urlscan.io logo urlscan.io
SecurityTrails logo

www.ksl.com Open in urlscan Pro
64.147.131.201  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.ksl.com/
Effective URL: https://www.ksl.com/
Submission: On April 26 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 133 IPs in 13 countries across 117 domains to perform 430 HTTP transactions. The main IP is 64.147.131.201, located in Sandy, United States and belongs to DDMINC, US. The main domain is www.ksl.com. The Cisco Umbrella rank of the primary domain is 99537.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 7th 2022. Valid for: a year.
This is the only time www.ksl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 64.147.131.201 11319 (DDMINC)
2 65.9.66.24 16509 (AMAZON-02)
4 143.204.101.39 16509 (AMAZON-02)
26 64.147.131.160 11319 (DDMINC)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 151.139.128.10 20446 (STACKPATH...)
3 99.86.4.9 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 130.211.32.235 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 7 52.49.52.255 16509 (AMAZON-02)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
4 3.216.217.223 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
7 3.124.173.63 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
10 18.66.147.69 16509 (AMAZON-02)
3 54.186.23.98 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
20 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
1 5 2603:c020:400... 31898 (ORACLE-BM...)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
13 34.249.69.20 16509 (AMAZON-02)
1 172.67.14.39 13335 (CLOUDFLAR...)
2 5 35.244.159.8 15169 (GOOGLE)
1 54.187.99.131 16509 (AMAZON-02)
10 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 34.96.67.224 396982 (GOOGLE-CL...)
15 2a00:1450:400... 15169 (GOOGLE)
1 64.147.130.148 11319 (DDMINC)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:249... 16509 (AMAZON-02)
1 13.224.192.181 16509 (AMAZON-02)
1 34.102.232.42 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:400... 54113 (FASTLY)
1 3.227.73.41 14618 (AMAZON-AES)
1 2600:9000:225... 16509 (AMAZON-02)
1 65.9.66.33 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2600:9000:206... 16509 (AMAZON-02)
4 3.227.181.176 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 216.52.2.6 32475 (SINGLEHOP...)
4 23.35.236.201 16625 (AKAMAI-AS)
4 21 185.80.39.216 27381 (CASALE-MEDIA)
2 2606:2800:233... 15133 (EDGECAST)
1 18.66.147.106 16509 (AMAZON-02)
1 104.18.24.185 13335 (CLOUDFLAR...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 69.166.1.15 27630 (AS-XFERNET)
3 6 185.89.210.141 29990 (ASN-APPNEX)
1 2 147.75.84.158 54825 (PACKET)
2 52.50.75.253 16509 (AMAZON-02)
1 89.207.16.146 41041 (VCLK-EU-SE)
1 34.149.20.76 396982 (GOOGLE-CL...)
1 54.227.76.181 14618 (AMAZON-AES)
2 18.66.112.41 16509 (AMAZON-02)
1 143.204.89.74 16509 (AMAZON-02)
2 13.224.189.48 16509 (AMAZON-02)
3 6 52.46.155.104 16509 (AMAZON-02)
12 17 142.250.181.226 15169 (GOOGLE)
7 15.197.193.217 16509 (AMAZON-02)
2 2 34.95.81.168 396982 (GOOGLE-CL...)
3 3 35.214.153.92 15169 (GOOGLE)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
3 6 2a05:d018:d29... 16509 (AMAZON-02)
3 11 23.56.202.187 16625 (AKAMAI-AS)
1 3 51.89.9.253 16276 (OVH)
2 11 185.86.139.102 201081 (SMARTADSE...)
1 2600:9000:223... 16509 (AMAZON-02)
2 77.245.57.72 36057 (WEBAIR-IN...)
1 107.22.59.202 14618 (AMAZON-AES)
2 2 216.52.2.16 32475 (SINGLEHOP...)
7 7 213.19.147.45 3356 (LEVEL3)
4 5 46.228.164.11 56396 (AMOBEE)
2 2 193.0.160.130 54312 (ROCKETFUEL)
1 69.166.1.10 27630 (AS-XFERNET)
6 6 3.71.149.231 16509 (AMAZON-02)
1 1 54.235.234.56 14618 (AMAZON-AES)
1 54.93.154.54 16509 (AMAZON-02)
1 1 23.35.228.23 16625 (AKAMAI-AS)
2 5 185.64.190.78 62713 (AS-PUBMATIC)
1 13.224.189.86 16509 (AMAZON-02)
3 3 185.89.210.20 29990 (ASN-APPNEX)
1 18 34.247.205.196 16509 (AMAZON-02)
7 7 3.70.80.110 16509 (AMAZON-02)
2 2 3.122.79.66 16509 (AMAZON-02)
3 3 64.202.112.255 23352 (SERVERCEN...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 3.217.85.246 14618 (AMAZON-AES)
1 1 54.225.103.173 14618 (AMAZON-AES)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 70.42.32.255 22075 (AS-OUTBRAIN)
1 1 69.192.160.219 16625 (AKAMAI-AS)
2 2 52.18.4.70 16509 (AMAZON-02)
2 2 198.148.27.140 19189 (PULSEPOINT)
1 2 34.250.10.83 16509 (AMAZON-02)
1 2a05:d018:cc3... 16509 (AMAZON-02)
4 4 185.29.134.244 30419 (MEDIAMATH...)
3 4 151.101.194.49 54113 (FASTLY)
2 2 162.19.80.91 16276 (OVH)
1 1 124.146.215.48 2514 (INFOSPHER...)
1 1 80.77.87.161 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 69.173.151.100 26667 (RUBICONPR...)
11 185.64.190.80 62713 (AS-PUBMATIC)
2 2 213.155.156.180 1299 (TWELVE99 ...)
6 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.7.11 44788 (ASN-CRITE...)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 2 18.203.208.238 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 23.21.155.77 14618 (AMAZON-AES)
4 5 37.157.3.20 198622 (ADFORM)
1 35.204.74.118 396982 (GOOGLE-CL...)
4 8 69.173.144.138 26667 (RUBICONPR...)
2 52.95.122.74 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 35.230.100.254 396982 (GOOGLE-CL...)
1 2600:1901:0:7... 15169 (GOOGLE)
13 2606:4700:20:... 13335 (CLOUDFLAR...)
1 35.186.253.211 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 23.56.205.163 16625 (AKAMAI-AS)
2 2 172.217.16.134 15169 (GOOGLE)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 167.233.13.224 24940 (HETZNER-AS)
1 18.132.51.149 16509 (AMAZON-02)
1 18.66.147.52 16509 (AMAZON-02)
1 99.86.4.52 16509 (AMAZON-02)
4 185.64.190.81 62713 (AS-PUBMATIC)
3 141.95.98.65 16276 (OVH)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 67.202.105.21 32748 (STEADFAST)
1 104.18.11.47 13335 (CLOUDFLAR...)
1 151.101.65.108 54113 (FASTLY)
2 18.133.81.67 16509 (AMAZON-02)
1 162.19.138.118 16276 (OVH)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 51.222.80.231 16276 (OVH)
2 2 52.51.235.201 16509 (AMAZON-02)
1 98.98.134.243 21859 (ZEN-ECN)
1 64.158.223.140 41041 (VCLK-EU-SE)
1 104.18.10.47 13335 (CLOUDFLAR...)
1 35.186.193.173 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
1 173.231.181.122 32475 (SINGLEHOP...)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 164.92.213.94 14061 (DIGITALOC...)
430 133
5    64.147.131.201 (Sandy, United States)

ASN11319 (DDMINC, US)
PTR: ksl.com
www.ksl.com
news-api.ksl.com
2    65.9.66.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-24.fra56.r.cloudfront.net
nexus.ensighten.com
4    143.204.101.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-39.fra50.r.cloudfront.net
d3njgrq4uvb497.cloudfront.net
26    64.147.131.160 (Sandy, United States)

ASN11319 (DDMINC, US)
PTR: img.bonnint.net
static.ksl.com
img.ksl.com
3    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn.mouseflow.com
3    99.86.4.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-9.fra6.r.cloudfront.net
js.stripe.com
1    2600:9000:223d:8400:10:ce97:9fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
tag.durationmedia.net
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
prebidads.revcatch.com
6    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    130.211.32.235 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 235.32.211.130.bc.googleusercontent.com
static.rubyblu.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
7    52.49.52.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-52-255.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
10    2606:4700:20::681a:ce1 (United States)

ASN13335 (CLOUDFLARENET, US)
app.protectsubrev.com
pages.protectsubrev.com
4    3.216.217.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-217-223.compute-1.amazonaws.com
be.durationmedia.net
5    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
7    3.124.173.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
data.privacy.ensighten.com
5    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
10    18.66.147.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-69.fra60.r.cloudfront.net
tagan.adlightning.com
3    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
2    2600:9000:2057:ae00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
20    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
16    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.com
5    2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
deseret.technoratimedia.com
insticator.technoratimedia.com
sync.technoratimedia.com
6    2606:4700:10::6816:43d (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
13    34.249.69.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-69-20.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    172.67.14.39 (United States)

ASN13335 (CLOUDFLARENET, US)
media.twiliocdn.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
ksl-d.openx.net
insticator-d.openx.net
us-u.openx.net
u.openx.net
1    54.187.99.131 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-99-131.us-west-2.compute.amazonaws.com
m.stripe.com
10    2606:4700:4400::6812:2894 (United States)

ASN13335 (CLOUDFLARENET, US)
cookie-cdn.cookiepro.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
1    34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com
cdn.siftscience.com
15    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    64.147.130.148 (Sandy, United States)

ASN11319 (DDMINC, US)
PTR: messages-microservice.ksl.com
messages-microservice.ksl.com
5    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2600:9000:2491:2000:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
1    13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    34.102.232.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com
hexagon-analytics.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
js.sentry-cdn.com
browser.sentry-cdn.com
1    3.227.73.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-73-41.compute-1.amazonaws.com
geoip.insticator.com
1    2600:9000:2251:ae00:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
1    65.9.66.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-33.fra56.r.cloudfront.net
get.s-onetag.com
2    2606:4700:4400::6812:220a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
2    2600:9000:206f:5c00:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
auth.instiengage.com
4    3.227.181.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-181-176.compute-1.amazonaws.com
event.insticator.com
3    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
3    216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
4    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
21    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
2    2606:2800:233:f76:14f7:d635:25c4:c8d7 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
1    18.66.147.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-106.fra60.r.cloudfront.net
public.servenobid.com
1    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    69.166.1.15 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
6    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    147.75.84.158 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    52.50.75.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-75-253.eu-west-1.compute.amazonaws.com
g2.gumgum.com
1    89.207.16.146 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams03-convex-float1.dotomi.com
web.hb.ad.cpe.dotomi.com
1    34.149.20.76 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    54.227.76.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-76-181.compute-1.amazonaws.com
hb.minutemedia-prebid.com
2    18.66.112.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-41.fra56.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.89.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-74.fra50.r.cloudfront.net
signal-beacon.s-onetag.com
2    13.224.189.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-48.fra2.r.cloudfront.net
signal-segments.s-onetag.com
6    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
17    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
7    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
3    35.214.153.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com
csync.loopme.me
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
6    2a05:d018:d29:3602:f896:3671:b11a:dd53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
11    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
3    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
11    185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
1    2600:9000:223f:6800:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
2    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
1    107.22.59.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-59-202.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
7    213.19.147.45 (Castricum, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
5    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
6    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    54.235.234.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-234-56.compute-1.amazonaws.com
ssp.disqus.com
1    54.93.154.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-154-54.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
hbx.media.net
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    13.224.189.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-86.fra2.r.cloudfront.net
signal-floors.s-onetag.com
3    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
18    34.247.205.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
7    3.70.80.110 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-80-110.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    3.122.79.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-79-66.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
3    64.202.112.255 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    3.217.85.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-85-246.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    54.225.103.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-103-173.compute-1.amazonaws.com
sync.ipredictive.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    52.18.4.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-4-70.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    34.250.10.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-10-83.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    2a05:d018:cc3:fe05:e045:2f8c:2f3e:d94f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
4    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    162.19.80.91 (France)

