iex4Iycf5tpRWfXd25SRuHPHs8Oc4Jmj_IA1xz-g==
x-amz-cf-pop
PRG50-C1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:e3fcc3fd-9316-4d7f-8487-bb7d8605ed21
x-amz-meta-codebuild-content-md5
f4a9934e09542caa2f44098eba6539d5
x-amz-meta-codebuild-content-sha256
5c5e107297f535643ded8d8079110b49886c3922cdb4f676431899008ea869b1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 13BE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.114.218 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-114-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=166649
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 20 Mar 2023 04:12:58 GMT
expires
Wed, 22 Mar 2023 02:30:27 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 7507 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.24.0
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:f76:14f7:d635:25c4:c8d7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFA) /
Resource Hash
0f4328dd583577482da89d8af94cd1146cec997553dd53bc2f9ee3d406cfa9ce

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
249
cache-control
max-age=900
content-encoding
gzip
content-length
6755
content-md5
HcWFhk+tXaF3NZt1fPMIOA==
content-type
text/html; charset=utf-8
date
Mon, 20 Mar 2023 04:12:58 GMT
etag
9f484a91-0039-4789-8873-641b0861cba7
expires
Mon, 20 Mar 2023 04:27:58 GMT
last-modified
Thu, 02 Feb 2023 14:10:57 GMT
opc-request-id
iad-1:OmSyq0O3D9p9fqgPYFNU3nqOHmFxjJXwBKRXReBsGUACaiDm7xJ5fxWk-N8qLBMn
server
ECAcc (frc/4CFA)
storage-tier
Standard
vary
Accept-Encoding
version-id
68d8e56e-76a4-4241-8b88-07572b4580e7
x-api-id
native
x-cache
HIT
services
sync.technoratimedia.com/ Frame 7507 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.technoratimedia.com/services?src=prebid_prebid_7.24.0&srv=cs
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.24.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:bf17:cd18:9a23:846c Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:58 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
113650029
access-control-allow-origin
https://ad-cdn.technoratimedia.com
access-control-allow-credentials
true
/
pages.protectsubrev.com/ 		21 B
362 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pages.protectsubrev.com/
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ce1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
57de05264028a31a958c3315bb559a979fced7919c8920a4c36beaa14c5db5a1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 20 Mar 2023 04:12:58 GMT
content-encoding
br
referrer-policy
origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
RCW03
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvP47q7YIpQm5%2FtsFc5Y8jD8vh%2F%2BPE5CuGuqaINKSDI09Wl0gm8Cfa357vL%2B1LEXLEmnuHq3%2FMOc2KobgGiPESiJ6%2BW63mNfYgjDlRCp1NAwu24Xaq8ZCphlFgCrFZJ9ey8BAmApu2VCGnvMTSORjwb47gI0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
cf-ray
7aab1eb30bd83a7e-FRA
expires
Wed, 22 Mar 2023 04:12:58 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 13BE 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=61098501&p=158976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
783f95bdb0fd90f77d7b18786b7f989bfc1b7e4259354dd508452e288f4cb875

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 20 Mar 2023 04:12:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
13926
g2.gumgum.com/usync/ Frame A769 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.57.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-57-86.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ab38fe99e98429ae5f7282a29cbb5c9e3069497b1d87541d8306cd8985db722c

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 20 Mar 2023 04:12:58 GMT
etag
W/"0321b22e1b6d46420b0f7130bb82a03a2"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame ABBF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 0B76 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
6290db52494853affbe5ebe8e80224f7acd3dbbebf8c05e3d1a5a76f0767d033

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
1130
content-type
text/html
date
Mon, 20 Mar 2023 04:12:58 GMT
usermatch
ssum-sec.casalemedia.com/ Frame FF8B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
193c53898d819e7d4c5908257aacca5bf45052ae0128b084c252b4f7a71ab79e

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1912
Content-Type
text/html
Date
Mon, 20 Mar 2023 04:12:58 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 20 Mar 2023 04:12:58 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame 8429
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Mar 2023 04:12:58 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 20 Mar 2023 04:12:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 22F1 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.114.218 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-114-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=166649
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 20 Mar 2023 04:12:58 GMT
expires
Wed, 22 Mar 2023 02:30:27 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 5F74 		0
483 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2800:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Mon, 20 Mar 2023 04:12:59 GMT
via
1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront)
x-amz-cf-id
4DuVutwCAPNIjsyzkfm1rRf17Abffqebt1ujFvXXb2iud4zAhsyylw==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user-sync
sync.adkernel.com/ Frame 15A3 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 20 Mar 2023 04:12:58 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 645E 		0
329 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.123.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-123-72.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Mon, 20 Mar 2023 04:12:59 GMT
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame B971
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
  • https://ads.servenobid.com/sync?pid=312&uid=5579419736757048559
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=5579419736757048559
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.135.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-135-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:58 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Mon, 20 Mar 2023 04:12:58 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
251049c0-0ee8-4f8f-8957-3ba595452dba
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=5579419736757048559
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame B971
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=GVw8sRZHJKyhEmuUSSyc4wj3
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=GVw8sRZHJKyhEmuUSSyc4wj3
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.135.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-135-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:58 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:58 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=GVw8sRZHJKyhEmuUSSyc4wj3
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame B971 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 20 Mar 2023 04:12:58 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame B971
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1679285578828
  • https://ad.turn.com/r/cs?pid=45&rndcb=3816890823
  • https://sync.1rx.io/usersync/turn/7434213496204211953?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-49a8d4a9-6d13-4178-8b2f-c6165c7b5fcf-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-49a8d4a9-6d13-4178-8b2f-c6165c7b5fcf-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-49a8d4a9-6d13-4178-8b2f-c6165c7b5fcf-003
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-49a8d4a9-6d13-4178-8b2f-c6165c7b5fcf-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.135.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-135-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:59 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-49a8d4a9-6d13-4178-8b2f-c6165c7b5fcf-003
date
Mon, 20 Mar 2023 04:12:59 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX49a8d4a96d1341788b2fc6165c7b5fcf003
content-type
text/html
sync
ads.servenobid.com/ Frame B971
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5140084924258708728
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5140084924258708728
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.135.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-135-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:58 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5140084924258708728
Date
Mon, 20 Mar 2023 04:12:58 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame B971 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-26
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame B971
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=68c6aa77-a31c-42fb-874b-6c9ebe58eb59&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=68c6aa77-a31c-42fb-874b-6c9ebe58eb59&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.135.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-135-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:58 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=68c6aa77-a31c-42fb-874b-6c9ebe58eb59&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Mon, 20 Mar 2023 04:12:58 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame B971
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-4Yxabc5E2uFnMAv28KroAMQ9ySD3PtT390sUo5M-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-4Yxabc5E2uFnMAv28KroAMQ9ySD3PtT390sUo5M-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.135.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-135-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:59 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-4Yxabc5E2uFnMAv28KroAMQ9ySD3PtT390sUo5M-~A