ASN16276 (OVH, FR)
PTR: ns3011793.ip-162-19-80.eu
gu.dyntrk.com
1    124.146.215.48 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
11    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.180 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
6    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    18.203.208.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-208-238.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    23.21.155.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-155-77.compute-1.amazonaws.com
a.audrte.com
5    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
8    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    52.95.122.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    35.230.100.254 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 254.100.230.35.bc.googleusercontent.com
pixel.rubyblu.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
13    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com
www.awin1.com
2    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net
ad.doubleclick.net
2    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
1    18.132.51.149 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-51-149.eu-west-2.compute.amazonaws.com
track.webgains.com
1    18.66.147.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-52.fra60.r.cloudfront.net
analytics.webgains.io
1    99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net
cdn.track.production.webgains.team
4    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
3    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    67.202.105.21 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    18.133.81.67 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-81-67.eu-west-2.compute.amazonaws.com
api.webgains.io
1    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.60.138 (Norresundby, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh
pixel.onaudience.com
2    52.51.235.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-235-201.eu-west-1.compute.amazonaws.com
ads.avct.cloud
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    64.158.223.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-nessy-float2.dotomi.com
pubmatic-match.dotomi.com
1    104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    173.231.181.122 (Secaucus, United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    164.92.213.94 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
Apex Domain
Subdomains		 Transfer
39 googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
262 KB
35 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
ad.doubleclick.net — Cisco Umbrella Rank: 201
341 KB
32 ksl.com
www.ksl.com — Cisco Umbrella Rank: 99537
static.ksl.com — Cisco Umbrella Rank: 176683
img.ksl.com — Cisco Umbrella Rank: 155419
news-api.ksl.com — Cisco Umbrella Rank: 126210
messages-microservice.ksl.com — Cisco Umbrella Rank: 168479
923 KB
31 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 729
ads.pubmatic.com — Cisco Umbrella Rank: 725
image6.pubmatic.com — Cisco Umbrella Rank: 1037
simage2.pubmatic.com — Cisco Umbrella Rank: 976
image2.pubmatic.com — Cisco Umbrella Rank: 1377
simage4.pubmatic.com — Cisco Umbrella Rank: 1660
image4.pubmatic.com — Cisco Umbrella Rank: 1704
46 KB
22 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 677
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1452
eus.rubiconproject.com — Cisco Umbrella Rank: 798
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1475
token.rubiconproject.com — Cisco Umbrella Rank: 795
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
46 KB
22 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679
htlb.casalemedia.com — Cisco Umbrella Rank: 768
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
dsum.casalemedia.com — Cisco Umbrella Rank: 2284
20 KB
20 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2328
usersync.gumgum.com — Cisco Umbrella Rank: 2448
7 KB
15 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 23943
ad4m.at — Cisco Umbrella Rank: 9478
assets.ad4m.at — Cisco Umbrella Rank: 31150
580 KB
14 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 3698
public.servenobid.com — Cisco Umbrella Rank: 6602
9 KB
12 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
5 KB
11 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1052
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 774
3 KB
11 gstatic.com
www.gstatic.com
fonts.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn1.gstatic.com
274 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
secure.adnxs.com — Cisco Umbrella Rank: 604
acdn.adnxs.com — Cisco Umbrella Rank: 806
26 KB
10 cookiepro.com
cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 7162
180 KB
10 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2985
279 KB
10 protectsubrev.com
app.protectsubrev.com — Cisco Umbrella Rank: 82797
pages.protectsubrev.com — Cisco Umbrella Rank: 86443
58 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994
62 KB
9 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2930
www.google.com — Cisco Umbrella Rank: 16
adservice.google.com — Cisco Umbrella Rank: 130
2 KB
9 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 3612
data.privacy.ensighten.com — Cisco Umbrella Rank: 9877
76 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 427
2 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
2 KB
7 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4666
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5724
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 6329
signal-segments.s-onetag.com — Cisco Umbrella Rank: 10027
signal-floors.s-onetag.com — Cisco Umbrella Rank: 30095
22 KB
7 technoratimedia.com
deseret.technoratimedia.com — Cisco Umbrella Rank: 303575
ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 8025
insticator.technoratimedia.com — Cisco Umbrella Rank: 37334
sync.technoratimedia.com — Cisco Umbrella Rank: 2037
15 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 825
3 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2411
q.stripe.com — Cisco Umbrella Rank: 20152
m.stripe.com — Cisco Umbrella Rank: 2198
117 KB
6 openx.net
ksl-d.openx.net — Cisco Umbrella Rank: 302058
insticator-d.openx.net — Cisco Umbrella Rank: 33785
us-u.openx.net — Cisco Umbrella Rank: 707
rtb.openx.net — Cisco Umbrella Rank: 1886
u.openx.net — Cisco Umbrella Rank: 974
58 KB
6 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 14013
2 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
23 KB
6 cloudfront.net
d3njgrq4uvb497.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
274 KB
5 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3752
c1.adform.net — Cisco Umbrella Rank: 908
3 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 1341
r.turn.com — Cisco Umbrella Rank: 4617
2 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 875
3 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
ce.lijit.com — Cisco Umbrella Rank: 1417
2 KB
5 insticator.com
geoip.insticator.com — Cisco Umbrella Rank: 37714
event.insticator.com — Cisco Umbrella Rank: 29035
662 B
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 322
110 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
219 KB
5 durationmedia.net
tag.durationmedia.net — Cisco Umbrella Rank: 10208
be.durationmedia.net — Cisco Umbrella Rank: 10066
35 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3102
3 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1020
1018 B
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 744
2 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 3425
adservice.google.de — Cisco Umbrella Rank: 5261
1 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 612
2 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 15646
api.webgains.io — Cisco Umbrella Rank: 40158
32 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24171
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30620
897 B
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 987
1023 B
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1124
488 B
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1427
748 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
221 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1248
s.tribalfusion.com — Cisco Umbrella Rank: 2774
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 5438
1 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3590
972 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1965
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 958
cdn.indexww.com — Cisco Umbrella Rank: 2274
2 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 77547
static-de.ad4mat.net — Cisco Umbrella Rank: 111741
4 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1149
484 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6958
560 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 682
701 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 3200
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 277
2 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 866
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 812
645 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 813
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1009
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 5985
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1325
2 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1955
983 B
2 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1939
320 B
2 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 28294
463 B
2 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 5133
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5458
894 B
2 33across.com
ssc.33across.com — Cisco Umbrella Rank: 4454
ssc-cms.33across.com — Cisco Umbrella Rank: 1678
349 B
2 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4358
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4856
251 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1379
383 B
2 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2990
sync.go.sonobi.com — Cisco Umbrella Rank: 1456
1 KB
2 instiengage.com
auth.instiengage.com — Cisco Umbrella Rank: 29441
23 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1925
100 KB
2 sentry-cdn.com
js.sentry-cdn.com — Cisco Umbrella Rank: 6847
browser.sentry-cdn.com — Cisco Umbrella Rank: 5119
22 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
2 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2669
18 KB
2 rubyblu.com
static.rubyblu.com — Cisco Umbrella Rank: 158962
pixel.rubyblu.com — Cisco Umbrella Rank: 231507
8 KB
2 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 8088
18 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3241
555 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4995
464 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 4054
305 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1873
283 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 7413
281 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6709
369 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 985
187 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3683
382 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2062
524 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1293
398 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1060
251 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 43265
15 KB
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 21883
2 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 61533
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 53210
329 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 53598
184 B
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 15474
702 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 733
864 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1223
610 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1063
589 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 941
363 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1531
660 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1266
693 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1979
181 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 842
772 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1528
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1318
465 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 413
665 B
1 media.net
hbx.media.net — Cisco Umbrella Rank: 2144
443 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 777
363 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2228
274 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 5275
329 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2579
365 B
1 hexagon-analytics.com
hexagon-analytics.com — Cisco Umbrella Rank: 5793
297 B
1 siftscience.com
cdn.siftscience.com — Cisco Umbrella Rank: 9216
21 KB
1 twiliocdn.com
media.twiliocdn.com — Cisco Umbrella Rank: 30368
119 KB
1 revcatch.com
prebidads.revcatch.com — Cisco Umbrella Rank: 123636
7 KB
430 117
Domain Requested by
20 tpc.googlesyndication.com www.ksl.com
tagan.adlightning.com
d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
18 usersync.gumgum.com 1 redirects g2.gumgum.com
ads.pubmatic.com
17 cm.g.doubleclick.net 12 redirects g2.gumgum.com
eus.rubiconproject.com
c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
15 pagead2.googlesyndication.com www.ksl.com
tagan.adlightning.com
www.gstatic.com
tpc.googlesyndication.com
browser.sentry-cdn.com
c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
14 securepubads.g.doubleclick.net www.ksl.com
tagan.adlightning.com
browser.sentry-cdn.com
13 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
13 ads.servenobid.com www.ksl.com
public.servenobid.com
g2.gumgum.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
ads.pubmatic.com
13 img.ksl.com www.ksl.com
13 static.ksl.com www.ksl.com
static.ksl.com
11 simage2.pubmatic.com ads.pubmatic.com
10 cookie-cdn.cookiepro.com www.ksl.com
10 tagan.adlightning.com www.ksl.com
tagan.adlightning.com
d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
8 eus.rubiconproject.com ex.ingage.tech
public.servenobid.com
eus.rubiconproject.com
g2.gumgum.com
tagan.adlightning.com
7 x.bidswitch.net 7 redirects
7 match.adsrvr.org ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
eus.rubiconproject.com
browser.sentry-cdn.com
7 ssum-sec.casalemedia.com 1 redirects www.ksl.com
ssum-sec.casalemedia.com
public.servenobid.com
g2.gumgum.com
js-sec.indexww.com
7 data.privacy.ensighten.com www.ksl.com
7 match.prod.bidr.io 5 redirects www.ksl.com
ssum-sec.casalemedia.com
6 assets.ad4m.at as.ad4m.at
6 image2.pubmatic.com ads.pubmatic.com
6 ups.analytics.yahoo.com 6 redirects
6 rtb-csync.smartadserver.com 1 redirects public.servenobid.com
ssbsync.smartadserver.com
6 pr-bh.ybp.yahoo.com 3 redirects ssum-sec.casalemedia.com
6 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
eus.rubiconproject.com
6 ib.adnxs.com 3 redirects df80k0z3fi8zg.cloudfront.net
acdn.adnxs.com
6 ex.ingage.tech www.ksl.com
df80k0z3fi8zg.cloudfront.net
ssum-sec.casalemedia.com
6 app.protectsubrev.com www.ksl.com
6 www.google-analytics.com www.ksl.com
5 ad4m.at as.ad4m.at
ad4m.at
ssum-sec.casalemedia.com
5 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
5 image6.pubmatic.com 2 redirects ads.pubmatic.com
5 sync.1rx.io 5 redirects
5 ssbsync.smartadserver.com 1 redirects public.servenobid.com
c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
5 cdn.ampproject.org www.ksl.com
5 www.googletagservices.com www.ksl.com
tagan.adlightning.com
d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
5 www.google.com www.ksl.com
tagan.adlightning.com
c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
4 as.ad4m.at c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
4 c1.adform.net 3 redirects ads.pubmatic.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 sync.mathtag.com 4 redirects
4 ad.turn.com 4 redirects
4 ads.pubmatic.com www.ksl.com
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
4 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
4 www.gstatic.com d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
4 pages.protectsubrev.com www.ksl.com
4 be.durationmedia.net www.ksl.com
4 d3njgrq4uvb497.cloudfront.net www.ksl.com
d3njgrq4uvb497.cloudfront.net
4 www.ksl.com 2 redirects www.ksl.com
3 id5-sync.com browser.sentry-cdn.com
3 simage4.pubmatic.com ads.pubmatic.com
3 token.rubiconproject.com 3 redirects
3 sync.outbrain.com 3 redirects
3 secure.adnxs.com 3 redirects
3 onetag-sys.com 1 redirects public.servenobid.com
c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
3 secure-assets.rubiconproject.com 3 redirects
3 csync.loopme.me 3 redirects
3 ap.lijit.com www.ksl.com
df80k0z3fi8zg.cloudfront.net
public.servenobid.com
3 encrypted-tbn2.gstatic.com d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
3 q.stripe.com www.ksl.com
3 js.stripe.com www.ksl.com
js.stripe.com
3 www.googletagmanager.com www.ksl.com
2 ads.avct.cloud 2 redirects
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 api.webgains.io analytics.webgains.io
2 ad.doubleclick.net 2 redirects
2 c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com tagan.adlightning.com
2 aax-eu.amazon-adsystem.com eus.rubiconproject.com
ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 pixel-us-east.rubiconproject.com eus.rubiconproject.com
2 creativecdn.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 bh.contextweb.com 2 redirects
2 ad.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 us-u.openx.net 2 redirects
2 ads.creative-serving.com 2 redirects
2 p.rfihub.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 ce.lijit.com 2 redirects
2 sync.adkernel.com public.servenobid.com
g2.gumgum.com
2 euexchangesync.digitaleast.mobi 2 redirects
2 signal-segments.s-onetag.com tagan.adlightning.com
2 onetag-geo.s-onetag.com tagan.adlightning.com
www.ksl.com
2 g2.gumgum.com df80k0z3fi8zg.cloudfront.net
public.servenobid.com
2 prebid.a-mo.net 1 redirects df80k0z3fi8zg.cloudfront.net
2 insticator.technoratimedia.com df80k0z3fi8zg.cloudfront.net
2 ad-cdn.technoratimedia.com www.ksl.com
tagan.adlightning.com
2 encrypted-tbn1.gstatic.com d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
2 auth.instiengage.com tagan.adlightning.com
auth.instiengage.com
2 cdn.confiant-integrations.net tagan.adlightning.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.ksl.com
d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
2 d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com www.ksl.com
2 adservice.google.com www.ksl.com
tagan.adlightning.com
2 adservice.google.de www.ksl.com
tagan.adlightning.com
2 deseret.technoratimedia.com www.ksl.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.google.de www.ksl.com
2 stats.g.doubleclick.net www.ksl.com
2 region1.analytics.google.com www.ksl.com
2 cdn.mouseflow.com 1 redirects www.ksl.com
2 nexus.ensighten.com www.ksl.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 pubmatic-match.dotomi.com
1 pixel-sync.sitescout.com
1 image4.pubmatic.com
1 mwzeom.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 lb.eu-1-id5-sync.com browser.sentry-cdn.com
1 acdn.adnxs.com tagan.adlightning.com
1 js-sec.indexww.com tagan.adlightning.com
1 ssc-cms.33across.com tagan.adlightning.com
1 u.openx.net tagan.adlightning.com
1 api.rlcdn.com browser.sentry-cdn.com
1 cdn.track.production.webgains.team as.ad4m.at
1 analytics.webgains.io track.webgains.com
1 track.webgains.com as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 www.awin1.com as.ad4m.at
1 static-de.ad4mat.net as.ad4m.at
1 rtb.openx.net c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
1 r.turn.com c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
1 prod-rtb.ad4mat.net tagan.adlightning.com
1 pixel.rubyblu.com www.ksl.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 cs.admanmedia.com 1 redirects
1 tg.socdm.com 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 c.bing.com g2.gumgum.com
1 browser.sentry-cdn.com tagan.adlightning.com
1 signal-floors.s-onetag.com tagan.adlightning.com
1 hbx.media.net 1 redirects
1 match.sharethrough.com public.servenobid.com
1 ssp.disqus.com 1 redirects
1 sync.go.sonobi.com public.servenobid.com
1 cs-server-s2s.yellowblue.io public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 dmp.brand-display.com 1 redirects
1 signal-beacon.s-onetag.com www.ksl.com
1 hb.minutemedia-prebid.com df80k0z3fi8zg.cloudfront.net
1 ssc.33across.com df80k0z3fi8zg.cloudfront.net
1 web.hb.ad.cpe.dotomi.com df80k0z3fi8zg.cloudfront.net
1 apex.go.sonobi.com df80k0z3fi8zg.cloudfront.net
1 fastlane.rubiconproject.com df80k0z3fi8zg.cloudfront.net
1 htlb.casalemedia.com df80k0z3fi8zg.cloudfront.net
1 insticator-d.openx.net df80k0z3fi8zg.cloudfront.net
1 public.servenobid.com www.ksl.com
1 get.s-onetag.com tagan.adlightning.com
1 df80k0z3fi8zg.cloudfront.net tagan.adlightning.com
1 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 js.sentry-cdn.com tagan.adlightning.com
1 hexagon-analytics.com
1 c.amazon-adsystem.com www.ksl.com
1 d3lcz8vpax4lo2.cloudfront.net tagan.adlightning.com
1 messages-microservice.ksl.com www.ksl.com
1 cdn.siftscience.com www.ksl.com
1 m.stripe.com m.stripe.network
1 ksl-d.openx.net www.ksl.com
1 news-api.ksl.com www.ksl.com
1 media.twiliocdn.com www.ksl.com
1 hbopenbid.pubmatic.com www.ksl.com
1 static.rubyblu.com www.ksl.com
1 prebidads.revcatch.com www.ksl.com
1 tag.durationmedia.net www.ksl.com
430 190
Subject Issuer Validity Valid
*.ksl.com
Go Daddy Secure Certificate Authority - G2		 2022-06-07 -
2023-06-17		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
nexus.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-07 -
2023-10-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-04-20 -
2023-08-05		 4 months crt.sh
*.durationmedia.net
Amazon RSA 2048 M01		 2023-02-23 -
2023-10-14		 8 months crt.sh
*.revcatch.com
GTS CA 1P5		 2023-03-30 -
2023-06-28		 3 months crt.sh
ads.rubyblu.com
GTS CA 1D4		 2023-03-24 -
2023-06-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-29 -
2023-09-29		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.privacy.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-03 -
2024-02-16		 a year crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-07-07		 4 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-14 -
2023-06-13		 4 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2022-07-13 -
2023-08-11		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M02		 2023-02-09 -
2023-06-27		 5 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-28 -
2023-07-26		 4 months crt.sh
cookiepro.com
Cloudflare Inc ECC CA-3		 2023-03-20 -
2024-03-19		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.siftscience.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-10 -
2024-02-10		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.hexagon-analytics.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-12-01		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2022-07-27 -
2023-08-26		 a year crt.sh
*.s-onetag.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-02		 10 months crt.sh
*.confiant-integrations.net
GTS CA 1P5		 2023-03-27 -
2023-06-25		 3 months crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2022-05-24 -
2023-05-24		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.a-mo.net
R3		 2023-04-13 -
2023-07-12		 3 months crt.sh
gumgum.com
Amazon RSA 2048 M01		 2023-02-14 -
2023-10-05		 8 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-03-08 -
2023-06-06		 3 months crt.sh
hb.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-02-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-06-29		 4 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon RSA 2048 M01		 2023-03-24 -
2024-04-21		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
www.rubyblu.com
R3		 2023-03-08 -
2023-06-06		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-04-09 -
2023-07-08		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-07-13		 5 months crt.sh
*.webgains.io
Amazon RSA 2048 M02		 2023-03-02 -
2023-09-21		 7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-02-09 -
2024-01-26		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-03-01 -
2023-05-30		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh

This page contains 73 frames:

Primary Page: https://www.ksl.com/
Frame ID: 240FF0B352C18CFBD7D57DD817AD48F6
Requests: 116 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 2CE079D72E541B2D3B3D97F2EDD32669
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 5E5170F59C625E09704E996A1527C110
Requests: 4 HTTP requests in this frame

Frame: https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5E749D1494A7BC25FF1A9D159EE584F6
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Frame ID: 02C06AF89C9CE3C5A8296DC83CA58632
Requests: 9 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Frame ID: 1DF395F8512625F9E4C40BD87459E6E5
Requests: 47 HTTP requests in this frame

Frame: https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DC837832BF02E8ED3B14511BD5278F50
Requests: 24 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Frame ID: D1C5D838E8E5EBD80522FB0F5D7B00FF
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 355E2431B48C403A649D785A5775B9B8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 35AC327981F32D3460B8D0C26A050D29
Requests: 2 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 5691330EE7F85886DB8F15D7555C6102
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Frame ID: 10D637DF76E1B0F79C9AE4152A525CAC
Requests: 12 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2Ffef6be29-7321-4159-8834-adf975779342%3Fuid%3D%24UID
Frame ID: FB93D5E953F1BDA52A767EE9ABE235E1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Frame ID: 40D02EDDF701D8D3B30079CA9D00A2C8
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ffef6be29-7321-4159-8834-adf975779342%3Fuid%3D&s=192379&C=1
Frame ID: 0E3A7ACB10D33B7C8181760A68EFA67C
Requests: 10 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.24.0
Frame ID: 9F6BE91BAA800DF9FDAD60FF3E3BF06C
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 5C452C5C17F96F7B8CDE9DF4405EAFE0
Requests: 13 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 7577EEEB6B390F06A42A4AD7A0D7E718
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 8F14C054D84FE03787CBA568F91F40D8
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: F3C0245D5033B6056A9D29347F87DCC4
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 62AE630C6E32DA95FB9DB1F784C445EF
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 634A4140C050BFA62272373916EFC860
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: F6167CB856E62AF153140F64206B3CB9
Requests: 11 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 65AC36212EC034E143B152892535AC77
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 61598B88446C10FA907A15BB0F7FFA29
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: A6AFB3E1FAB0A9FA58A0C499F6F47696
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Frame ID: 2FD2E89326B0D22194F7ADAA9796DD83
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=6ff46448-880c-4400-99c9-7106f6ec4a31&gdpr=0&gdpr_consent=
Frame ID: FCE9EFDC5F1E3A2505D38B11F713EC3C
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 831FE6BA2D01B46637AA72BEE6595109
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZEiIDAAFfoTJQgAn&gdpr=0&gdpr_consent=&_test=ZEiIDAAFfoTJQgAn
Frame ID: 9330E7FB4AC085292ACBF37AD7EC186C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82ZTVkNWQ3NS03ZWM4LTQyZGItOTIxNi0xNTgwYWJmZTI1NDQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 31B4791A61776C46A6AC87E113FEEB5E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 8F69DAE5D5763B8E6B8B6697002D2B59
Requests: 6 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: C872F90A743DD57D75E7102B349AC005
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZEiIDcCo8YUAADraGJoAAAAA
Frame ID: 7EB1E407B4E45156F31D53F037C376A5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=b41812a1-ccc0-4681-9726-fd796b7c4ccb
Frame ID: 0485603A80EA2D2D05AB9A6A90DEA3F7
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 7EA579BE6CDE7D18F27EE5577482FAAD
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=nlyYhfBJOnxSCBAqu0wi&pi=gumgum&tc=1
Frame ID: 1A7C801BBF0BCD71C591A1932ED4C640
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 80512C68D10E3494D575CC128C9E884E
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6ff46448-880c-4400-99c9-7106f6ec4a31&gdpr=0&gdpr_consent=
Frame ID: 0379A638E6403AC09099C04376CBD13D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=834358739037025458
Frame ID: CC1A8B0A4F5DEAF34F73C85E98DA3190
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 71E20CEE2AA08F1B61731EF8A0BB394F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525369979545
Frame ID: DE25652A9118525C418D582C4A117746
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kwtNP50HSWSIBk1mxAZUY8ReTTKIXEk1klkjrblQ
Frame ID: 15C93D4497591202F00048485D2ED6F0
Requests: 1 HTTP requests in this frame

Frame: https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3329523A75945F4C72498068AB56AC7A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F973ABFE1779B39D9EEA37870AA30A4B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8ED521B6EF6C4EAF84544B9375880A9E
Requests: 2 HTTP requests in this frame

Frame: https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A1E8CA94A5D372D4A329135F269E5747
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jq1ybqxqqbgvzk9k7sn8e3jav44ttb13pg76f71yh44dpd232qe1wfpps13wttzv0rgcgnwcx99rgjvamgbzn7nfsjw5wk45srfjydxfasew9kh9z5y1b77yytede6tkqd7a5wf45mcg3sy2yjh8rwhj7h02zskxsypwp346bdqsrn2s3qah9dqvwfawx5hw4vq9eya5svwb8v4p8xnx00vckdhkn41c5v50f0vx790rzb4dkbj98x2ycydyj7jp1fe75ajmmbnq23dmpe1sahbpcz9zb2pvcdes54x4k0rdsz6mhf4wtwr1k3qf615t9tc88ehmqb2jzwr6j4fegh4wd5y9212a9nfscsy3nrszn1gx3zjgvfvsf5r3psk6yysdz4063s058764ch1mt6cka5nqkfgwsx74wvafqzcnt8abqy00avkcyhw3j6k6wnpdsvy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%26client%3Dca-pub-2697679518515886%26adurl%3D
Frame ID: 93561082146A463B8945AEB70E66B38F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FC8A238C9D763223DA30DAA889BDFF22
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 2FEC466750C43A55A48B36152CA6BCCD
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=3b9a464432c568e2fa211b3db6b3d172%2F8136189430209663707&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682475022233&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq3mbe2jv5tm1p60dpqnxbn3gxaexpmsnttx2q1yr5tsvdv94m7c6d1jsnn8238yjxpazszfdegqvek2gckam0223mar5j4egwgdbk6dr2gs4n14vdmefnd72hz6t4hk87y8rhzzj5svpc2rx47rfwhzvjg34s4dmbvwmvccr6anj6jjcp6zam86kkyjh08ep4p53hgmms2428y393rpnsvmbqvy4ry6pwpepmvg9q0mhbxzprqjthaw2wccqseh18b1ahns7ngcny3zyhq872y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Frame ID: F01FF1150E6E029F482D2C46859426D7
Requests: 14 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: A757770980BB6C60FCA4664F417E04E9
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.25.0
Frame ID: C7120C7819184C77CF9BD33FE91F039E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: BF555314F69DAD405D2731EE9B0669FD
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ayecLO80ur6ik0aKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Frame ID: A9022E3F1C252E9D5DD86546C0530A8B
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7C70D4EC11513D56ACA076323A989343
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7151D1DEC9DF94F10E78431BF4F331C6
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=496EB1C1-3E9D-476E-AAED-C0EE0827A43A&gdpr=0&gdpr_consent=
Frame ID: 3F6ED3063FED6E8352CF62E07DE0E28C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=496EB1C1-3E9D-476E-AAED-C0EE0827A43A&redir=true&gdpr=0&gdpr_consent=
Frame ID: 5049F5428069C558776A71FBC610ED1D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4734284114297359280&gdpr=0&gdpr_consent=
Frame ID: CDF7F764F5F277A2F1BDC69153A0CCA8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7226175200131283083&gdpr=0&gdpr_consent=
Frame ID: C9844C48183EA465783AD45A23BB6DD8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T7kSB8M1W-JsuEZBzvt6Z5JGdWw&gdpr=0&gdpr_consent=
Frame ID: E94B6225C096308645D3E50DF40F0953
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGdOU7IkRAAACB7N06IYQ&gdpr=0&gdpr_consent=
Frame ID: 2CF10946D9F573516BDFD7126C9EA8F9
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=496EB1C1-3E9D-476E-AAED-C0EE0827A43A
Frame ID: 568EB65489DB0ABB7D5DBD4D0FAE266A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A5DE9FC6001CFB330312C47893A7A9B7
Requests: 10 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: C410B6CCF5CDD67727A49CE06CEEE439
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 2C637D75C0D67556719412B40B61EA86
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: C1F9DD564929EBE8F3326AF08F83094E
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 896AFC93BCF49C812A9D6389FEC92CA9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: A0BC9A6996523E3DDCACC66B53F0DB56
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 9F24F394D2DF9333DE2DC3E79168BB91
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=oOrhioAtM&gdpr=0&gdpr_consent=
Frame ID: 700DC657A88EBE9B15E754199746663C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=496EB1C1-3E9D-476E-AAED-C0EE0827A43A
Frame ID: 68A5AF3E6D9D0CEEB478CA233C0ECCF2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Utah News, Sports, Weather, Cars and Classifieds | KSL NewsKSL homepageKSL homepageMessages (0)account - logged outSupportKSL homepageKSL homepageclose sub menucheck marksearchMessages (0)account - logged outSupportBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://www.ksl.com/ HTTP 301
    https://www.ksl.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com
Overall confidence: 100%
Detected patterns
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • cdn\.sift(?:science)?\.com/s\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Page Statistics