date
Mon, 20 Mar 2023 04:12:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame B971
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-492e9ed7-296a-3797-b587-3d5b67c1f6bd
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-492e9ed7-296a-3797-b587-3d5b67c1f6bd
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.135.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-135-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:59 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-492e9ed7-296a-3797-b587-3d5b67c1f6bd
pragma
no-cache
date
Mon, 20 Mar 2023 04:12:59 GMT
cache-control
no-store
server
nginx/1.22.1
content-length
0
expires
0
sync
ads.servenobid.com/ Frame B971
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-4Yxabc5E2uFnMAv28KroAMQ9ySD3PtT390sUo5M-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-4Yxabc5E2uFnMAv28KroAMQ9ySD3PtT390sUo5M-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.135.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-135-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:59 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-4Yxabc5E2uFnMAv28KroAMQ9ySD3PtT390sUo5M-~A
date
Mon, 20 Mar 2023 04:12:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame B971 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.251.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-251-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:58 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 662B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGFXwf1PwNHAjJmmj1lRubA80U6OwpbStnctFdC-abGUU8F0FdftkVKmDDf4FxGgfT-MeQRNmgvz_YFQWCXrCE3-3qKhVf9a7b5Nep_fKygbYGQdVW8pokJBwyIh0oUQs2ZDQXaQ&sai=AMfl-YT0Vut0-EF_9SvfGA75WjDAWbzR8LN6f8ktRYTlohEBqwfr3hTKTZD6006kHgsN_TehvASYMBlGIiF-qJ8v1T96fzfqhIpJNhIT_VkAldLg-oo9ffRIguSTZyjWF3qo6s99Bs-M1lV_GTiT&sig=Cg0ArKJSzHhwEzdwCRBwEAE&cid=CAQSSwDUE5ymCG9FUrVG0z_4VmwjHC5P7c7DlY8yIaOsiWU40RFrTHpQhZtBEHg3kpDcopVxVad0wfrzKLL9lFajcVyxbg5DDE_VaZ0kpBgB&id=lidar2&mcvt=1000&p=154,436,244,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4044648982&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679285576357&rpt=1453&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8BB0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:16d56417-dd4c-4300-b9aa-69d8e7efa347&gdpr=0&gdpr_consent=
42 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:16d56417-dd4c-4300-b9aa-69d8e7efa347&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Mar 2023 04:12:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 20 Mar 2023 04:12:59 GMT
Expires
Mon, 20 Mar 2023 04:12:58 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 622 a74c1f2 master zrh-pixel-x1 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:16d56417-dd4c-4300-b9aa-69d8e7efa347&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame E356
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7805569497189692645
42 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7805569497189692645
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Mar 2023 04:12:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7805569497189692645
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 2A2E 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 20 Mar 2023 04:12:57 GMT
expires
Mon, 20 Mar 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
253216
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 13BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pdj1iS53R8-bp6gYOam5oQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Server
23.54.114.218 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-114-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:58 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=166649
accept-ranges
bytes
content-length
5554
expires
Wed, 22 Mar 2023 02:30:27 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 13BE 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.149.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-149-6.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.6.126
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 13BE
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=553623175
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:58 GMT
via
1.1 google
last-modified
Mon, 20 Mar 2023 04:12:59 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1
date
Mon, 20 Mar 2023 04:12:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
ddp
a.audrte.com/ Frame 13BE
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Mzk1UnRPak0wSFVTM0NXTHgzdFZGbWRYQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
HTTP/1.1
Server
34.233.114.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-114-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
339
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 13BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTVEOEY1ODktMkU3Ny00N0NGLTlCQTctQTgxODM5QTlCOUEx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Mar 2023 04:12:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 13BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENLGtmyaP0tN45dbVIr6JSc&google_cver=1
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENLGtmyaP0tN45dbVIr6JSc&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Mar 2023 04:12:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENLGtmyaP0tN45dbVIr6JSc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 13BE 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:58 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 19 Mar 2023 04:12:58 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 13BE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9186688692752709113
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9186688692752709113
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Mar 2023 04:12:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9186688692752709113
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 13BE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 20 Mar 2023 04:12:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
A5D8F589-2E77-47CF-9BA7-A81839A9B9A1
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 13BE 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A5D8F589-2E77-47CF-9BA7-A81839A9B9A1?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:8a7a:282c:c25e:4d1f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 13BE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-3Vq.ZLxE2uWDRIIdYYYrDGyAnXffHM8-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-3Vq.ZLxE2uWDRIIdYYYrDGyAnXffHM8-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-3Vq.ZLxE2uWDRIIdYYYrDGyAnXffHM8-~A&gdpr=0
date
Mon, 20 Mar 2023 04:12:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.js
eus.rubiconproject.com/ Frame 8429 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5712876d9cf41eb9b0b359976e092ea433f81120f04f8cb5a9ee9d7ea02ccd4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 20 Mar 2023 04:12:58 GMT
Content-Encoding
gzip
Last-Modified
Sun, 19 Mar 2023 17:38:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48343
Connection
keep-alive
Content-Length
9997
Expires
Mon, 20 Mar 2023 17:38:41 GMT
usersync
usersync.gumgum.com/ Frame A769
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5579419736757048559
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5579419736757048559
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Mon, 20 Mar 2023 04:12:58 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b008b641-222f-49b1-9ee4-ec5be4b1876e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=5579419736757048559
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame A769
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5ae7e20e-e8b9-44dc-8573-cef62824589a&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_5ae7e20e-e8b9-44dc-8573-cef62824589a&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=b10ef0a0-0159-4f1f-8635-fe5df9a2688e&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=d86575a8-4f90-4af1-a03b-271c755e720f
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=d86575a8-4f90-4af1-a03b-271c755e720f
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=d86575a8-4f90-4af1-a03b-271c755e720f
date
Mon, 20 Mar 2023 04:12:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p-cxanv6hYFn1kw.gif
cms.quantserve.com/pixel/ Frame A769
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%284svinRr87yVt9Lb4SI16CNQyB4eV8sR82WlH3nsyxPxFQV-VyOW4IceaV0ryEykm%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_5ae7e20e-e8b9-44dc-8573-cef62824589a&obuid=ENC(4svinRr87yVt9Lb4SI16CNQyB4eV8sR82WlH3nsyxPxFQV-VyOW4IceaV0ryEykm)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid=4svinRr87yVt9Lb4SI16CNQyB4eV8sR82WlH3nsyxPxFQV-VyOW4IceaV0ryEykm&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid=4svinRr87yVt9Lb4SI16CNQyB4eV8sR82WlH3nsyxPxFQV-VyOW4IceaV0ryEykm&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:59 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location
https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid=4svinRr87yVt9Lb4SI16CNQyB4eV8sR82WlH3nsyxPxFQV-VyOW4IceaV0ryEykm&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Date
Mon, 20 Mar 2023 04:12:59 GMT
X-TraceId
797806e7df9fb8bc1ab76eeb0540a4dd
Content-Length
0
usersync
usersync.gumgum.com/ Frame A769
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=ad027281-e541-4305-96ee-13e4fe76669e
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=ad027281-e541-4305-96ee-13e4fe76669e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 20 Mar 2023 04:12:58 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=ad027281-e541-4305-96ee-13e4fe76669e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame A769
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-15e546a9-e96d-5027-53f1-eca68a1fd45a$ip$37.58.58.250
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-15e546a9-e96d-5027-53f1-eca68a1fd45a$ip$37.58.58.250
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-15e546a9-e96d-5027-53f1-eca68a1fd45a$ip$37.58.58.250
Date
Mon, 20 Mar 2023 04:12:59 GMT
Connection
keep-alive
Content-Length
126
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame A769 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:8a7a:282c:c25e:4d1f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame A769
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=cd1c0b43-468b-4f93-8878-2abfb71b3cb6
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=cd1c0b43-468b-4f93-8878-2abfb71b3cb6
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=cd1c0b43-468b-4f93-8878-2abfb71b3cb6
Date
Mon, 20 Mar 2023 04:12:59 GMT
Connection
keep-alive
X-CI-RTID
618585e4-f45e-4fc8-ad99-272d1bacdcf8
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame A769 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:bf17:cd18:9a23:846c Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:58 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
163614265
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame A769 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:58 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame A769
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5ae7e20e-e8b9-44dc-8573-cef62824589a&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=rWsdrrnrwqteyAml3Uo_&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24SXONSHE4TOOJ3XC5DFPFAW23BTKVXV6...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=rWsdrrnrwqteyAml3Uo_&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=rWsdrrnrwqteyAml3Uo_&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=rWsdrrnrwqteyAml3Uo_&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame A769
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=e9c4f6db-b7b4-48ee-8f09-941cd79e2b70
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=e9c4f6db-b7b4-48ee-8f09-941cd79e2b70
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=e9c4f6db-b7b4-48ee-8f09-941cd79e2b70
access-control-allow-origin
*
date
Mon, 20 Mar 2023 04:12:59 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame A769
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=8HeaTlRlfebF&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=8HeaTlRlfebF&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(9.4.50.v20221201)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=8HeaTlRlfebF&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7bbb45b5f-k97cs
expires
-1
usersync
usersync.gumgum.com/ Frame A769
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=2574575548534406320
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=2574575548534406320
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=2574575548534406320
date
Mon, 20 Mar 2023 04:12:58 GMT
content-length
0
sync
ads.servenobid.com/ Frame A769 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_5ae7e20e-e8b9-44dc-8573-cef62824589a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.135.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-135-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:58 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame E24F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=b0716417-dd4b-4a00-80ec-a9208ff39d1d&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=b0716417-dd4b-4a00-80ec-a9208ff39d1d&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 20 Mar 2023 04:12:59 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 20 Mar 2023 04:12:59 GMT
Expires
Mon, 20 Mar 2023 04:12:58 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 569 46451a0 master zrh-pixel-x3 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=b0716417-dd4b-4a00-80ec-a9208ff39d1d&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 5116
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZBfdSgAAApCRDQAG
  • https://usersync.gumgum.com/usersync?b=atm&i=ZBfdSgAAApCRDQAG&gdpr=0&gdpr_consent=&_test=ZBfdSgAAApCRDQAG
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZBfdSgAAApCRDQAG&gdpr=0&gdpr_consent=&_test=ZBfdSgAAApCRDQAG
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 20 Mar 2023 04:12:59 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 20 Mar 2023 04:12:59 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZBfdSgAAApCRDQAG&gdpr=0&gdpr_consent=&_test=ZBfdSgAAApCRDQAG
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220068-HHN
x-timer
S1679285579.054580,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame F409 		170 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81YWU3ZTIwZS1lOGI5LTQ0ZGMtODU3My1jZWY2MjgyNDU4OWE=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 20 Mar 2023 04:12:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F3B3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.114.218 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-114-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=166649
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 20 Mar 2023 04:12:58 GMT
expires
Wed, 22 Mar 2023 02:30:27 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame ADEF 		70 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 20 Mar 2023 04:12:58 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame FDF6
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZBfdS8Co5tAAAIOYO.UAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZBfdS8Co5tAAAIOYO.UAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 20 Mar 2023 04:12:59 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 20 Mar 2023 04:12:59 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZBfdS8Co5tAAAIOYO.UAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40316.dc2p.scaleout.jp
X-SO-IP
37.58.58.250
X-SO-Key
ZBfdS8Co5tAAAIOYO.UAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZBfdS8Co5tAAAIOYO.UAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40316"}
X-SO-LB-Hostname
a-tgng40012.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40316
usersync
usersync.gumgum.com/ Frame 7818
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=e_5ae7e20e-e8b9-44dc-8573-cef62824589a&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
  • https://usersync.gumgum.com/usersync?b=aad&i=2eb9a1cb-af76-4c04-9dfa-25ce4543fa4d
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=2eb9a1cb-af76-4c04-9dfa-25ce4543fa4d
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 20 Mar 2023 04:12:59 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Mon, 20 Mar 2023 04:12:59 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=2eb9a1cb-af76-4c04-9dfa-25ce4543fa4d
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usermatchredir
ssum-sec.casalemedia.com/ Frame E41A 		43 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 20 Mar 2023 04:12:58 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
dcm
s.amazon-adsystem.com/ Frame FF8B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBfdSghJmZ8sif1FkjKm7QAABIYAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBfdSghJmZ8sif1FkjKm7QAABIYAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBfdSghJmZ8sif1FkjKm7QAABIYAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RW23E8KZPVBQHFFQE74Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FYV6ZPWSD5EPW2AHMNHX
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBfdSghJmZ8sif1FkjKm7QAABIYAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame FF8B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 20 Mar 2023 04:12:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame FF8B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZBfdSghJmZ8sif1FkjKm7QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRE0EEA5RYuJyoPV-3SXVw&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRE0EEA5RYuJyoPV-3SXVw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRE0EEA5RYuJyoPV-3SXVw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame FF8B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZBfdSghJmZ8sif1FkjKm7QAABIYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHNtrapP-ttacN_OHwMqcv0&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHNtrapP-ttacN_OHwMqcv0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHNtrapP-ttacN_OHwMqcv0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame FF8B
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Mon, 20 Mar 2023 04:12:59 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
rum
dsum-sec.casalemedia.com/ Frame FF8B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZBfdSwAC7eWRGAAG
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZBfdSwAC7eWRGAAG&_test=ZBfdSwAC7eWRGAAG
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZBfdSwAC7eWRGAAG&_test=ZBfdSwAC7eWRGAAG
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn-etou8220068-HHN
pragma
no-cache
date
Mon, 20 Mar 2023 04:12:59 GMT
via
1.1 varnish
server
Varnish
x-timer
S1679285579.072701,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZBfdSwAC7eWRGAAG&_test=ZBfdSwAC7eWRGAAG
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame FF8B
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084924258708728
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084924258708728