430
Requests

84 %
HTTPS

26 %
IPv6

117
Domains

190
Subdomains

133
IPs

13
Countries

4689 kB
Transfer

12116 kB
Size

168
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.ksl.com/ HTTP 301
    https://www.ksl.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.ksl.com/ensighten_news HTTP 307
  • https://nexus.ensighten.com/deseretdigital/ksl-com/Bootstrap.js
Request Chain 21
  • https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5.js HTTP 301
  • https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5_eu.js
Request Chain 34
  • https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.bxm2znbxj6xq HTTP 303
  • https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.bxm2znbxj6xq&_bee_ppp=1
Request Chain 181
  • https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ffef6be29-7321-4159-8834-adf975779342%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ffef6be29-7321-4159-8834-adf975779342%3Fuid%3D&s=192379&C=1
Request Chain 205
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 206
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZEiIC9W5qezaTQnR9NkcIgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECNmHDn4Cfa9ZyMzub8mK3E&google_cver=1
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBuKE94ZQJoRyHJZ2_TbyjU&google_cver=1
Request Chain 209
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=b09d67cd-ff0c-4286-9747-48b9794a0b30
Request Chain 210
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f1dfd24f-a625-46cd-a9b9-66a6eee31e81&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 211
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=7525a75c-2a48-e6f2-f57102bc
Request Chain 215
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator HTTP 301
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Request Chain 220
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 225
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=4734284114297359280
Request Chain 226
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=GivirRZHvbncHQ_qRZ-XCKVp
Request Chain 228
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1682475020130 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4560949642 HTTP 302
  • https://sync.1rx.io/usersync/turn/2845974363401906573?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1ff4c96a-4c61-4886-8d6e-0d14b2e4c048-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-1ff4c96a-4c61-4886-8d6e-0d14b2e4c048-003 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-1ff4c96a-4c61-4886-8d6e-0d14b2e4c048-003
Request Chain 229
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5133329525369979545
Request Chain 231
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=85c6db8b-489e-448c-a82a-1f9a1a00002b&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 232
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-psEBYTJE2uFbtpF0BNyfbS3eS8otRms3L4hdXDA-~A
Request Chain 233
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-b36e9e86-f833-36d3-bbda-a201ad2db16b
Request Chain 234
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-psEBYTJE2uFbtpF0BNyfbS3eS8otRms3L4hdXDA-~A
Request Chain 236
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 242
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4734284114297359280
Request Chain 243
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_6e5d5d75-7ec8-42db-9216-1580abfe2544&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_6e5d5d75-7ec8-42db-9216-1580abfe2544&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=f3f8b426-da8f-449a-a387-184654c7eb32&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=f3f8b426-da8f-449a-a387-184654c7eb32&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=01096a83-8029-4d57-8ada-7103df63d524&ssp=gumgum2&expires=30&user_group=5&bsw_param=f3f8b426-da8f-449a-a387-184654c7eb32 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=f3f8b426-da8f-449a-a387-184654c7eb32&gdpr=&gdpr_consent=&us_privacy=
Request Chain 244
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28phDegcEzEphxVUCLDGnIwbfUro0EOUNJ9QfMnwthKN9Hv2O5xjD0Sn4YBaTlzhXR%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28phDegcEzEphxVUCLDGnIwbfUro0EOUNJ9QfMnwthKN9Hv2O5xjD0Sn4YBaTlzhXR%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_6e5d5d75-7ec8-42db-9216-1580abfe2544&obuid=ENC(phDegcEzEphxVUCLDGnIwbfUro0EOUNJ9QfMnwthKN9Hv2O5xjD0Sn4YBaTlzhXR) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
Request Chain 245
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=459dc5af-d4fa-4021-9e39-234318be7436
Request Chain 246
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4fb91207-c335-5be2-6cb8-4641cefb7a67$ip$146.70.117.108
Request Chain 247
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-cGffmntE2pfbpAp01._hoz4qNm4Ff4vQomdV~A
Request Chain 248
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=800bb875-75f2-48ce-827f-20047d786b90
Request Chain 249
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 251
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_6e5d5d75-7ec8-42db-9216-1580abfe2544&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=zNxvqFBvHP47G0RQjmor&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26SOPB3HCRSCOZEFANBXI4YFEULKNVXXEJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26SOPB3HCRSCOZEFANBXI4YFEULKNVXXEJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=zNxvqFBvHP47G0RQjmor&us_privacy=1---
Request Chain 252
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=c00dc7df-0bf8-4f34-8a23-fbd14cfa7c1b
Request Chain 253
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=F3rp569j2QVD&ev=1&pid=558355
Request Chain 254
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=5840567035177493182
Request Chain 256
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBuKE94ZQJoRyHJZ2_TbyjU&google_cver=1
Request Chain 259
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZEiIC9W5qezaTQnR9NkcIgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECNmHDn4Cfa9ZyMzub8mK3E&google_cver=1
Request Chain 260
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZEiIC9W5qezaTQnR9NkcIgAA%263257?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZEiIC9W5qezaTQnR9NkcIgAA%263257
Request Chain 261
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=85905fe5-e3b3-4d96-8100-ce45edbbcff2
Request Chain 262
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB
Request Chain 269
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=6ff46448-880c-4400-99c9-7106f6ec4a31&gdpr=0&gdpr_consent=
Request Chain 271
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZEiIDAAFfoTJQgAn HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZEiIDAAFfoTJQgAn&gdpr=0&gdpr_consent=&_test=ZEiIDAAFfoTJQgAn
Request Chain 280
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=03010005_6448880c72218&knw= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03010005_6448880c72218&gdpr=0&gdpr_consent=
Request Chain 281
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5446679875 HTTP 302
  • https://sync.1rx.io/usersync/turn/2773916769363978637?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1ff4c96a-4c61-4886-8d6e-0d14b2e4c048-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-1ff4c96a-4c61-4886-8d6e-0d14b2e4c048-003 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-1ff4c96a-4c61-4886-8d6e-0d14b2e4c048-003
Request Chain 282
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=f1dfd24f-a625-46cd-a9b9-66a6eee31e81&gdpr_consent=null&gdpr=0
Request Chain 283
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=smartadserver&ssp_user_id=f3f8b426-da8f-449a-a387-184654c7eb32&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-q57xU1xE2pkGylTjDLf6UGqkgpJBqCTEI4oOSA--~A&expires=5&ssp=smartadserver HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=f3f8b426-da8f-449a-a387-184654c7eb32&gdpr=&gdpr_consent=
Request Chain 286
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZEiIDcCo8YUAADraGJoAAAAA
Request Chain 287
  • https://cs.admanmedia.com/sync/gumgum?puid=e_6e5d5d75-7ec8-42db-9216-1580abfe2544&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=b41812a1-ccc0-4681-9726-fd796b7c4ccb
Request Chain 289
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=nlyYhfBJOnxSCBAqu0wi&pi=gumgum&tc=1
Request Chain 290
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 294
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6ff46448-880c-4400-99c9-7106f6ec4a31&gdpr=0&gdpr_consent=
Request Chain 295
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=834358739037025458
Request Chain 297
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525369979545
Request Chain 298
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kwtNP50HSWSIBk1mxAZUY8ReTTKIXEk1klkjrblQ
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SW6xwT6dR26q7cDuCCekOg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 301
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=178940815 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=496EB1C1-3E9D-476E-AAED-C0EE0827A43A
Request Chain 302
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=496EB1C1-3E9D-476E-AAED-C0EE0827A43A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MWc1dVB6SmVXM0pSRGlmMFZXMnE5LUl1Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6716428918140250547&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 303
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDk2RUIxQzEtM0U5RC00NzZFLUFBRUQtQzBFRTA4MjdBNDNB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 304
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBzrM82dpsAJ7fWJBcbW-oc&google_cver=1
Request Chain 306
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6716428918140250547
Request Chain 309
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/m9K_i1jid-UqRf1bPjL3wsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-r1cZLBJE2oLnI7NmoLql84fn3LFZhOUBKsXiNg--~A
Request Chain 310
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmNkZjA5YjE0YzdkNmE4M2ZlMGY2MjZlN2VjMmI3Y2VkNDg2Y2E2MA
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMAkQ7ugRIIv3a3wZghOfCI&google_cver=1
Request Chain 314
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGX26PVW-1D-AQ61
Request Chain 316
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=JVD2FSmWQ4GzIPru7nt0Ug&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=JVD2FSmWQ4GzIPru7nt0Ug
Request Chain 349
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEH2H-K0nH612T3D7_7W104E&google_cver=1&google_push=ATf1kGMdu_XRvpsgV6Cq-C-iUniMMMRhrITkHmxAZTOCZYN6rxQP3KqP-B8_GvVVyXfMgFXvu8zXNU_KhOfaSSjP-yn6HJNl_DTw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc3MzkxNjc2OTM2Mzk3ODYzNw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH2H-K0nH612T3D7_7W104E&google_cver=1
Request Chain 350
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEIku5G5X2V2gsxOVwHcWad0&google_cver=1&google_push=ATf1kGNOUAz0DNQSivi92Cl-ya45dspD5wcX27Txuan21D2bjBvJSXShq2EWul86kiSuxn1M8T7gK8zXjDs-83rL3k7yufDzOC4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=b_RkSIgMRACZyXEG9uxKMQ&google_push=ATf1kGNOUAz0DNQSivi92Cl-ya45dspD5wcX27Txuan21D2bjBvJSXShq2EWul86kiSuxn1M8T7gK8zXjDs-83rL3k7yufDzOC4
Request Chain 352
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEp6IlXDJhwmhq9CO-mz5UI&google_cver=1&google_push=ATf1kGMiB85r3hJ8qTnlJpyC7jKuCnpP1HcIAe0whkfnDo1ji3pE6nbYiAVung5Sc9xV3HySworiQMlH_ELserNTjjlj39c0nlGE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SW6xwT6dR26q7cDuCCekOg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMiB85r3hJ8qTnlJpyC7jKuCnpP1HcIAe0whkfnDo1ji3pE6nbYiAVung5Sc9xV3HySworiQMlH_ELserNTjjlj39c0nlGE
Request Chain 353
  • https://dsum-sec.casalemedia.com/cma?google_gid=CAESEBuKE94ZQJoRyHJZ2_TbyjU&google_cver=1&google_push=ATf1kGN9T459izzmfRMOjkfrAWPPbNkoHYOqbFhzzvpNkbHfZcOIVNy7BxWOT2MT0ZrBDDB5FxHM274caF8IsxDgD3391cnpcOLt HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Request Chain 355
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEII6gAcywv4jjx2fc6Tt5BU&google_cver=1&google_push=ATf1kGOxkZgcT8p3I1HFpvTH7I2uUslXP3scjL0a6Sl571i21lphVWOps_nEo8nwhjD9zpq1jHQa9dQExsTynlMkBbSycEdS1GNwvg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOxkZgcT8p3I1HFpvTH7I2uUslXP3scjL0a6Sl571i21lphVWOps_nEo8nwhjD9zpq1jHQa9dQExsTynlMkBbSycEdS1GNwvg HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 370
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMWvvPC7xv4CFY6W_Qcd3ggOTw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023042604102284316499929X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023042604102284316499929X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
Request Chain 395
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4734284114297359280&gdpr=0&gdpr_consent=
Request Chain 396
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7226175200131283083&gdpr=0&gdpr_consent=
Request Chain 397
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T7kSB8M1W-JsuEZBzvt6Z5JGdWw&gdpr=0&gdpr_consent=
Request Chain 398
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHZE9VN0lrUkFBQUNCN04wNklZUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGdOU7IkRAAACB7N06IYQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAGdOU7IkRAAACB7N06IYQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGdOU7IkRAAACB7N06IYQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5840567035177493182&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGdOU7IkRAAACB7N06IYQ&gdpr=0&gdpr_consent=
Request Chain 401
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=496EB1C1-3E9D-476E-AAED-C0EE0827A43A&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=496EB1C1-3E9D-476E-AAED-C0EE0827A43A&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 402
  • https://pixel.onaudience.com/?partner=214&mapped=496EB1C1-3E9D-476E-AAED-C0EE0827A43A&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c4eced2fb2bb3330/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 403
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=496EB1C1-3E9D-476E-AAED-C0EE0827A43A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-SgR2JYpE2uX0cxRkzsdnyCODrr.YpzA-~A&gdpr=0
Request Chain 405
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=ca89b59c-ad9f-4f42-9f9d-17b75509a161&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f3f8b426-da8f-449a-a387-184654c7eb32&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 412
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4734284114297359280
Request Chain 413
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZEiIDAAFfoTJQgAn
Request Chain 414
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6ff46448-880c-4400-99c9-7106f6ec4a31
Request Chain 417
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4734284114297359280
Request Chain 419
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6716428918140250547&expiration=1683684623
Request Chain 425
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 427
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 429
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=oOrhioAtM&gdpr=0&gdpr_consent=
Request Chain 431
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2773916769363978637&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 432
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4734284114297359280
Request Chain 433
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f00dcedf-d5a8-4232-87c0-ce40962269dd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

430 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ksl.com/
Redirect Chain
  • http://www.ksl.com/
  • https://www.ksl.com/
168 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ksl.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.201 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
ksl.com
Software
Apache /
Resource Hash
60e384e3d355a4dc81603132dd733800f17de974229c9d5755d3117ca2caa93b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, must-revalidate, private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 26 Apr 2023 02:10:14 GMT
Expires
Wed, 26 Apr 2023 02:10:14 GMT
Keep-Alive
timeout=1, max=100
Server
Apache
Strict-Transport-Security
max-age=2592000;
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
X-Server
b02

Redirect headers

Connection
Keep-Alive
Content-Length
0
Location
https://www.ksl.com/
Server
BigIP
Bootstrap.js
nexus.ensighten.com/deseretdigital/ksl-com/
Redirect Chain
  • https://www.ksl.com/ensighten_news
  • https://nexus.ensighten.com/deseretdigital/ksl-com/Bootstrap.js
398 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/deseretdigital/ksl-com/Bootstrap.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Server
65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-24.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
2c49a101969df6c5a1f16910f1321e4485531589fa5b5df567dad4d6d5498c3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:22:43 GMT
x-amz-version-id
iSLNKxtKAwNFBBRs64h9QP1J59RthHqi
content-encoding
br
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
128853
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 24 Apr 2023 14:22:26 GMT
server
CloudFront
etag
W/"f40e9b0027a125eb6fa2945b8ca17b9b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
2arM-Z10q-byCNg0vJwB3S5GrPxKakSWTS-tDGtnktmEQCMEEemTwg==