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084924258708728
Date
Mon, 20 Mar 2023 04:12:58 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum.casalemedia.com/ Frame FF8B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5579419736757048559
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5579419736757048559
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 20 Mar 2023 04:12:58 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ebf75b9e-7458-4827-a89b-332d77c6de8d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5579419736757048559
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame FF8B 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZBfdSghJmZ8sif1FkjKm7QAABIYAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.135.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-135-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:58 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 6CA6
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=IozpCbiYIOiQ73cp6ppk&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=IozpCbiYIOiQ73cp6ppk&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 20 Mar 2023 04:12:59 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 20 Mar 2023 04:12:58 GMT Mon, 20 Mar 2023 04:12:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=IozpCbiYIOiQ73cp6ppk&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 6482
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Mar 2023 04:12:58 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 20 Mar 2023 04:12:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync
ads.servenobid.com/ Frame 0B76 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=2248424364960431272&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.135.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-135-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:58 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
bsync
visitor.omnitagjs.com/visitor/ Frame 0B76 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
/
rtb-csync.smartadserver.com/redir/ Frame 0B76
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=8213165784806031838&gdpr=0&gdpr_consent=
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=8213165784806031838&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 20 Mar 2023 04:12:59 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=8213165784806031838&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 0B76
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=cc5cdc27-f49e-4177-996c-094aa3fceeb7&gdpr=0&gdpr_consent=
43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=cc5cdc27-f49e-4177-996c-094aa3fceeb7&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 20 Mar 2023 04:12:58 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:12:58 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=cc5cdc27-f49e-4177-996c-094aa3fceeb7&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
912346
content-length
0
expires
Mon, 20 Mar 2023 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 0B76
Redirect Chain
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03010010_6417dd4b0a410&gdpr=0&gdpr_consent=
43 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03010010_6417dd4b0a410&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 20 Mar 2023 04:12:58 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Mon, 20 Mar 2023 04:12:59 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03010010_6417dd4b0a410&gdpr=0&gdpr_consent=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
khaos.jpg
token.rubiconproject.com/ Frame 8429 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.js
eus.rubiconproject.com/ Frame 6482 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5712876d9cf41eb9b0b359976e092ea433f81120f04f8cb5a9ee9d7ea02ccd4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 20 Mar 2023 04:12:58 GMT
Content-Encoding
gzip
Last-Modified
Sun, 19 Mar 2023 17:38:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48343
Connection
keep-alive
Content-Length
9997
Expires
Mon, 20 Mar 2023 17:38:41 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 8429 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame 6482 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame 6482 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=4&c=2719&i=6lr0nn&p=ksl-com&s=6032&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI2bHIwbm4iLCJwYWNrZXQiOjQsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APQoaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS9yZWNhcHRjaGEvYXBpMi9hZnJhbWUiLCJ0eXBlIjoiaRAA8AVzdGFydCI6MTY3OTI4NTU3NjA5NoYAGGQUAKAyMDAsInNvdXJjPAAxbXV0fQDxC09ic2VydmVyQ0wiLCJzdGF0dXMiOiJsb2FksgBAYXNvbrEA1F0sImRhdGFQYXR0ZXISALJsaXN0IjpbXSwiaWoAzzczMDE3MTk1NTB9LOMABfECYXBwLnByb3RlY3RzdWJyZXbqAPAVYXBpL2dldHN0eWxlc2V0dGluZ3M_aWQ9cmMtQ2ZaZXViJnY91QED-gBSZmV0Y2ixAAr5AD8yMDH5AAAXMfkA0kZFVENIX01BTkFHRVJDAAL0AG9hbGxvd2X3ACGvODQ2MTU4NTE5MfcAB3NwYWdlYWQy3gFhc3luZGljgQEB_wACHgCTL2pzL2Fkc2J5AwImanPsAQ_yAAY9NTc58gAoNTjrAQ_yAECvOTUyOTk5NjkxOPIAB_ECYy5hbWF6b24tYWRzeXN0ZW3qAM9hYXgyL2Fwc3RhZy7gABFMNzE5M-AATzcxOTTSAUq_ODAxMTQ1NzY5NzbgAAcALQNhaWMua3Ns2QD2FmltYWdlcy93ZWF0aGVyL05ldzIwMTMvU1ZHL2Nsb3VkeS5zdmfQASBpbQ0ADbkDLTU1wAJHNzMyMu4AoGFwcGVuZENoaWyrAgCFAA-yAyivODEyNTY4NTYzOMkBCABkAA_pAEAdNNcBD-kAUQ-kAwkP6QBDHTSLBQ_SAVMfM7sCXS80N9IBYi84NOkAMU9yYWluogMUDpAED7kCSK83OTU5NDY3MDc35wBdD6ADWgbnAB81zgFcHzK1AlkG5wAPngMIAA0IH3MkCQAGPQYPDQgFTTc3OTDPAAEUAAX4CQ8NCECfODkyODgwMzI2uwEI8RZkNzBhNWI2OTRiMGEwM2FlOTNjYWZiY2MwYWRkZTFiZC5zYWZlzwoPIgkEBSAA8AgvMS0wLTQwL2h0bWwvY29udGFpbmVyLg8ABiEBDxoLBy4zNdgCKDgzTwgPYQc7rzA1MjQwNDk3MzfYAgcPHQF2LjUyPwIKHQEPNwxBEzgkAS85MBUDCQCqDSFjLq0MUW5vYmlkdQlPc3luY_sBFT04NTehBkc4NTc4XAmJaW5uZXJIVE0MDQ8YDCh_MDE3NzI3NbsFCcFhZHMucHVibWF0aWPTADFBZFORDQANDFV1c2VyX-QA_wQ_a2RudHVpZD0xJnA9MTU4OTc28gIQETgNDCJlbqINAiAOODg1OBMND_cAPJ83NDQ3NTY1NjSyBgjxB2FkLWNkbi50ZWNobm9yYXRpbWVkaWEBAQDKAxAv-gAG-QCzc3JjPXByZWJpZF8HAEE3LjI05g8DEQ4P8QMGPTg1OOIFAhQABRMFD_8APK85NTUxNTQzMDE58gMHD_8Aayg3MVEMsGluc2VydEJlZm9yXBAABQsPUgwoHzf_AH0N7wUaOP8AD9IEQQUFAR8yEhAMD-cHIyA4NxIOC9MDARQABdQCD-cHRj80MTnKBgg1aW1nEQ-Bc2xjLzI5MjAFACM4OQcA9hcwNy5qcGVnP2ZpbHRlcj1rc2x2Mi9yZXNwb25zaXZlX3RvcF9zbdgEA9IAAZwSCesRPTM5MVkNRzkwNjnPBQ_bAQsAdAQ_b3V05xIhjzUxODg2ODcz4gMIDwoBWxw49gkPCgFcHzToAggAUQQOPxDLYXV0b3BsYXlfaWNveQ0P8wEGPTQwM8wFD-kAVJ85NjI4MDY4MDTkCggL6QD2B2JldGEvbm9kZV9tb2R1bGVzL2tzbC3rAvoeLWhlYWRlci9kaXN0LzUxZDY2NGJjNjNlNTNmMmE0Mzk4Y2YyNjAxYTM4NzA0mw4PIgEJDZ4ODyIBU-A4MTMxMDIzOTc4Mn1dfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:59 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 20 Mar 2023 04:12:58 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 8429 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 20 Mar 2023 04:12:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
token
token.rubiconproject.com/ Frame 8429 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame 8429 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=25470
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame 8429 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=2249&pt=n
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame 8429 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=6404
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ssbsync.smartadserver.com/api/ Frame 8429 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=87
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:58 GMT
content-length
0
rp
match.prod.bidr.io/cookie-sync/ Frame 8429 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.106.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-106-129.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiesync
bttrack.com/pixel/ Frame 8429 		35 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.46.bidtellect.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-servername
Track004-iad
pragma
no-cache
date
Mon, 20 Mar 2023 04:12:39 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
lb
be.durationmedia.net/ 		0
569 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/lb?s=11159&t=SD&c=4
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.49.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-49-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options
DENY
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
0
sponsorships
be.durationmedia.net/ 		414 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/sponsorships
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.49.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-49-172.compute-1.amazonaws.com
Software
/
Resource Hash
14c860e8361db58e6e4b0081a385d743a31cdf7cc84ec52aface172988e54d69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Mon, 20 Mar 2023 04:12:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options
DENY
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
transfer-encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
0
sponsorships
be.durationmedia.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/sponsorships
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.49.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-49-172.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 20 Mar 2023 04:12:59 GMT
Expires
0
Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
publishBeacon
pixel.rubyblu.com/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pixel.rubyblu.com/publishBeacon
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.230.100.254 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
254.100.230.35.bc.googleusercontent.com
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 20 Mar 2023 04:13:01 GMT
Server
nginx/1.21.3
Access-Control-Allow-Methods
POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
Content-Length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 13BE 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:12:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=5&c=2719&i=6lr0nn&p=ksl-com&s=2510&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI2bHIwbm4iLCJwYWNrZXQiOjUsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APBeaHR0cHM6Ly9hZHMucHVibWF0aWMuY29tL0FkU2VydmVyL2pzL3VzZXJfc3luYy5odG1sP2tkbnR1aWQ9MSZwPTE1ODk3NiIsInR5cGUiOiJpZnJhbWUiLCJzdGFydCI6MTY3OTI4NTU3ODU4MaAAJmQiFADAOTQ1OSwic291cmNlPACjbnNlcnRCZWZvckIAoXR1cyI6ImxvYWTGAEBhc29uxQDUXSwiZGF0YVBhdHRlchIAsmxpc3QiOltdLCJpZADPNzQ0NzU2NTY0NX0s9wBpHzP3AAwxbXV0jgExT2JzcgExQ0wiPwEP_QAzHzf9AAdhYmUuZHVyfAD1D21lZGlhLm5ldC9sYj9zPTExMTU5JnQ9U0QmYz00It4BA0kCAqAAGHLfAU05NTIy6AABFAAF3wHyAFJFUVVFU1RfTUFOQUdFUkUAAuUAb2FsbG93ZeUBIa85MTEwODg3Njg46AAcz3Nwb25zb3JzaGlwc-EAFA7JATc1MjPAAg_hAEKvNzkyOTM3NjM5NuEAB9B3d3cuZ29vZ2xldGFnRQJBaWNlc8YDoGFjdGl2ZXZpZXfIA_cDY3VycmVudC9yeF9saWRhci5q-wBic2NyaXB0lgEYctsBTTQ3MjXbATc4MTj6AA_DAgtgdGltZW91WwAvcmXDAxuvODk2NTMwMzY4Mv0ABwFKBSBjLvcAYWVub2JpZPkABa4EBtwBH2mbBAcuNzjhACc1MeEAH2mbBDufODAxNzcyNzU3mwQID9gAMR44swIZONgAD7kBCw95BSQE3gAvODC2AQjBaXhlbC5ydWJ5Ymx1sgEB8ACGc2hCZWFjb262AUVzZW5kFAALVQZMODA2N5sCABQAFza6Aa9TRU5EQkVBQ09OeQQ8fzA4MzYxOTPlAAkzdHBjmANhc3luZGljawUB7QBhc29kYXIvBgAfMoYDE0s2MDk2pQI5ODEzhgOgcmVtb3ZlQ2hpbEoFMnN0YV0FD38DJ583OTQzMDk5MTN_AwgP5AA8HzfkAF7AOTQzMDk5MTMzfV19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:13:01 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 20 Mar 2023 04:13:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 22F1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65858045&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
55818e17f52f57fd07efb8d864b627877dc09b25185e8a2de8edcdae95f2b7e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 20 Mar 2023 04:13:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 4685
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ck-RqiAflPlpH8P7c0yN-3BJw_xpHZOsJxlcgX43
42 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ck-RqiAflPlpH8P7c0yN-3BJw_xpHZOsJxlcgX43
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Mar 2023 04:13:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 20 Mar 2023 04:13:01 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ck-RqiAflPlpH8P7c0yN-3BJw_xpHZOsJxlcgX43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
dcm
aax-eu.amazon-adsystem.com/s/ Frame E51A 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.255 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 20 Mar 2023 04:13:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
0XFJN0HTTTKWE9HVQF2D
Pug
simage2.pubmatic.com/AdServer/ Frame 4993
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5579419736757048559&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5579419736757048559&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Mar 2023 04:13:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
752ae49d-5aa9-4080-906d-60d03d1b4f16
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 20 Mar 2023 04:13:01 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5579419736757048559&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5AF6
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7212476651056265366&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7212476651056265366&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Mar 2023 04:13:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 20 Mar 2023 04:13:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7212476651056265366&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame D4BC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FeVGqeltUCdT8eymih_UWiU6Ovo&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FeVGqeltUCdT8eymih_UWiU6Ovo&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Mar 2023 04:13:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 20 Mar 2023 04:13:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FeVGqeltUCdT8eymih_UWiU6Ovo&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 7FAC
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFNXZVN0lMN3NBQUNBZy1IajU3QQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAE5vU7IL7sAACAg-Hj57A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2574575548534406320&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAE5vU7IL7sAACAg-Hj57A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2574575548534406320%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2574575548534406320&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAE5vU7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE5vU7IL7sAACAg-Hj57A&gdpr=0&gdpr_consent=
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE5vU7IL7sAACAg-Hj57A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Mar 2023 04:13:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 20 Mar 2023 04:13:02 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE5vU7IL7sAACAg-Hj57A&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame B1E1 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 20 Mar 2023 04:13:02 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn-etou8220068-HHN
x-timer
S1679285582.916574,VS0,VE92
sync
ads.servenobid.com/ Frame 65B5 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.135.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-135-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 20 Mar 2023 04:13:01 GMT
mw
mwzeom.zeotap.com/ Frame 22F1 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:13:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7aab1ec73dc38fd0-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 22F1
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:13:11 GMT
frontend-id
12
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:13:11 GMT
frontend-id
15
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 22F1
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&addseg=19,36,42
Protocol
H2
Server
185.64.189.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

date
Mon, 20 Mar 2023 04:13:01 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
mw
mwzeom.zeotap.com/ Frame 22F1
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=6fa1fb77f4d713622844e11defc01757&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=d106aa53903531f7
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=029c1f54-4c95-4d1f-6cf1-ffbb294caa7d&reqId=c8f4b6d8-5862-48dd-4c24-d4e68b2161c1&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEDZd7ughCoiwIIGLYb7WLfE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=029c1f54-4c95-4d1f-6cf1-ffbb294caa7d&reqId=c8f4b6d8-5862-48dd-4c24-d4e...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEDZd7ughCoiwIIGLYb7WLfE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=029c1f54-4c95-4d1f-6cf1-ffbb294caa7d&reqId=c8f4b6d8-5862-48dd-4c24-d4e68b2161c1&zcluid=d106aa53903531f7&zdid=1332
Protocol
H2
Server
2606:4700:10::6816:1957 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 04:13:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7aab1ecabfef8fd0-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:13:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEDZd7ughCoiwIIGLYb7WLfE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=029c1f54-4c95-4d1f-6cf1-ffbb294caa7d&reqId=c8f4b6d8-5862-48dd-4c24-d4e68b2161c1&zcluid=d106aa53903531f7&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 22F1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d86575a8-4f90-4af1-a03b-271c755e720f&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=90f26a68-ba20-4cf6-a04b-0e6de2996647&expires=1&user_group=2&ssp=pubmatic&bsw_param=d86575a8-4f90-4af1-a03b-271c755e720f&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d86575a8-4f90-4af1-a03b-271c755e720f&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d86575a8-4f90-4af1-a03b-271c755e720f&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 20 Mar 2023 04:13:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d86575a8-4f90-4af1-a03b-271c755e720f&gdpr=0&gdpr_consent=&gdpr_pd=
date
Mon, 20 Mar 2023 04:13:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 22F1 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:13:02 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 22F1 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 -, , ASN (),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 20 Mar 2023 04:13:01 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F3B3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31282777&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9cb8df9f235556b29220c1a56a2d5b4527cfc1e2ef32c1a25c40672f263c5599

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 20 Mar 2023 04:13:00 GMT
content-length
1708
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 20AB 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 20 Mar 2023 04:13:02 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 324E
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=q3k6bxl4vm26
42 B
231 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=q3k6bxl4vm26
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Mar 2023 04:13:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Mon, 20 Mar 2023 04:13:02 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=q3k6bxl4vm26
lws
35
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
bridge
cm.adgrx.com/ Frame 69B9 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 20 Mar 2023 04:13:02 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-4
i.match
s.tribalfusion.com/z/ Frame 0748
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7aab1ec919c33a78-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 20 Mar 2023 04:13:02 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7aab1ec808dc3a78-FRA
content-type
text/html
date
Mon, 20 Mar 2023 04:13:02 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
68
cookiesync
core.iprom.net/ Frame 091D 		43 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 20 Mar 2023 04:13:02 GMT
Vary
Accept-Encoding
X-adserver-worker
docker9-10ce41128e4a@version_1.536v2
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 1A70
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 20 Mar 2023 04:13:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 20 Mar 2023 04:13:02 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
generic
match.adsrvr.org/track/cmf/ Frame FA47
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5967651718
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5967651718
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 20 Mar 2023 04:13:02 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 20 Mar 2023 04:13:02 GMT
etag
RX49a8d4a96d1341788b2fc6165c7b5fcf003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5967651718
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
cm
ipac.ctnsnet.com/int/ Frame F64B 		43 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 20 Mar 2023 04:13:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
usersync
usersync.gumgum.com/ Frame B2FD 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 20 Mar 2023 04:13:02 GMT
Expires
0
Pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame F3B3
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5579419736757048559
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5579419736757048559
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Mar 2023 04:13:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 20 Mar 2023 04:13:02 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
829711bd-dded-4d62-8c9d-2b8abc123f95
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5579419736757048559
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F3B3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7434213496204211953&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7434213496204211953&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 20 Mar 2023 04:13:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7434213496204211953&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 20 Mar 2023 04:13:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame F3B3
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:4b6eb08f-73cb-485b-b2ca-c07bbd684378&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:4b6eb08f-73cb-485b-b2ca-c07bbd684378&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Mar 2023 04:13:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:4b6eb08f-73cb-485b-b2ca-c07bbd684378&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 20 Mar 2023 04:13:02 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JW89DL7T5D&gtm=45je33f0&_p=187697769&cid=153597568.1679285574&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1679285574&sct=1&seg=0&dl=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50602859%2Ffrozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections&dt=Frozen%20strawberries%20sold%20at%20Costco%2C%20Trader%20Joe%27s%20and%20Aldi%20recalled%20after%20hepatitis%20A%20infections%20%7C%20KSL.com&en=Ad%20Block&ep.DDM_Device_ID=gs0g1jlf8yxr&ep.Random_Session_ID=1679285574237.t63c2e0i&ep.Local_Timestamp=2023-03-20T04%3A12%3A54.237%2B00%3A00&ep.Page_URL=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50602859%2Ffrozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections&ep.Referrer=&ep.Host_Name=www.ksl.com&ep.Container_Version=59&ep.Content_Grouping_1=News&ep.Content_Grouping_2=Utah&ep.Content_Grouping_3=Business&ep.Entity=KSL%20News&ep.Objective=Content&ep.Author=Brenda%20Goodman%2C%20CNN&epn.Content_ID=50602859&ep.Publish_Date=2023-03-19T10%3A42%3A00-06%3A00&ep.Source=cnn_wire&ep.Team=wire&ep.Template=Article&ep.Topic=government&ep.Login_Method=traditional&ep.DDM_Hit_ID=4chrn8fsprgx&ep.Previous_URL=not%20specified&ep.User_Registration_Date=&ep.Has_Video=false&epn.Word_Count=395&ep.Login_State=false&ep.Update_Date=2023-03-19T10%3A42%3A00-06%3A00&ep.DDM_Session_ID=n7ozpowy7ffu&ep.KSL_Member_ID=&ep.Event_Action=off&_et=2808
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 04:13:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
deseret.technoratimedia.com
URL
https://deseret.technoratimedia.com/openrtb/bids/deseret?src=prebid_prebid_7.24.0

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 boolean| credentialless string| ddmTopDomain string| ddmPageviewId string| ddmSessionId string| ddmDeviceId function| ddmUeid object| KSL object| ensBootstraps object| Bootstrapper object| ensClientConfig boolean| ensBrowserSupported object| gateway function| s2nFloatCallback function| showAdBlock object| vttjs function| WebVTT function| videojs object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent function| videojsContribAds function| videojsIma function| videojsShare boolean| _GDPR_ object| googletag object| pbjs object| kslDataLayer object| tempDataLayer object| React object| ReactDOM object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| cX object| rubyBluScript object| rubyblu object| scrolldepth object| lazySizesConfig object| lazySizes function| fitvids function| StockTicker function| PrepScoreboard function| PickemWidget object| ddm object| picturefillCFG function| picturefill object| pbjsChunk object| _pbjsGlobals string| nobidVersion object| nobid object| kslEventBus boolean| commentsDisableDepth object| kslSocialShare object| _sift function| onYouTubeIframeAPIReady object| gaGlobal number| 2f1acc6c3a606b082e5eef5e54414ffb object| gaplugins object| gaData object| webpackChunkStripeJSouter function| noop function| Stripe object| regeneratorRuntime number| catchversion object| catchdetectrun object| catchhoneyevent object| dm_logger boolean| dmjs_loaded object| wGhL8A2 function| wGhL8A3 object| xop object| 17rffk1nulek object| -wp1uwgoz56o object| rubyBluPageData function| setupRubyBlu boolean| mouseflowDisableKeyLogging object| mouseflowHeatmap object| _mfq object| mouseflow object| ggeac object| Ni9t6c2 function| Ni9t6c3 function| xblocker object| rc_styleSettings object| catchhoneydropevent object| catchtriggerlogin object| catchaftercheck object| catchtriggermessageagain object| catchdo object| helpmodal object| removeModal object| saveLog object| eventRecorder object| catchspider object| catchsend object| catchsendservice object| catchrecordrec object| catchunverified object| catchverified object| catchrclogin object| catchsubscribe object| clearexperience object| catchnewsletter number| planViews boolean| ab_present boolean| ab_service_present boolean| jsnoloadcatch object| adblockerfound object| adblockernotfound object| adblockerservicefound object| adblockerservicenotfound object| l0qQkz function| l0qQkl object| xblacklist object| getMessagesCountContainer object| KslHeader object| headerDataLayer undefined| google_measure_js_timing function| postscribe object| google_tag_manager_external object| m-ksl-messages object| OneTrustStub function| OptanonWrapper string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| Optanon object| OneTrust function| OX object| OX_swfobject object| oxhbjs object| OXHBConfig object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id boolean| senddone object| Twilio object| GoogleGcLKhOms function| __siftFlashCB undefined| Sift object| PluginDetect boolean| DFPMessageEnabled object| rccbase_styles boolean| updatedone object| google_image_requests

101 Cookies

Domain/Path Name / Value
.ksl.com/ Name: PHPSESSID
Value: bk4k2h2nqfg6j0db4os9ahdoji
.ksl.com/ Name: ddmSessionId
Value: n7ozpowy7ffu
.ksl.com/ Name: ddmDeviceId
Value: gs0g1jlf8yxr
.ksl.com/ Name: _ga
Value: GA1.2.153597568.1679285574
.ksl.com/ Name: _gid
Value: GA1.2.897988952.1679285574
.ksl.com/ Name: bluSyncTime
Value: 1679285574530
.ksl.com/ Name: bluSiteUserID
Value: ksl.cif1r6eaya77
.ksl.com/ Name: mf_5b4de110-bc3f-40aa-8751-c3176bbf87d5
Value: |.13025820984.1679285574535|1679285574536||0|||0|0|4.64401
.ksl.com/ Name: _dc_gtm_UA-72877204-2
Value: 1
.bidr.io/ Name: bito
Value: AAE5vU7IL7sAACAg-Hj57A
.bidr.io/ Name: bitoIsSecure
Value: ok
www.ksl.com/ Name: OX_sd
Value: 1
.ksl.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Mon+Mar+20+2023+04%3A12%3A55+GMT%2B0000+(GMT)&version=202210.1.0&hosts=&consentId=28ffbac8-f9ed-490f-bca7-8faac8468458&interactionCount=0&landingPath=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50602859%2Ffrozen-strawberries-sold-at-costco-trader-joes-and-aldi-recalled-after-hepatitis-a-infections&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CBG102%3A1%2CC0004%3A1
.ksl.com/ Name: __ssid
Value: cfce05ace6df4c2201d1e0e91dc39fb
.ksl.com/ Name: __gads
Value: ID=2d73e7a2f85874e1:T=1679285575:S=ALNI_MYPZd7rWFo1RFNN9TxkVe5JIRzeeA
.ksl.com/ Name: __gpi
Value: UID=00000bc962ec4731:T=1679285575:RT=1679285575:S=ALNI_MaXt54TZFokdqOmJ7aSN5BbMqTdGg
m.stripe.com/ Name: m
Value: 231147f7-8da2-4b82-a911-e779ba3e90f3edb930
.doubleclick.net/ Name: IDE
Value: AHWqTUnQomsXJloB4NiqdRGLhnJebwgRLRTuzFLqszQWDmIXWgMaBTc1oiQGfj5mFp4
.ksl.com/ Name: _ga_JW89DL7T5D
Value: GS1.1.1679285574.1.0.1679285577.57.0.0
.www.ksl.com/ Name: __stripe_mid
Value: 1ed8f85c-0d26-4b78-b3b1-9f8c7517a47222a8bf
.www.ksl.com/ Name: __stripe_sid
Value: b6995d98-02b9-4d17-83d1-4e6cdf3fb27d2ad9d9