Redirect headers

Date
Wed, 26 Apr 2023 02:10:14 GMT
Strict-Transport-Security
max-age=2592000;
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Location
https://nexus.ensighten.com/deseretdigital/ksl-com/Bootstrap.js
Cache-Control
max-age=300
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
273
Expires
Wed, 26 Apr 2023 02:15:14 GMT
styles--ksl-f959.css
d3njgrq4uvb497.cloudfront.net/ 		82 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/styles--ksl-f959.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-39.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7c4de52590b8796a00be1ad80242a15875d929508aaa6d211236ea8741a0ae1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 00:02:43 GMT
content-encoding
gzip
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 16:51:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
2599651
etag
W/"20a405a2cb52c595720ba4a63fb49d83"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-id
jYhSI1-0KAyC8YJe_T3c0JRXsEDYxBV7EQLBTC84H-rIuGxxnJYAZQ==
ksl-header.css
static.ksl.com/ksl-responsive-header/ 		62 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/ksl-responsive-header/ksl-header.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
02eb04d67c2aa1fc80a323c7aa6d9a0ffebaf83c9bb6effeb3b57b9ce2669b7f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:10:21 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
3593
x-cache
img02 Hit from varnish
content-length
7087
last-modified
Tue, 14 Mar 2023 15:04:33 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-varnish
327931241 326242073
cache-control
s-maxage=3600, max-age=3600
x-server
v20
accept-ranges
bytes
expires
Wed, 26 Apr 2023 01:15:21 GMT
29266280.jpeg
img.ksl.com/slc/2926/292662/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2926/292662/29266280.jpeg?filter=kslv2/responsive_story_lg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
68f3e36ddb7827da173cedd0e1c166bd6e2782b4aa7c2168b5ea05b8b7ca756f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 23:43:27 GMT
x-amz-version-id
uGSiIrsCfb18UZVxWCR2IgCIfMwfvk0y
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
TQAXJA76WJJN8MG3
age
8808
x-amz-server-side-encryption
AES256
x-cache
img02 Hit from varnish
x-amz-replication-status
PENDING
content-length
69452
x-amz-id-2
RkkE6LBLGFH1KquhnUOTe6Q27Zs7AM7uRe45tx5C0RWpJsTBVu3H9gu2+56PJcyti3ru81dZoYI=
last-modified
Tue, 25 Apr 2023 23:43:26 GMT
server
AmazonS3
etag
"ac0f55d97045614fd24bf26b2950f6aa"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
174171112 167147666, 330925108 319736355
cache-control
max-age=604800
accept-ranges
bytes
29265920.jpeg
img.ksl.com/slc/2926/292659/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2926/292659/29265920.jpeg?filter=kslv2/responsive_toppicks
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
07656a2adff8d382f921e38d596120cdf3f4255ee5eab320421cbf4fe389b470

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 19:57:14 GMT
x-amz-version-id
hZeWDm.TEy.TYDEmCtAGVBVqj_sc8fnJ
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
KMAANHC4GWNA5TB4
age
22382
x-amz-server-side-encryption
AES256
x-cache
img02 Hit from varnish
x-amz-replication-status
PENDING
content-length
18125
x-amz-id-2
jSYWV1BO3dezCay+1YlQMKWqoZNmCJnNBgNB589NVI6vvJ/SHmJQgE5ury4vDiN21uIqMjjxMJk=
last-modified
Tue, 25 Apr 2023 19:57:09 GMT
server
AmazonS3
etag
"5d8a97fb0d79d664dfe953a8b747903f"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
558553350, 327185022 287029410
cache-control
max-age=604800
accept-ranges
bytes
29265747.jpeg
img.ksl.com/slc/2926/292657/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2926/292657/29265747.jpeg?filter=kslv2/responsive_toppicks
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
96ef25e49f08e1b85f724d7d792b0186c58e78f25ee4a5451f3aefc7ffb4ddea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 23:03:55 GMT
x-amz-version-id
TqmD0sGNqJUh9cClWa7q4DFHGn_U58kq
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
N5VDTY20Q6XV468X
age
11181
x-amz-server-side-encryption
AES256
x-cache
img01 Hit from varnish
x-amz-replication-status
PENDING
content-length
18355
x-amz-id-2
dFkT04G1PvvGTkzQ+//dulmxTM+G9EdYJh36rrt2qCZdKJggzb7VEa+XzfWLlbXGgB1+WqxzwTw=
last-modified
Tue, 25 Apr 2023 23:03:54 GMT
server
AmazonS3
etag
"201f4d6fe99b2c6308e411967ed5fe1a"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
564291878, 341390062 326111187
cache-control
max-age=604800
accept-ranges
bytes
29265718.jpeg
img.ksl.com/slc/2926/292657/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2926/292657/29265718.jpeg?filter=kslv2/responsive_toppicks
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
3765c2dfc7d63a4c31891a3a38f7c1f4d0d9bd0c9bcd7c9c17fdbe3e496af4de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 21:31:51 GMT
x-amz-version-id
dz48sGN51jQzzzhTF9_f_Wg8huAfGCMD
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
DW8RQSW728G2R7GA
age
16704
x-amz-server-side-encryption
AES256
x-cache
img01 Hit from varnish
x-amz-replication-status
PENDING
content-length
24470
x-amz-id-2
1oJD4yOodWMiB0v3o106t0lTdXSkmI8J/W7d+5vnbmihwfnNPrCf/1tB+v58MlxmyJJOO8HmFfc=
last-modified
Tue, 25 Apr 2023 21:31:51 GMT
server
AmazonS3
etag
"02149f15b6a18b1b68f4b2f4b02fa600"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
171369381, 339469339 307041174
cache-control
max-age=604800
accept-ranges
bytes
29238334.png
img.ksl.com/slc/2923/292383/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2923/292383/29238334.png
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
34afbbddb63363c4a20897ab7d2586df8db2e817c0c1218c54e99de841f0526b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 15:06:10 GMT
x-amz-version-id
dJuYWSp43FLq.ZWYgD4An5cIK.0HjGeO
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
3G27KW32WN0WZX6J
age
1595045
x-amz-server-side-encryption
AES256
x-cache
img02 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
14981
x-amz-id-2
1mJgdZMeIJhQLr6folH/6fD8tGa8LZ+rrPv4068lxlgvWYBj6OskluzEKbYEY1ZkBBf9N5ZqW3Y=
last-modified
Thu, 06 Apr 2023 22:52:07 GMT
server
AmazonS3
etag
"f3476ae41cbd8ff7271f859d7d4e6db3"
content-type
image/png
access-control-allow-origin
*
x-varnish
693769525 691005402, 327601847 870015352
cache-control
max-age=2592000
accept-ranges
bytes
search_grey.gif
static.ksl.com/graphics/ 		781 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ksl.com/graphics/search_grey.gif
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
bb2f78ca38fb772d6a66c435607ca4b95a0a60f532f7de3b6a07e0a2ce3327cd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 22:36:26 GMT
via
1.1 varnish (Varnish/6.1)
last-modified
Sat, 27 Jun 2009 03:40:28 GMT
server
Apache
age
9689628
x-frame-options
SAMEORIGIN
x-cache
img02 Hit from varnish
content-type
image/gif
x-varnish
329497341 851974
cache-control
s-maxage=31536000, max-age=31536000
x-server
v11
accept-ranges
bytes
content-length
781
expires
Tue, 03 Jan 2023 22:41:26 GMT
29083691.png
img.ksl.com/slc/2908/290836/ 		172 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2908/290836/29083691.png
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
8962cda663958c916414d04ee15873722d4d0604001d8bdf4f4e7460a37dfe73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 16:41:00 GMT
x-amz-version-id
zB5.tr4erNxSTXiYdMfYJtGVA81FmDYG
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
F355PWZJEECYQ6S1
age
1762156
x-amz-server-side-encryption
AES256
x-cache
img01 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
176229
x-amz-id-2
SXrN62jcusyaW+CH6FDntVnM6ib+0DIWD6JZ2STmBv93i2AlcZ54vuT5VCjhONIGUmBuHFihxxc=
last-modified
Tue, 27 Dec 2022 16:17:01 GMT
server
AmazonS3
etag
"97afc5df1893f00e6eafe362577c0bf4"
content-type
image/png
access-control-allow-origin
*
x-varnish
647347473 650408287, 342429847 756763603
cache-control
max-age=2592000
accept-ranges
bytes
51d664bc63e53f2a4398cf2601a38704.svg
static.ksl.com/beta/node_modules/ksl-responsive-header/dist/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ksl.com/beta/node_modules/ksl-responsive-header/dist/51d664bc63e53f2a4398cf2601a38704.svg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
21cd559db3c100842a8ef209f2579e691ee47e2d1469ebeaaaac7cbd439509ab
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:06:53 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
202
x-cache
img01 Hit from varnish
content-length
1333
last-modified
Mon, 20 Apr 2020 23:44:49 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-varnish
341812967 339296594
cache-control
max-age=300, no-transform
x-server
v43
accept-ranges
bytes
expires
Wed, 26 Apr 2023 02:11:53 GMT
react.production.min.js
static.ksl.com/javascript/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/javascript/react.production.min.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
ed51c6c44f063fffd3fef1042b859a00d4cbdcee5dbc742c758f7a275ff85f58
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 22:36:32 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
12823
x-cache
img02 Hit from varnish
content-length
5003
last-modified
Fri, 01 Nov 2019 02:01:34 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-varnish
330925104 295138667
cache-control
s-maxage=604800, max-age=604800
x-server
v34
accept-ranges
bytes
expires
Tue, 25 Apr 2023 22:41:32 GMT
react-dom.production.min.js
static.ksl.com/javascript/ 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/javascript/react-dom.production.min.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
db2ee7a386958f6e858c181063d50b9bd3dfe79f9318bc1550d15482a5e49350
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 22:36:31 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
12823
x-cache
img02 Hit from varnish
content-length
38768
last-modified
Fri, 01 Nov 2019 02:01:34 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-varnish
329497340 304593754
cache-control
s-maxage=604800, max-age=604800
x-server
v34
accept-ranges
bytes
expires
Tue, 25 Apr 2023 22:41:31 GMT
serverComponent.php
nexus.ensighten.com/deseretdigital/ksl-com/ 		188 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/deseretdigital/ksl-com/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/deseretdigital/ksl-com/code/&publishedOn=Mon%20Apr%2024%2014:22:23%20GMT%202023&ClientID=2719&PageID=https%3A%2F%2Fwww.ksl.com%2F
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-24.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
07982897340672379f268b1272ae3c8a34d3e4047736753447a45586b6083c17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:15 GMT
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
no-cache, no-store
content-length
188
x-amz-cf-id
jDpAsOF0gWt2FqnnurCPLt199OvZ1kmvUCnyqdyyXpxB35fau4YZmw==
expires
Wed, 26 Apr 2023 02:10:14 GMT
sprite.svgz
static.ksl.com/ksl-svg-sprite/ 		442 KB
155 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/ksl-svg-sprite/sprite.svgz
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
7139a516d34e8287e32158a5208e4f6758dd6544a4e5ff30bccf0d05abcd6b16
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:08:20 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
115
x-cache
img01 Hit from varnish
content-length
157509
last-modified
Mon, 27 Mar 2023 20:22:19 GMT
server
Apache
etag
"26745-5f7e77fe874c0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-varnish
332537779 340801484
cache-control
max-age=300
x-server
v20
accept-ranges
bytes
expires
Wed, 26 Apr 2023 02:13:20 GMT
nunito-sans-v5-latin-600.woff2
static.ksl.com/fonts/nunito-sans/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/fonts/nunito-sans/nunito-sans-v5-latin-600.woff2
Requested by
Host: static.ksl.com
URL: https://static.ksl.com/ksl-responsive-header/ksl-header.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
d18c05b903e42fe072a80fb16a7aae87c94e506237fce86f68ad8241fa70f759
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://static.ksl.com/ksl-responsive-header/ksl-header.css
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:08:16 GMT
via
1.1 varnish (Varnish/6.1)
last-modified
Mon, 06 Apr 2020 21:54:59 GMT
server
Apache
age
119
etag
"4204-5a2a6517d72c0"
x-frame-options
SAMEORIGIN
x-cache
img02 Hit from varnish
x-varnish
327443656 328777209
access-control-allow-origin
*
cache-control
max-age=300
x-server
v35
accept-ranges
bytes
content-length
16900
expires
Wed, 26 Apr 2023 02:13:16 GMT
nunito-sans-v5-latin-regular.woff2
static.ksl.com/fonts/nunito-sans/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/fonts/nunito-sans/nunito-sans-v5-latin-regular.woff2
Requested by
Host: static.ksl.com
URL: https://static.ksl.com/ksl-responsive-header/ksl-header.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
6b6bdb341440c662d46a4fe200f47772ede3040d2ce52ecfcab8f017f4fa2738
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://static.ksl.com/ksl-responsive-header/ksl-header.css
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:05:37 GMT
via
1.1 varnish (Varnish/6.1)
last-modified
Mon, 06 Apr 2020 21:54:59 GMT
server
Apache
age
277
etag
"4218-5a2a6517d72c0"
x-frame-options
SAMEORIGIN
x-cache
img02 Hit from varnish
x-varnish
328778455 330273342
access-control-allow-origin
*
cache-control
max-age=300
x-server
v22
accept-ranges
bytes
content-length
16920
expires
Wed, 26 Apr 2023 02:10:37 GMT
nunito-sans-v5-latin-700.woff2
static.ksl.com/fonts/nunito-sans/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/fonts/nunito-sans/nunito-sans-v5-latin-700.woff2
Requested by
Host: static.ksl.com
URL: https://static.ksl.com/ksl-responsive-header/ksl-header.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
90767fabd53fe6949c8e19f3ab9d3da69cfc52c7bbfafe42739ed14c2e837920
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://static.ksl.com/ksl-responsive-header/ksl-header.css
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:09:37 GMT
via
1.1 varnish (Varnish/6.1)
last-modified
Mon, 06 Apr 2020 21:54:59 GMT
server
Apache
age
37
etag
"4270-5a2a6517d72c0"
x-frame-options
SAMEORIGIN
x-cache
img01 Hit from varnish
x-varnish
341291789 342365348
access-control-allow-origin
*
cache-control
max-age=300
x-server
v19
accept-ranges
bytes
content-length
17008
expires
Wed, 26 Apr 2023 02:14:37 GMT
d4e3.ttf
d3njgrq4uvb497.cloudfront.net/ 		5 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/d4e3.ttf
Requested by
Host: d3njgrq4uvb497.cloudfront.net
URL: https://d3njgrq4uvb497.cloudfront.net/styles--ksl-f959.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-39.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eca0b00bcdc228fa9087597c23b3108ad4c079791b6ddd56658e48ce83939b6e