.technoratimedia.com/ Name: tads_ipv6
Value: 2a00:c98:2030:a004:1::2
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.adnxs.com/ Name: uuid2
Value: 5579419736757048559
.lijit.com/ Name: ljt_reader
Value: GVw8sRZHJKyhEmuUSSyc4wj3
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A5D8F589-2E77-47CF-9BA7-A81839A9B9A1
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 158976:2
.pubmatic.com/ Name: DPSync3
Value: 1680480000%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1680480000%3A220_21_54_71_13_7_161_56%7C1679875200%3A223%7C1680566400%3A35
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_327
Value: 68c6aa77-a31c-42fb-874b-6c9ebe58eb59
.servenobid.com/ Name: pid_312
Value: 5579419736757048559
.casalemedia.com/ Name: CMID
Value: ZBfdSghJmZ8sif1FkjKm7QAA
.casalemedia.com/ Name: CMPS
Value: 1158
.casalemedia.com/ Name: CMPRO
Value: 1158
.gumgum.com/ Name: vst
Value: e_5ae7e20e-e8b9-44dc-8573-cef62824589a
.servenobid.com/ Name: pid_310
Value: GVw8sRZHJKyhEmuUSSyc4wj3
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjEytTA3sDA3shDiM9R1Lw6OSvLOi8-1sEwEAHJAWwklAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjEytTA3sDA3shDiM9R1Lw6OSvLOi8-1sEwEAHJAWwklAAAA
.smartadserver.com/ Name: pid
Value: 2574575548534406320
.simpli.fi/ Name: suid
Value: F440B0525A8E4AEB905319F1B1D6ACCA
.weborama.fr/ Name: AFFICHE_W
Value: ssrdbrcAqAqy33
.turn.com/ Name: uid
Value: 7434213496204211953
.servenobid.com/ Name: pid_309
Value: e_5ae7e20e-e8b9-44dc-8573-cef62824589a
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZm5pZGFqam5haWxyShyZb2gEAHcRrK8gAAAA
.openx.net/ Name: i
Value: 8993e9a8-64d3-44a4-ab43-cbe152015425|1679285578
.servenobid.com/ Name: pid_317
Value: 2248424364960431272
.servenobid.com/ Name: pid_333
Value: ZBfdSghJmZ8sif1FkjKm7QAABIYAAAIB
.yahoo.com/ Name: A3
Value: d=AQABBErdF2QCEDDaHUn4uUaQP1tn7qJOnboFEgEBAQEuGWQhZAAAAAAA_eMAAA&S=AQAAAiev2Amk9q6dPB9YAXCgQjQ
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-49a8d4a9-6d13-4178-8b2f-c6165c7b5fcf-003%22%7D
.criteo.com/ Name: uid
Value: cc5cdc27-f49e-4177-996c-094aa3fceeb7
.creativecdn.com/ Name: u
Value: IozpCbiYIOiQ73cp6ppk
.creativecdn.com/ Name: ts
Value: 1679285578
.de17a.com/ Name: guid
Value: 1.7805569497189692645
.servenobid.com/ Name: pid_324
Value: 5140084924258708728
.analytics.yahoo.com/ Name: IDSYNC
Value: 198o~2am4
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-49a8d4a9-6d13-4178-8b2f-c6165c7b5fcf-003%22%7D
.servenobid.com/ Name: pid_339
Value: y-4Yxabc5E2uFnMAv28KroAMQ9ySD3PtT390sUo5M-~A
.servenobid.com/ Name: pid_337
Value: y-4Yxabc5E2uFnMAv28KroAMQ9ySD3PtT390sUo5M-~A
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: uuid
Value: 16d56417-dd4c-4300-b9aa-69d8e7efa347
.dyntrk.com/ Name: dyn_u
Value: 03010010_6417dd4b0a410
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZBfdSwAC7eWRGAAG
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-7805569497189692645
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESENLGtmyaP0tN45dbVIr6JSc&KRTB&22987-CAESENLGtmyaP0tN45dbVIr6JSc&KRTB&23025-CAESENLGtmyaP0tN45dbVIr6JSc&KRTB&23386-CAESENLGtmyaP0tN45dbVIr6JSc
.servenobid.com/ Name: pid_321
Value: RX-49a8d4a9-6d13-4178-8b2f-c6165c7b5fcf-003
.adform.net/ Name: uid
Value: 8213165784806031838
.pubmatic.com/ Name: SPugT
Value: 1679285578
.smartadserver.com/ Name: csync
Value: 69:03010010_6417dd4b0a410|79:cc5cdc27-f49e-4177-996c-094aa3fceeb7
.bidswitch.net/ Name: tuuid
Value: d86575a8-4f90-4af1-a03b-271c755e720f
.bidswitch.net/ Name: c
Value: 1679285579
.bidswitch.net/ Name: tuuid_lu
Value: 1679285579
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:16d56417-dd4c-4300-b9aa-69d8e7efa347&KRTB&16736-uid:16d56417-dd4c-4300-b9aa-69d8e7efa347&KRTB&23019-uid:16d56417-dd4c-4300-b9aa-69d8e7efa347&KRTB&23114-uid:16d56417-dd4c-4300-b9aa-69d8e7efa347
.pubmatic.com/ Name: PugT
Value: 1679285578
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-9186688692752709113&KRTB&23263-9186688692752709113
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-492e9ed7-296a-3797-b587-3d5b67c1f6bd
.servenobid.com/ Name: pid_346
Value: ua-492e9ed7-296a-3797-b587-3d5b67c1f6bd
.admanmedia.com/ Name: admtr
Value: 2eb9a1cb-af76-4c04-9dfa-25ce4543fa4d
.admanmedia.com/ Name: ac_r
Value: CS71
.go.sonobi.com/ Name: HAPLB8S
Value: s8526|ZBfdT
.360yield.com/ Name: tuuid
Value: e9c4f6db-b7b4-48ee-8f09-941cd79e2b70
.360yield.com/ Name: tuuid_lu
Value: 1679285579
.sportradarserving.com/ Name: zuuid
Value: b10ef0a0-0159-4f1f-8635-fe5df9a2688e
.sportradarserving.com/ Name: c
Value: 1679285579
.sportradarserving.com/ Name: zuuid_lu
Value: 1679285579
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1679285579
.zemanta.com/ Name: zuid
Value: rWsdrrnrwqteyAml3Uo_
.outbrain.com/ Name: obuid
Value: 60e6d73b-7dfd-4f4d-8cae-06d015e1203e
.audrte.com/ Name: arcki2
Value: 395RtOjM0HUS3CWLx3tVFmdXA!20220908!1679285579262!ip#37.58.58.250
.audrte.com/ Name: arcki2_pubmatic
Value: A5D8F589-2E77-47CF-9BA7-A81839A9B9A1!20220908!1679285579264
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-15e546a9-e96d-5027-53f1-eca68a1fd45a.2HcW09eLFaEW%2BtGGfToQlRWaptu2pelwBhTxGxWMSIU
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AFeVGqeltUCdT8eymih_UWiU6Ovo.EOJUcROwSfokzOlmK1JKSkiiEDp%2FSEceA%2BoFLOwYVcY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AFeVGqeltUCdT8eymih_UWiU6Ovo.EOJUcROwSfokzOlmK1JKSkiiEDp%2FSEceA%2BoFLOwYVcY
.ipredictive.com/ Name: cu
Value: cd1c0b43-468b-4f93-8878-2abfb71b3cb6|1679285579298
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 937edc0b38ee2387
.bluekai.com/ Name: bku
Value: ikG99WF5atuI+OxQ
.bluekai.com/ Name: bkpa
Value: KJhz06aFLM9R9mO4Dtd38NF9f6/VaWoknzPHvc/hYsxM/gGV+gO4FI00yX8w7gUoh7RBKnw2d2xNgkSZ6Ugx7I2MmlrlcZ4lX6vlES45+laXs/x2O9xOrVp1wBuggdjVeVmN3rXlOsx0gEqpDY1Qkl83gNVcQBHPlNI3IFgp1sAx2r156/wkulGGDL5ZArzkeH6ZmY2YRqmRtbY9uEItNHd43iOCycmPXov5KJ0aK0yophpNI0JJIzrJOAk6e1o1QoDV/A8oRWAC/kpLqjXAham95d/8nl/7AgZ/AXvpjYEvGy3509Tekx/fnabqClqdnujp4rMrGbo75fBzngXc919hUrR=
.amazon-adsystem.com/ Name: ad-id
Value: A-nU58FWbkBJgk2Ne0RgX5A
.amazon-adsystem.com/ Name: ad-privacy
Value: 0

8 Console Messages

Source Level URL
Text
network error URL: https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.cif1r6eaya77&_bee_ppp=1
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security warning URL: https://www.ksl.com/ensighten_news(Line 497)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://www.ksl.com/ensighten_news(Line 497)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://www.ksl.com/ensighten_news(Line 497)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network error URL: https://messages-microservice.ksl.com/user
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A5D8F589-2E77-47CF-9BA7-A81839A9B9A1&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad-cdn.technoratimedia.com
ad.360yield.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
ap.lijit.com
app.protectsubrev.com
aud.pubmatic.com
b1sync.zemanta.com
be.durationmedia.net
bh.contextweb.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
cdn.mouseflow.com
cdn.siftscience.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
cookie-cdn.cookiepro.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csync.loopme.me
d3njgrq4uvb497.cloudfront.net
d5p.de17a.com
d70a5b694b0a03ae93cafbcc0adde1bd.safeframe.googlesyndication.com
data.privacy.ensighten.com
deseret.technoratimedia.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
ex.ingage.tech
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
hbopenbid.pubmatic.com
hexagon-analytics.com
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.ksl.com
ipac.ctnsnet.com
js.stripe.com
ksl-d.openx.net
loada.exelator.com
m.stripe.com
m.stripe.network
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
media.ksl.com
media.twiliocdn.com
messages-microservice.ksl.com
mwzeom.zeotap.com
news-api.ksl.com
nexus.ensighten.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pages.protectsubrev.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.rubyblu.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebidads.revcatch.com
public.servenobid.com
pubmatic-match.dotomi.com
q.stripe.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.ksl.com
static.rubyblu.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tag.durationmedia.net
tagan.adlightning.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.fiftyt.com
visitor.omnitagjs.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.ksl.com
x.bidswitch.net
deseret.technoratimedia.com
104.111.217.14
104.22.58.219
108.129.57.86
108.138.17.12
130.211.32.235
142.250.185.194
142.250.186.162
147.75.85.234
151.101.194.49
151.139.128.10
162.19.80.92
164.92.213.94
178.250.1.9
18.158.226.95
18.196.251.66
18.198.69.109
18.214.42.172
18.66.147.119
185.183.112.155
185.184.8.90
185.255.84.153
185.29.132.245
185.64.189.110
185.64.189.112
185.64.189.229
185.64.190.78
185.64.190.80
185.80.39.216
185.86.139.94
185.89.210.180
185.89.211.12
192.132.33.46
193.0.160.130
195.5.165.20
198.148.27.140
198.47.127.20
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
202.241.208.56
213.155.156.168
213.19.147.44
216.52.2.6
216.52.2.86
23.37.42.132
23.54.114.218
23.56.202.187
2600:9000:2057:d800:19:7d10:bd80:93a1
2600:9000:2127:2800:1f:4c18:bd40:93a1
2600:9000:223d:7200:10:ce97:9fc0:93a1
2603:c020:400d:3000:bf17:cd18:9a23:846c
2606:2800:233:f76:14f7:d635:25c4:c8d7
2606:4700:10::6816:1957
2606:4700:10::6816:43d
2606:4700:20::681a:ce1
2606:4700:20::681a:de1
2606:4700:4400::6812:2894
2606:4700::6812:19ad
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:802::2002
2a00:1450:4001:802::2004
2a00:1450:4001:806::2001
2a00:1450:4001:806::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:400c:c07::9c
2a02:fa8:8806:13::1370
2a05:d018:d29:3602:8a7a:282c:c25e:4d1f
2a06:98c1:3121::3
3.124.173.63
3.232.49.172
3.248.98.105
3.33.220.150
3.71.149.231
34.102.232.42
34.102.253.54
34.111.129.221
34.111.131.239
34.233.114.35
34.91.62.186
34.96.67.224
35.173.123.72
35.186.193.173
35.201.96.126
35.214.223.115
35.230.100.254
35.244.159.8
37.157.4.40
51.222.80.231
51.255.68.171
51.75.86.98
52.204.125.50
52.210.15.1
52.213.135.234
52.220.229.2
52.46.151.131
52.58.113.67
52.95.115.255
54.152.101.92
54.186.47.166
54.187.159.182
54.194.106.129
54.194.149.6
64.147.128.167
64.147.130.148
64.147.131.160
64.147.131.201
65.9.94.183
65.9.95.39
65.9.95.7
65.9.97.56
69.166.1.10
69.173.144.165
70.42.32.159
70.42.32.191
72.251.241.206
77.243.60.138
77.245.57.72
8.18.47.7
8.43.72.98
80.77.87.162
85.114.159.118
98.98.134.243
006b8f60f30ed5210c6d4cc52dd703f0d62124d5ace9a5a45fede025465a2fbe
01df456b85acb77a180ad7d890f265ea448289bdae9a4b54c58d919b4d484c2e
02eb04d67c2aa1fc80a323c7aa6d9a0ffebaf83c9bb6effeb3b57b9ce2669b7f
04a279b71eef60b3cdd816fb23751fd2eb86de757f4285914613ded6792dcc86
04ba562698396e5908aa02541c734d86fd237785b35698f2854c4f78086d6cf2
087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d
088dbe5e4bb2f902e2e7c62ca7a15bae5cb55f4708d99f7c4daae7148a19a865
0afdfec0cc81ad101710150812834831dd21e1d766c380af5114509ff56b7eb1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f4328dd583577482da89d8af94cd1146cec997553dd53bc2f9ee3d406cfa9ce
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1352d98291981d5de453bedf44dbc99a22689eebbae5d548daddc7e1128ee697
14ba0590f8b6cff18ecbbd872cb9d773732b3f5f32ccd25f9ddf6d6fea615a09
14c860e8361db58e6e4b0081a385d743a31cdf7cc84ec52aface172988e54d69
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
16b0808c85e4ef10eb72d297bcd9cd52f3789d0c6432ab99b11625485d19c71d
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
193c53898d819e7d4c5908257aacca5bf45052ae0128b084c252b4f7a71ab79e
1dd28991ee707451a7875572d971022354cbdc6283ba4d0d4c1b48caef0c98af
1df9aee0014c1553fa6f462aa38714f3f35678bba639483b6141e42e52ec2951
21cd559db3c100842a8ef209f2579e691ee47e2d1469ebeaaaac7cbd439509ab
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
2af6de0161679525ed17e3cab74b1f2ecbadbf3a3e83706d44549aa377daec16
2bfb59a3136f5b49db2158068b8b0fff3ac5dc575b4539d0cd67469357caf29d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e2d56cece389641b16dea99088a149ade31ad4dd2a3864f501c729dac4543e0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31cac46c8e8573e832b5fbacba230031c96d7aded5521f96fc0edaea5dbf0175
32dddeed43e3fbde44d76523d3a40dc8a00aaaee5f9f319f21e7c769ef2a43cc
33cc0a21c1ca8eab50680298fedb8440589988e511a82348b00290bb111a4c8d
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
3a7924127644a96f12db8ab1b60889e8097d0f047f75eb8c4242b1a26cbf5911
3ae5f7dca940babf67426aa739d7d180e8dde58abbdde72922906b4722cb6194
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42bfcc13f63c3b068a4f59c188ad224ab48d2e3d91ce033311da926be2327249
45df8300639a2c449239e3f0ddd1575ec2a867266840be6309b69903f032d919
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4926c7670bd5a97ba531632202ff2adb8e8c81ae1dc49b35a7699a478c559b77
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49aabeb632ac757d0d73d2b6793d99e7e1336eed6e3d81d89c5110bf2ba809aa
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e401852875cdea39d8313586fc94ad91645c96a2d3238c42c9d5a1ff9d95637
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
502bb63550cd079d5447f95d545f65bb1ad7edf88d42bd409b6e8c9f11a11566
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5237af6f5bc44201f8182c56a81a09e1595b1e0b6b495576d487e4568676e86a
55818e17f52f57fd07efb8d864b627877dc09b25185e8a2de8edcdae95f2b7e9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5712876d9cf41eb9b0b359976e092ea433f81120f04f8cb5a9ee9d7ea02ccd4e
5791b4aa284121c24888809970bd0c9c51b7a76653616708b33e0e976d39aa29
57de05264028a31a958c3315bb559a979fced7919c8920a4c36beaa14c5db5a1
585f644a3d7c359d59918c2310af6cda839313808538b4004a4b604c19664df7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a2861f22132f9e613d60c0cf4695ad90e7a9bc5a93fa7f55271d74a7b850ab5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6290db52494853affbe5ebe8e80224f7acd3dbbebf8c05e3d1a5a76f0767d033
66b6068dbe1948f57441d09c9844769b99e7881997b5fe3255e0a694cb89b849
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6bdb341440c662d46a4fe200f47772ede3040d2ce52ecfcab8f017f4fa2738
6bad31a10bc9efb086d6cf1e534fb1dc8f3e972250b991792c7831d08a00b85d
6c884d0fa4ce72b3abf613a4b373bee64b6d65e9e888a4dfb80126f393e37621
6e65aecb8a21b66d9aeeea4d926d72d0f1023ca305327859bb69117e813468fa
6f3a01e144ec2db45bb24f5ee5e9ed1da37760b01593395c01e4c1e4780b89ae
70f9faa8791e1eca1aca0920a81c75bdef3cd8d90e5c229529622031bb1f16cd
7113168867063276dff6573f2640bc5573deef8d952bd3323eb3690b09ab481e
716f7e72daced30c3bb44b2e2180e7b9bcab9491270cf3d1b8f1d07011c116b4
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73da3b369596f2ea8e701ec80155bf93c638eb66f1de5eac9a88f2eb8e565fd8
7815473f068f708bcde391e444f1e2d3f19d1ead1174a2281a8833648356b80d
783f95bdb0fd90f77d7b18786b7f989bfc1b7e4259354dd508452e288f4cb875
7e3cf25bf2aa1d2346217aacdcc2b16cfe5b73b7e80ed69a04de2c0176b9a05b
7e5732c22bd4d4f04611ace5230fc4409f3c4ce9f73801781da68d680d295eb7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839e7c6761776f0e1c251d29d443dd8e29c6d3beefeeb8925c58a74ba784bd30
84acc3dec54345b4c7a801462e4d29e76a792c33b2174f6fcc1cf07abdd1f8c1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
878a331836150935afb12b3ec3e5521dadd7902173b4fd24adfee940a3931b61
88f71e17183eeb8d6698c31da6fe9b6dab22d4b746e2f836f19d78f78c90160f
8962cda663958c916414d04ee15873722d4d0604001d8bdf4f4e7460a37dfe73
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa3cbfde867ccc251bae5512b3da5d3c7843eac7cfa0c237ddc36b5b08873cc
8b512b1e143d27297a87f49b35f418f656508da018781e9e87019fa2922b6fb9
8bb1e570f448fdb47a0a89e9875bd0e87dc3a371b284f913b8c75d65d98386bb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447
8ebe4963ca08a041fcbb87a4232bf58b1ae55c3b5623a3a2d9d79491bb46c674
900d69b36ed036b05ea15c5f1964278e36dde5956f4c18a2bccf54b022429641
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
90767fabd53fe6949c8e19f3ab9d3da69cfc52c7bbfafe42739ed14c2e837920
90ccee6904ff98b13b372eaaa87d8629cf12fedc238801722557c19562540b2a
92462dcb28996eb531aff968f2cb19691a54fcf1611546b2e6f65cca501b2592
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9903035e5b61b366e5709819a66349add4a4d132af460c00dc37babc30774ebb
990f0017dd83b5511960d1fdc55cf41655c19eb61ff76a77ab4da8107310c83f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99d263c750a5a08339b548f9fdf21574af1c454d2f48463ca8597c511de4762e
9cb8df9f235556b29220c1a56a2d5b4527cfc1e2ef32c1a25c40672f263c5599
9f836b22fe146bf85e4ed7e9ee95732f37691d0c6d81babf2a5b51be1c32af97
9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a12f379aef8aaf2d0d311ea397be93e72db9d8f452d94b5edd2d8d763c1b06bb
a36b286884ad3a00927d234d57deb8cc4db0ff64c687420556e64110849addc0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a7921b1571870bdf998d2ec79a1302ff957c0856603a32052cb73f525f7a7184
aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27
ab38fe99e98429ae5f7282a29cbb5c9e3069497b1d87541d8306cd8985db722c
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
afed9a0ab525a556166288e945e61b4e4adb9de9c074d8185f86b8f5f5fda311
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5e4a948e5ab44de45754e4bcefe5d1b7f95cd3215ff08f5187d8a22a615bef8
bb7d39384f8a58e23c5e8c78b974aabb9cd28238d451301a12b43c321783fe6c
be46529915d38c1b927c8fd86786c7e41c7fc7b4e17d98263f052956c475c575
bf64852d6ba356ad309f01e973172dedbcd33fcc0823bb2e98484028c12a8074
bfbfad8065924b34a58b528bcd737dbb0a163b934557c0d2f8e74e2252317d45
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c540e4cdf2839e9e93c1fe120c44c9e1a05923f6d03c13f96a9fffc80483085d
c7d2c0791ad181a85f3590f792a95ed07df8b248146bf42a6eb032ea370fdb17
cee130c3062ab4254621ea1544f7abd397515bad9a96b97a0eb8cd5b0aa3f230
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0cc949db47eadda0e59235f19200cbbabebfa345bb06430bb69f0c159c80421
d18c05b903e42fe072a80fb16a7aae87c94e506237fce86f68ad8241fa70f759
d4b507096f8201c08f51e78f7e5c2366b095be888bcdbd8560e40915086f0452
d603af607eb4e551f73c7777de0c3ce668fcf3c205a95906290e3fdcbf07bd08
d9e911e2a1b9067f01cf538f8c887744113596e0394bd44ec0dd5cb4d8d46632
db2ee7a386958f6e858c181063d50b9bd3dfe79f9318bc1550d15482a5e49350
dc2b6002b3518b4b196486f9f3e91e2b27b73df5c54d8418e0d442b6a8196c74
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd0d7b0bd9b543ac1655f000d5db598194d9a6c0c79815600b59ee49a81e8c62
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62675168e711cfdc3d2909263c24f01cd2e35ffce01b845439e94d3b39fee93
e7c4de52590b8796a00be1ad80242a15875d929508aaa6d211236ea8741a0ae1
e85a649094d881201f7a886c94cd19e72196c761da5017c9269b03b35ca9c5c4
e8b206f455fa6852b58f8ac728574ded89a3c41282d231812dd5883c960c2d21
e8d480780dad17fd64ac42eee77b9a8e485f2d81cc3dc232e2520a0e8058bffb
eca0b00bcdc228fa9087597c23b3108ad4c079791b6ddd56658e48ce83939b6e
ed51c6c44f063fffd3fef1042b859a00d4cbdcee5dbc742c758f7a275ff85f58
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00a90cc987d76e2471f6af12b39890292636c09e640efc9ee58c160416c9ad8
f0cea43c88e72cd19370d57f3efe7da1758e11393be827569b4148560a0becb4
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f49b521799308f8cf36318142dbab92925dcae0ca9e2e35050f7d7635ce6c4b0
f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af
fe1a293cdb4905ed390da36b47fa01878068dc52306b495f97d39c56f00ea2fc