Request headers

Referer
https://d3njgrq4uvb497.cloudfront.net/styles--ksl-f959.css
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 00:44:33 GMT
content-encoding
gzip
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
350743
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 13 Apr 2023 12:52:54 GMT
server
AmazonS3
etag
W/"d4e3b2047c5b4ae0e7d9e0da5a0608e1"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/font-sfnt
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-id
k7R0I27caPAXE2kgbjEIggo7DqNJ6J4AnGXYUlpOzZMzz6e6PEU47w==
gtm.js
www.googletagmanager.com/ 		232 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TVLZ5Z&l=kslDataLayer
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bad0df693ad0a15a34c0e6dcf035b49ef766fdf26f87f5b7fc249d12c5d84091
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76213
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Apr 2023 02:10:15 GMT
29084682.png
img.ksl.com/slc/2908/290846/ 		181 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2908/290846/29084682.png
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
54d7476e51d2e6d5c1777199d3a168155d0e5f6fbef1dbf4f33f6bdcfda0df17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 16:41:00 GMT
x-amz-version-id
F6ZEFbrP2eyqq6PNBrq45mfYav6IJOjx
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
F35D92RS1PH10WEA
age
1762155
x-amz-server-side-encryption
AES256
x-cache
img02 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
185535
x-amz-id-2
WTLlzfmI7CGajubOcQp5FVfntq70Rr7m0TrVsIBS/1WGZXGzG8S2xEba0wn8ZvNTMB/mz7TAETY=
last-modified
Wed, 28 Dec 2022 12:41:29 GMT
server
AmazonS3
etag
"38b6ad4e26d685d4cc5012ac1a0cd79b"
content-type
image/png
access-control-allow-origin
*
x-varnish
32933979 32318367, 328678980 739606119
cache-control
max-age=2592000
accept-ranges
bytes
5b4de110-bc3f-40aa-8751-c3176bbf87d5_eu.js
cdn.mouseflow.com/projects/
Redirect Chain
  • https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5.js
  • https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5_eu.js
61 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5_eu.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
1046556f3287ce2629cfa94e16d0ed14b39ffadb1fb62fe3a962afaf8f04ffb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:15 GMT
content-encoding
gzip
last-modified
Thu, 20 Apr 2023 09:25:13 GMT
server
etag
"2bdbd126a73d91:0"
x-hw
1682475015.cds303.lo4.hn,1682475015.cds260.lo4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
17941

Redirect headers

date
Wed, 26 Apr 2023 02:10:15 GMT
x-hw
1682475015.cds303.lo4.hn,1682475015.cds265.lo4.c
location
https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5_eu.js
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-hw-loc
https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5.js
content-length
0
/
js.stripe.com/v3/ 		467 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
02d46f48955fb155e11ab9c892f2eb8436118171ccb40040a09f197e51362c47
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 26 Apr 2023 02:10:00 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
22
x-cache
Hit from cloudfront
last-modified
Tue, 25 Apr 2023 21:29:10 GMT
server
Cloudfront
etag
W/"42a7534cb2a30a3b881d244b0888550b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
ey0s5x-9BSbd3Tuq3TjAJDy1bEMjqAPVMN-5uZVZqY0a1VjOisQ_ew==
dm.js
tag.durationmedia.net/sites/11159/ 		119 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.durationmedia.net/sites/11159/dm.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8400:10:ce97:9fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02c604ce4a743bf32a3b03577d5fd882471ebff8dfd223985a9f5a068cbc621d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
eXmDg0HSjPCBHCjipq0AjHBA8OHNhf37
content-encoding
gzip
via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
date
Wed, 26 Apr 2023 02:10:00 GMT
x-amz-cf-pop
FRA56-P3
age
16
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33297
last-modified
Thu, 06 Apr 2023 05:47:05 GMT
server
AmazonS3
etag
"3392df1e87c48928ffd1bd4b8345b183"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=900
accept-ranges
bytes
x-amz-cf-id
86JGkBUeY-Ueaa6Yc29cBsf7ewPnv4ma4CI-4boh5zKBJyKHOU0KVA==
ads.js
prebidads.revcatch.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prebidads.revcatch.com/ads.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
7815473f068f708bcde391e444f1e2d3f19d1ead1174a2281a8833648356b80d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 15:54:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2069569
x-powered-by
RCW03
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BncxythkGWPPwztwNH0eAtzCvqlU5%2BU82w%2BCMjwyR22xcRL4xKfiosqzOiQYl5xDukfP1NBazPBODNOrgH4yw69syOvXkdxnVyY8RzP%2B4pEdcf%2B5ePXPL4dR%2BTZc%2FwPXTutFwsm7geJoQTNm%2BuQk7Hifn2BP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7bdb49ce7a133826-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 02 May 2023 03:17:26 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 26 Apr 2023 00:35:44 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
5671
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 26 Apr 2023 02:35:44 GMT
tracker.js
static.rubyblu.com/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.rubyblu.com/tracker.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.32.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
235.32.211.130.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
45df8300639a2c449239e3f0ddd1575ec2a867266840be6309b69903f032d919

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:22:34 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 23 Jan 2023 23:09:32 GMT
server
nginx/1.18.0
age
2861
etag
W/"63cf13ac-531a"
content-type
application/javascript
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7784
expires
Wed, 26 Apr 2023 02:22:34 GMT
destination
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-JW89DL7T5D&l=kslDataLayer&cx=c
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
987a0c16c0f4200eb6b82dec5896e0dcb809d390bf3caf366044aeab6dabcea9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77537
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 26 Apr 2023 02:10:15 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:21:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2909
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 26 Apr 2023 02:21:46 GMT
collect
region1.analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JW89DL7T5D&gtm=45je34j0&_p=1904899749&_gaz=1&cid=613797378.1682475015&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682475015&sct=1&seg=0&dl=https%3A%2F%2Fwww.ksl.com%2F&dt=Utah%20News%2C%20Sports%2C%20Weather%2C%20Cars%20and%20Classifieds%20%7C%20KSL%20News&en=page_view&_fv=1&_ss=1&ep.DDM_Device_ID=mngsvs1326q6&ep.DDM_Session_ID=pdr7fimtemqg&ep.DDM_Hit_ID=euc4551ma0u3&ep.KSL_Member_ID=&ep.Experiment_Group=false&ep.Entity=KSL.com%20-%20News%2FContent&ep.Site_Section=News&ep.Template=Homepage&ep.Title=not%20specified&up.DDM_Device_ID=mngsvs1326q6&up.KSL_Member_ID=
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JW89DL7T5D&cid=613797378.1682475015&gtm=45je34j0&aip=1
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JW89DL7T5D&cid=613797378.1682475015&gtm=45je34j0&aip=1&z=805792294
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-72877204-2&cid=613797378.1682475015&jid=61098943&gjid=1703166124&_gid=130905367.1682475015&_u=aGBAgEAjAAAAAEAEK~&z=1346390124
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 26 Apr 2023 02:10:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1904899749&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ksl.com%2F&ul=en-us&de=UTF-8&dt=Utah%20News%2C%20Sports%2C%20Weather%2C%20Cars%20and%20Classifieds%20%7C%20KSL%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAjAAAAAAAEK~&jid=61098943&gjid=1703166124&cid=613797378.1682475015&tid=UA-72877204-2&_gid=130905367.1682475015&gtm=45He34j0n71TVLZ5Z&cg1=News&cd1=mngsvs1326q6&cd2=mngsvs1326q6&cd3=1682475015401.d7qgbomu&cd5=2023-04-26T02%3A10%3A15.401%2B00%3A00&cd6=1.0&cd7=https%3A%2F%2Fwww.ksl.com%2F&cd8=&cd9=www.ksl.com&cd10=GTM-TVLZ5Z&cd11=61&cd12=0&cd13=News&cd16=KSL.com%20-%20News%2FContent&cd17=Content&cd26=Homepage&cd28=traditional&cd31=euc4551ma0u3&cd33=not%20specified&cd47=0&cd50=pdr7fimtemqg&cd51=pdr7fimtemqg&cd52=0&cd4=613797378.1682475015&z=1725334854
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 02:13:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
86197
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
deseret
match.prod.bidr.io/cookie-sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.bxm2znbxj6xq
  • https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.bxm2znbxj6xq&_bee_ppp=1
24 B
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.bxm2znbxj6xq&_bee_ppp=1
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
HTTP/1.1
Server
52.49.52.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-52-255.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
73da3b369596f2ea8e701ec80155bf93c638eb66f1de5eac9a88f2eb8e565fd8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 02:10:15 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
24
content-type
text/plain

Redirect headers

location
https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.bxm2znbxj6xq&_bee_ppp=1
Date
Wed, 26 Apr 2023 02:10:15 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
catch_rp.js
app.protectsubrev.com/ 		377 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.protectsubrev.com/catch_rp.js?cb=0.445026971342398
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ce1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
502bb63550cd079d5447f95d545f65bb1ad7edf88d42bd409b6e8c9f11a11566

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Dec 2022 16:25:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1926991
x-powered-by
RCW03
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dEJEBs6VpsRWDfhSkKxcEP%2F7Chh2kzGwmJ4EoMGB%2BSgQ3tVMtNW3lJHS1vpPbS6sIM5PxskvwFGhBlz8Ajfew5Du8YG%2FXPzpB0YV0nIqathYF8SL60XPeSxxxw4y5e9AjuP1iG5cLgVu8d7znob%2Fq%2Fzmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7bdb49d04ef03639-FRA
expires
Wed, 03 May 2023 18:53:44 GMT
app--ksl-eabf.js
d3njgrq4uvb497.cloudfront.net/ 		270 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/app--ksl-eabf.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-39.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04a279b71eef60b3cdd816fb23751fd2eb86de757f4285914613ded6792dcc86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 11:32:08 GMT
content-encoding
gzip
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 11:09:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
2126288
etag
W/"65fccb4f59b768469b549da65ed6cb11"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-id
V_fZjBak9aG0MXTwp9mNiZ53Pn9mumxDCxWzzkn7ZAFyvZz_9q3FFw==
scriptloaded
be.durationmedia.net/ 		61 B
682 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/scriptloaded?siteId=11159
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.217.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-217-223.compute-1.amazonaws.com
Software
/
Resource Hash
9903035e5b61b366e5709819a66349add4a4d132af460c00dc37babc30774ebb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:15 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options
DENY
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
transfer-encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
0
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-72877204-2&cid=613797378.1682475015&jid=61098943&_u=aGBAgEAjAAAAAEAEK~&z=866475532
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-72877204-2&cid=613797378.1682475015&jid=61098943&_u=aGBAgEAjAAAAAEAEK~&z=866475532
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=0&c=2719&i=8qsnmi&p=ksl-com&s=328&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI4cXNubWkiLCJwYWNrZXQiOjAsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APAZIiwidHlwZSI6ImJpbGxpbmciLCJzdGFydCI6MTY4MjQ3NTAxNTU2M1sAwGQiOi0xLCJzb3VyYzIAAisAYXR1cyI6ImYAQGFzb25lANRdLCJkYXRhUGF0dGVyEgDCbGlzdCI6W10sImlkXQDANDc1MDE1NTYzfV19
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:15 GMT
cache-control
no-cache, no-store
server
nginx
expires
Wed, 26 Apr 2023 02:10:14 GMT
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 2CE0 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1335
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 26 Apr 2023 01:48:01 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Tue, 04 Apr 2023 17:28:14 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-id
1Rx32tVY2mOY3tBqedglTfHj1ogbINtJCnelHjOqMtwTvuuiB82eeA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
ksl-header.js
static.ksl.com/ksl-responsive-header/ 		136 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/ksl-responsive-header/ksl-header.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
878a331836150935afb12b3ec3e5521dadd7902173b4fd24adfee940a3931b61
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:09:52 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
23
x-cache
img02 Hit from varnish
content-length
39439
last-modified
Tue, 14 Mar 2023 15:04:33 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-varnish
328388719 330891776
cache-control
s-maxage=3600, max-age=3600
x-server
v46
accept-ranges
bytes
expires
Wed, 26 Apr 2023 02:14:52 GMT
40d46e80783913f345e0d937952797a3-Queue.min.js
d3njgrq4uvb497.cloudfront.net/react/ 		56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/react/40d46e80783913f345e0d937952797a3-Queue.min.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-39.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea894a98bca06239c4ca61cc092fc6ba6495acce946e13959d528274a0d2d8ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 19:15:10 GMT
content-encoding
gzip
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 19:04:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
14453706
etag
W/"40d46e80783913f345e0d937952797a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-id
EnBXpIQh2X-sEQCya63esf4WMXmd6817ctup8d0b2BT64pQDH-7_KA==
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:48:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
1289
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 26 Apr 2023 02:48:46 GMT
gpt.js
www.googletagservices.com/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c9dc2e1b5bc7767c70ac0231321f202797bfa38dfe330150a1b1ab6bb46105d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24999
x-xss-protection
0
server
cafe
etag
964 / 19473 / m202304200101 / config-hash: 3496528444417690014
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 26 Apr 2023 02:10:15 GMT
op.js
tagan.adlightning.com/deseretdigital/ 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/op.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3adf27b675b74309190e5e8488c721cbf0907909941004538a706a969562b90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
i3vIEcs9iXSRlVNORWwr4fjKC84ZKpS9
content-encoding
gzip
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
date
Wed, 26 Apr 2023 01:38:07 GMT
x-amz-cf-pop
FRA60-P4
age
1929
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24970
x-amz-meta-git_commit
8db6969
last-modified
Wed, 26 Apr 2023 00:36:52 GMT
server
AmazonS3
etag
"609f11097775e15a1815f0c199caef25"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
ybdJYZ1RAQPxnISh83FyWPzVL0QzmLPGdRgQ-96yiAeDw12T-FYHsw==
29265726.JPG
img.ksl.com/slc/2926/292657/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2926/292657/29265726.JPG?filter=kslv2/responsive_lg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
c28957e93457965263407d0f2a745b1b8bc118e46c38b5da75915558e4a81f03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:02:51 GMT
x-amz-version-id
o3BEZkudohmr42DAolCZaw.Epfoo07hO
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
94F96JV1KJSXRJNW
age
444
x-amz-server-side-encryption
AES256
x-cache
img02 Hit from varnish
x-amz-replication-status
PENDING
content-length
14911
x-amz-id-2
PMh5iC53swsYlZscOLsl8Uynei8CsutYAmVlGsVe0lXaUiEjo4oihZMoi0gv8puJwCOsJrFJvms=
last-modified
Wed, 26 Apr 2023 02:02:49 GMT
server
AmazonS3
etag
"3d6430a16f38ab958e6dccbe42f3c13c"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
574345173 570858077, 330601038 327374463
cache-control
max-age=604800
accept-ranges
bytes
28053440.jpeg
img.ksl.com/slc/2805/280534/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2805/280534/28053440.jpeg?filter=kslv2/responsive_lg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
53be8563970adca668a392dc8601a9a9b3bfa2502253cff54d56155c2f5918e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:34:47 GMT
x-amz-version-id
ilqEDU6QaNZ2cZNN6HKabV3xgOYxKg3d
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
2YKQ1QJZK5R9NSWP
age
2129
x-cache
img02 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
8081
x-amz-id-2
5MOZxatOK5M5FgadOMb7AZXBL2zWYlg+zz+O+xeIBRhKofKS2BjhYmX+zDFaJc/jHt+8LAWSSFQ=
last-modified
Wed, 03 Nov 2021 20:04:18 GMT
server
AmazonS3
etag
"4b7c9ce57f04a89ddacb2accea0e53bd"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
571766518, 328909696 327493059
cache-control
max-age=604800
accept-ranges
bytes
29266187.jpeg
img.ksl.com/slc/2926/292661/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2926/292661/29266187.jpeg?filter=kslv2/responsive_lg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
bb5475141629bcfd2cbfc8d6a2703fc93def1efc916f7f46a27e6c0a5f1f1174

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:04:46 GMT
x-amz-version-id
4uxUyi._CV3jLbVTjJFgWYTjTN9jhP8X
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
FBARVTPYFAT00EZK
age
3930
x-amz-server-side-encryption
AES256
x-cache
img02 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
13296
x-amz-id-2
Eyc/vEqOvq9j5a7d3GP3ScdgxMZHYJOotlnkewWSzmxSA61p3OK4R9BKajyunqx2Jfxs3yC4jiY=
last-modified
Tue, 25 Apr 2023 23:07:10 GMT
server
AmazonS3
etag
"ed639b3fe90f1c5a5600723fe627c8b8"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
573197682, 330440871 322892768
cache-control
max-age=604800
accept-ranges
bytes
29262610.jpg
img.ksl.com/slc/2926/292626/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2926/292626/29262610.jpg?filter=kslv2/responsive_lg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
d93ffc94ba249bd3d9dde170fac6bc48bd56c1fbda9af6b89acdaaacae09408a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 00:22:30 GMT
x-amz-version-id
HCQnB0y80oxCY08CYJf6Ih2IKrAhsAkn
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
KPNT1N4VFXZ5ET9S
age
6466
x-amz-server-side-encryption
AES256
x-cache
img02 Hit from varnish
x-amz-replication-status
PENDING
content-length
18213
x-amz-id-2
ymRoQ6XIV+sLOo3ABxRPl55i2ym6OOJhSMVf4A/pstLchbt5GiwaTaKrKcpGQhdn4BbCkCNid40=
last-modified
Wed, 26 Apr 2023 00:22:29 GMT
server
AmazonS3
etag
"32109a711d47ffdeb2f7614346f0ecda"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
572175558, 327967392 321280995
cache-control
max-age=604800
accept-ranges
bytes
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp-report
q.stripe.com/ Frame 2CE0 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 26 Apr 2023 02:10:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1682475016181041
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1682475016180493
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 2CE0 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 26 Apr 2023 02:10:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1682475016180817
x-envoy-upstream-service-time
0
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1682475016180556
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 2CE0 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Wed, 26 Apr 2023 01:55:56 GMT
x-content-type-options
nosniff
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2732
x-cache
Hit from cloudfront
content-length
631
last-modified
Mon, 17 Apr 2023 21:23:27 GMT
server
Cloudfront
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
gon5MOZNjkgBGfwKmGpjR_U4RVYscXW-gVud-4jLudcnyC3SerrzOw==
b-8db6969-0d54047a.js
tagan.adlightning.com/deseretdigital/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b512b1e143d27297a87f49b35f418f656508da018781e9e87019fa2922b6fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 00:43:20 GMT
content-encoding
gzip
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-amz-version-id
ktqVwPB8xkChf39sZlqPrBHeThdUR.QP
x-amz-cf-pop
FRA60-P4
age
1992415
x-cache
Hit from cloudfront
content-length
33929
x-amz-meta-git_commit
8db6969
last-modified
Mon, 07 Nov 2022 21:20:45 GMT
server
AmazonS3
etag
"b172b73159838e1e11f525531ea3264f"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
b0A8HVk_9B5VnotWJPBlNMIwKOLroNJJf0kKV5Kt9RrCQ6gXZnpEOg==
bl-deea5a1-2e3b0aa9.js
tagan.adlightning.com/deseretdigital/ 		40 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-deea5a1-2e3b0aa9.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
772e9fbdba851de624a2de4ed759b0752d6681ae1feef9d1859508e3d26dc729

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 00:37:15 GMT
content-encoding
gzip
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-amz-version-id
ULb.COCfYdODK206ed5xAcH57USAJVoQ
x-amz-cf-pop
FRA60-P4
age
5581
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17292
x-amz-meta-git_commit
deea5a1
last-modified
Wed, 26 Apr 2023 00:36:29 GMT
server
AmazonS3
etag
"7009c6b3a31443a2b306d8a811c287f4"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
deABurkFk7HmiLF8Ad3sZjsB9Nu6ZMA2WpCSOWRr0tMQ_9TWXuqUHA==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/webp
inner.html
m.stripe.network/ Frame 5E51 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ae00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
244
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 26 Apr 2023 02:06:12 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id
pKcsTIBKLjBh25iDVqAQ7P5GnWtL1ozkpPlU_4UoVFJhlGfkWT75Jw==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
catch.css
app.protectsubrev.com/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.protectsubrev.com/catch.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ce1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
90ccee6904ff98b13b372eaaa87d8629cf12fedc238801722557c19562540b2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Nov 2022 16:43:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1926990
x-powered-by
RCW03
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjSkqoEaqASWPwDXHXSnzWUqnQAv%2B5VCX1LrWXDCu%2BhPhznXiZSfFAMaVD22swRV6hJJ3Yjypvyz7wSeAgz%2B0rD8Nd87Y0d24jev9PeoLhLzhAnz4WWxm9RuxXqjIExRI8YYA25eyRlvIeArjqKBMo9XZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7bdb49d19fce3639-FRA
expires
Wed, 03 May 2023 18:53:44 GMT
/
pages.protectsubrev.com/ 		27 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pages.protectsubrev.com/?new
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ce1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW02
Resource Hash
e316b868ed9c868fb27430b2cf7a60a49bfc0b5503a9775c5a73ad7d8911d2cf

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 26 Apr 2023 02:10:16 GMT
content-encoding
br
referrer-policy
origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
RCW02
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOy0gHDy7CPmQXtFaiq7%2BkyJfJyKn1rJbCishDvOULYQ0ieCYhqBkWGJcinbOBXfYt%2FJRErzrQtnYtZodmEglTxcmEptsdYiPZGODg33%2BdREAw1u%2FAvVAcQmvaJPNYlsvaGJwBmSl%2Fxj9f8PhrkOS7oylN6o"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
cf-ray
7bdb49d1d89e2d04-FRA
expires
Fri, 28 Apr 2023 02:10:16 GMT
truncated
/ 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f3a01e144ec2db45bb24f5ee5e9ed1da37760b01593395c01e4c1e4780b89ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
16020764746327031843
tpc.googlesyndication.com/simgad/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16020764746327031843
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2af6de0161679525ed17e3cab74b1f2ecbadbf3a3e83706d44549aa377daec16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 16:41:51 GMT
x-content-type-options
nosniff
age
293304
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1455
x-xss-protection
0
last-modified
Thu, 20 Sep 2018 16:19:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 21 Apr 2024 16:41:51 GMT
l
www.google.com/ads/measurement/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=efmk
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/ 		399 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:00:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
29368
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126587
x-xss-protection
0
server
cafe
etag
1883905843074567667
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 24 Apr 2024 18:00:48 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		181 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ksl.com
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1757fd3889e518848bb6fbd879683daf74422b7928967969be977ac28a84651d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
x-xss-protection
0
expires
Wed, 26 Apr 2023 02:10:16 GMT
deseret
deseret.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://deseret.technoratimedia.com/openrtb/bids/deseret?src=prebid_prebid_7.24.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://www.ksl.com
access-control-max-age
86400
date
Wed, 26 Apr 2023 02:10:16 GMT
server
nginx
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:43d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.ksl.com
access-control-max-age
3600
cf-cache-status
DYNAMIC
cf-ray
7bdb49d25a4c9223-FRA
content-length
0
date
Wed, 26 Apr 2023 02:10:16 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Headers
deseret
deseret.technoratimedia.com/openrtb/bids/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://deseret.technoratimedia.com/openrtb/bids/deseret?src=prebid_prebid_7.24.0
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 26 Apr 2023 02:10:16 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
892778485
access-control-allow-origin
https://www.ksl.com
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Wed, 26 Apr 2023 02:10:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
ex.ingage.tech/v1/ 		2 KB
899 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:43d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a99409d3936e07e64095dc36275663cf599da1c031c6692fad0fd14126461568

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 26 Apr 2023 02:10:16 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ksl.com
access-control-allow-credentials
true
cf-ray
7bdb49d419f09042-FRA
adreq
ads.servenobid.com/ 		1 KB
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=3758
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.69.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-69-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
667972a15a943e8dd3ec1cbe0c5e8c8c2ebc08b3adbab0acf944e991ad5e350c

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Apr 2023 02:10:16 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
csp-report
q.stripe.com/ Frame 5E51 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 26 Apr 2023 02:10:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1682475016181233
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1682475016180555
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.42.js
m.stripe.network/ Frame 5E51 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ae00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 26 Apr 2023 02:07:22 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
age
176
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
DxndTbTzRC5wgNlTJgayOksH1Uop07tmQ3dLz4tBMm2IDb2PBIlEfA==
gtm.js
www.googletagmanager.com/ 		203 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NKMQVGQ&l=headerDataLayer
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56d7d530b05d933f850a7010cb84959a31b634cddb142607288ddd6e7692327f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72163
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Apr 2023 02:10:16 GMT
twilio-conversations.min.js
media.twiliocdn.com/sdk/js/conversations/releases/2.1.0/ 		497 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.twiliocdn.com/sdk/js/conversations/releases/2.1.0/twilio-conversations.min.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.14.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf64852d6ba356ad309f01e973172dedbcd33fcc0823bb2e98484028c12a8074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:16 GMT
x-amz-version-id
kmnyC8T27McvTZPCCp_8FCeAkqAXOEAz
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 03 Mar 2022 12:06:00 GMT
server
cloudflare
x-amz-request-id
BDEW4CQKXQ69JK7W
etag
W/"bb47e650bbd0511e8523e9288befd45b"
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7bdb49d2f9d036dd-FRA
x-amz-id-2
Av985RjltfrAefFl4n8CCvadqBL1uRbSEOtB5TIs1JUjuYbPTrNckFpMGqh/bNoDqVByf10hNUE=
expires
Thu, 31 Dec 2037 23:55:55 GMT
messages.js
static.ksl.com/m-ksl-messages-twilio-client/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/m-ksl-messages-twilio-client/messages.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
32dddeed43e3fbde44d76523d3a40dc8a00aaaee5f9f319f21e7c769ef2a43cc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:08:54 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
81
x-cache
img01 Hit from varnish
content-length
3214
last-modified
Fri, 23 Sep 2022 19:53:18 GMT
server
Apache
etag
"35f8-5e95d877e8780-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-varnish
342039404 340084475
cache-control
max-age=300
x-server
v36
accept-ranges
bytes
expires
Wed, 26 Apr 2023 02:13:54 GMT
getHeaderWeather
news-api.ksl.com/v1/weather/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://news-api.ksl.com/v1/weather/getHeaderWeather
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.201 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
ksl.com
Software
Apache /
Resource Hash
cfe0d8a95e939e84e53b647392d8a2f021972eaeacf26df355a01875c6f940b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 02:10:16 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
true
X-Server
bapi15
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
834
active
www.ksl.com/api/2017/member/ 		49 B
433 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ksl.com/api/2017/member/active
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.201 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
ksl.com
Software
Apache /
Resource Hash
f49b521799308f8cf36318142dbab92925dcae0ca9e2e35050f7d7635ce6c4b0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 02:10:16 GMT
Strict-Transport-Security
max-age=2592000;
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
max-age=0, must-revalidate, private
X-Server
b16
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
49
Expires
Wed, 26 Apr 2023 02:10:16 GMT
0
app.protectsubrev.com/caught/rc-CfZeub/734205294/ 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.protectsubrev.com/caught/rc-CfZeub/734205294/0
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ce1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW02
Resource Hash
239fc127561ee7617947020d9e5db6339a54ee6dcec914094f55fc740f637323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
RCW02
server
cloudflare
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yc5q1YndTAfT%2BbOmtC2VX%2B7lP96kCNEm%2BNA0utDRF%2Bf9KBQgm0Nd75rLGu9GULJ%2BqP0T4bgghZsbbGXlg9b0INUCyJwppLZAIvFk%2Bub%2FEB6r2YjDwWE4fF1loosDlAj8byuAyg4Ed5uxWTuDuPc6%2Fv4M1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, private, max-age=172800
access-control-allow-credentials
true
cf-ray
7bdb49d45ab72d04-FRA
access-control-allow-headers
*, Authorization, Origin, X-Requested-With, Content-Type, Range
expires
Fri, 28 Apr 2023 02:10:16 GMT
rules
app.protectsubrev.com/api/ 		3 KB
852 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.protectsubrev.com/api/rules?id=rc-CfZeub
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ce1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
fe1a293cdb4905ed390da36b47fa01878068dc52306b495f97d39c56f00ea2fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:16 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
RCW03
last-modified
Tue, 25 Apr 2023 21:31:14 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXedBMYp9JCJgt6086j3z96lHjbLc%2BeTfoeewt4hXllxJvPDkUOfByVFGMwkVdsSSqRjhvhe%2B8mDt%2F5RYzrK8kPXGUqz9tuuIis5JwYndsdV1o5LWqr%2BaXuy68pt9FdFo5mfl%2FrQRel3VCMa0%2BHjB7MhEA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=172800
access-control-allow-credentials
true
x-ratelimit-limit
150
cf-ray
7bdb49d45ab62d04-FRA
access-control-allow-headers
*, Authorization, Origin, X-Requested-With, Content-Type, Range
x-ratelimit-remaining
149
expires
Fri, 28 Apr 2023 02:10:16 GMT
jstag
ksl-d.openx.net/w/1.0/ 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ksl-d.openx.net/w/1.0/jstag?nc=6686-KSL_News
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e1871d9be5879b788dd9f3088b7c9411bd9c2dbbb87b435062a7f9fb5133ec40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:16 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58319
expires
Wed, 26 Apr 2023 03:10:16 GMT
29265405.jpg
img.ksl.com/slc/2926/292654/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2926/292654/29265405.jpg?filter=kslv2/responsive_lg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
d0ba6ae3f869ef3b1fd5b0751e54c88de732c5041d081f62bb948c1bed1d1f65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 23:44:25 GMT
x-amz-version-id
LyBIuJX.I0u70o81FmRs7NjXBPj4qofE
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
04H58WXZXY4CW8F9
age
8752
x-amz-server-side-encryption
AES256
x-cache
img02 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
7411
x-amz-id-2
tb0njeu1VtzUVVVMGMUNtQs8DN3DYxdpWLGI7KLw8vKrz1s1LYbzkBcLhH2Gusnto6DAhiEn0k8=
last-modified
Tue, 25 Apr 2023 22:47:31 GMT
server
AmazonS3
etag
"bd0c98cf5e9a0edc0744577d187f346d"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
564362960, 326726347 318615552
cache-control
max-age=604800
accept-ranges
bytes
6
m.stripe.com/ Frame 5E51 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.99.131 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-187-99-131.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
3a49cd8fd0e016991f1f7079f2de6a46709e4e74920d5be9b900059ba16fada1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Wed, 26 Apr 2023 02:10:16 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1682475016902178
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1682475016901483
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
otSDKStub.js
cookie-cdn.cookiepro.com/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Apr 2023 02:10:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
+GAQ9uZzuyMATxU6dGRBFA==
age
60566
x-ms-lease-status
unlocked
last-modified
Thu, 06 Apr 2023 01:29:38 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
265cb68e-301e-0026-546a-687055000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
7bdb49d56c42926b-FRA
expires
Thu, 27 Apr 2023 02:10:16 GMT
42225788-6fb1-438d-91a0-0da32c771fe8.json
cookie-cdn.cookiepro.com/consent/42225788-6fb1-438d-91a0-0da32c771fe8/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/42225788-6fb1-438d-91a0-0da32c771fe8/42225788-6fb1-438d-91a0-0da32c771fe8.json
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7921b1571870bdf998d2ec79a1302ff957c0856603a32052cb73f525f7a7184
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Apr 2023 02:10:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
A7mz8WZigWp0YtJ6Uv+hQQ==
age
39973
x-ms-lease-status
unlocked
last-modified
Mon, 13 Mar 2023 20:18:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f3b55265-f01e-0039-3fe8-55c351000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
7bdb49d5a851692e-FRA
otBannerSdk.js
cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/ 		381 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/otBannerSdk.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Apr 2023 02:10:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
DjzI+HdyHvhC2OCs+qd+pw==
age
60443
x-ms-lease-status
unlocked
last-modified
Fri, 21 Oct 2022 01:41:20 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6bc1f510-201e-0093-3c67-47e347000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
7bdb49d5dc76926b-FRA
expires
Thu, 27 Apr 2023 02:10:16 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ksl.com
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ksl.com
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		248 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4093950574437675&correlator=2062247512764662&eid=31072020%2C31072879&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fifs&iu_parts=6686%2Cddm.ksl%2CHomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250%7C1084x250%2C728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C970x90%7C970x250&ifi=1&adks=1205982177%2C1121449344%2C1121449345%2C1828543895&didk=1438860581~1438860570~1438860571~1438860568&sfv=1-0-40&prev_scp=pos%3Dtop%7Cpos%3Dtop2%26queue%3D1%7Cpos%3Dtop3%26queue%3D2%7Cpos%3Dfooterad&cust_params=v%3Dhomepage%26cc%3Dhomepage%26article-id%3D53583%26pt%3Dhomepage%26pageviewid%3Deuc4551ma0u3&sc=1&cookie_enabled=1&abxe=1&dt=1682475016655&lmt=1682475016&dlt=1682475014738&idt=1682&adxs=436%2C436%2C436%2C315&adys=755%2C1765%2C3147%2C6115&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ksl.com%2F&frm=20&vis=1&psz=1082x260%7C1082x262%7C1082x262%7C1082x260&msz=728x250%7C728x250%7C728x250%7C970x250&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=613797378.1682475015&ga_sid=1682475017&ga_hid=1904899749&ga_fc=true&ga_cid=130905367.1682475015
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
716b82c3e58ae25b0d300b57afed6cf313338d9bbb6a14d3c607edab2575fae3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54109
x-xss-protection
0
google-lineitem-id
6197971143,5330775500,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138420271877,138306875181,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ksl.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5E74 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 02:10:16 GMT
expires
Thu, 25 Apr 2024 02:10:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
en.json
cookie-cdn.cookiepro.com/consent/42225788-6fb1-438d-91a0-0da32c771fe8/2bf65cc3-af43-4615-8660-543f2a769de1/ 		136 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/42225788-6fb1-438d-91a0-0da32c771fe8/2bf65cc3-af43-4615-8660-543f2a769de1/en.json
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1352d98291981d5de453bedf44dbc99a22689eebbae5d548daddc7e1128ee697
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Apr 2023 02:10:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
YMDhuQpSORPTArtcZ8QwYQ==
age
62856
x-ms-lease-status
unlocked
last-modified
Mon, 13 Mar 2023 20:18:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
60557f97-e01e-0057-6fe8-55967e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
7bdb49d658b8692e-FRA
otFlat.json
cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/assets/otFlat.json
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Apr 2023 02:10:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
JuDKxv1jf1Hw0JXasvCaSg==
age
62851
x-ms-lease-status
unlocked
last-modified
Fri, 21 Oct 2022 01:41:03 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
5603c07d-901e-0072-7867-473f02000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
7bdb49d6a8f7692e-FRA
expires
Thu, 27 Apr 2023 02:10:16 GMT
otPcPanel.json
cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/assets/v2/ 		63 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/assets/v2/otPcPanel.json
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df9aee0014c1553fa6f462aa38714f3f35678bba639483b6141e42e52ec2951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Apr 2023 02:10:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
iFWm653zpCZXOB0KT4+Hvg==
age
43124
x-ms-lease-status
unlocked
last-modified
Fri, 21 Oct 2022 01:41:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
be773df2-a01e-0079-79e8-55c469000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
7bdb49d6a8f8692e-FRA
expires
Thu, 27 Apr 2023 02:10:16 GMT
otCommonStyles.css
cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/assets/otCommonStyles.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Apr 2023 02:10:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
oQsmwuIlJWH4cKDxpI1ltA==
age
3994
x-ms-lease-status
unlocked
last-modified
Fri, 21 Oct 2022 01:41:29 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
3da7d909-d01e-0063-1867-47a5b6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
7bdb49d6a8fb692e-FRA
expires
Thu, 27 Apr 2023 02:10:16 GMT
getstylesettings
app.protectsubrev.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.protectsubrev.com/api/getstylesettings?id=rc-CfZeub&v=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ce1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW02
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*, Authorization, Origin, X-Requested-With, Content-Type, Range
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
allow
GET,HEAD
cache-control
no-cache, private max-age=600
cf-cache-status
DYNAMIC
cf-ray
7bdb49d6ac842d04-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 26 Apr 2023 02:10:16 GMT
expires
Wed, 26 Apr 2023 02:20:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLizz5kZp8O4bc0JT3oD8mS3npzWwaAUX0HWcQpANOKMVGTf2kv6BSSa%2FKSPNtHNBeLRjzRF99Mr5asA3dERyeIbMtIuh0E3y1W3iMqzTjuE%2BKJeD%2F7Lyid6w%2BvwI2KdFNI%2BOTDiIVdQakNnIrnsSFi1ug%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
x-powered-by
RCW02
getstylesettings
app.protectsubrev.com/api/ 		2 KB
764 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.protectsubrev.com/api/getstylesettings?id=rc-CfZeub&v=0
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ce1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
c7d2c0791ad181a85f3590f792a95ed07df8b248146bf42a6eb032ea370fdb17

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 26 Apr 2023 02:10:17 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
RCW03
last-modified
Tue, 25 Apr 2023 23:18:11 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvWW58%2BABdBT%2BaTi90NRzgrMDCe1RL3Lkyf7WFDmr%2F5GH8cJN747fJLtC8kwgcM0q9nMcPXXxKeNrcqLvf9TGpTWR%2BQs0fhZMLCUyHOTZT8XZ1VeTrJ3dbUeaMAf92D0y1fnS01rtMoz1WlwGWLJG7xRjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=172800
access-control-allow-credentials
true
x-ratelimit-limit
150
cf-ray
7bdb49d78d6b2d04-FRA
access-control-allow-headers
*, Authorization, Origin, X-Requested-With, Content-Type, Range
x-ratelimit-remaining
148
expires
Fri, 28 Apr 2023 02:10:17 GMT
ot_close.svg
cookie-cdn.cookiepro.com/logos/static/ 		651 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-cdn.cookiepro.com/logos/static/ot_close.svg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Apr 2023 02:10:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
59991
x-ms-lease-status
unlocked
last-modified
Thu, 06 Apr 2023 01:29:41 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
9b832f58-001e-003d-5169-684e56000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
7bdb49d6ecf1926b-FRA
expires
Thu, 27 Apr 2023 02:10:16 GMT
cookiepro_logo.png
cookie-cdn.cookiepro.com/logos/static/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-cdn.cookiepro.com/logos/static/cookiepro_logo.png
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
088dbe5e4bb2f902e2e7c62ca7a15bae5cb55f4708d99f7c4daae7148a19a865
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Apr 2023 02:10:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
content-md5
IipuN9Einq/0wIZw6VIt/g==
age
60537
cf-polished
origSize=36419
content-length
36343
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Thu, 06 Apr 2023 01:29:42 GMT
server
cloudflare
etag
0x8DB363E658A8ABD
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
448b6ee0-201e-0048-2169-68257a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7bdb49d72d14926b-FRA
expires
Thu, 27 Apr 2023 02:10:16 GMT
poweredBy_cp_logo.svg
cookie-cdn.cookiepro.com/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-cdn.cookiepro.com/logos/static/poweredBy_cp_logo.svg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Apr 2023 02:10:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
uInNdQwuuw8s7lYl3cE7eQ==
age
60565
x-ms-lease-status
unlocked
last-modified
Thu, 06 Apr 2023 01:29:41 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
123f2294-501e-001f-5169-688b49000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
7bdb49d72d15926b-FRA
expires
Thu, 27 Apr 2023 02:10:16 GMT
sunny.svg
static.ksl.com/images/weather/New2013/SVG/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ksl.com/images/weather/New2013/SVG/sunny.svg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
eb12070a6b2aa3c1c3db3386bfe577c9ee57bbf7af2a7a541b2c5dd2e189ceac
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 00:31:03 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
5953
x-cache
img02 Hit from varnish
content-length
1080
last-modified
Sat, 28 Sep 2013 07:26:19 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
x-varnish
330376214 322778932
cache-control
s-maxage=31536000, max-age=31536000
x-server
v32
accept-ranges
bytes
expires
Fri, 26 May 2023 00:31:03 GMT
night_clear.svg
static.ksl.com/images/weather/New2013/SVG/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ksl.com/images/weather/New2013/SVG/night_clear.svg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
97cc1c91070e278a0fe69e25c2f8f917517d950af0ac4915c7e5de0347b25143
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 20:31:03 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
20353
x-cache
img01 Hit from varnish
content-length
4332
last-modified
Sat, 28 Sep 2013 07:26:19 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
x-varnish
340476771 294468269
cache-control
s-maxage=31536000, max-age=31536000
x-server
v39
accept-ranges
bytes
expires
Thu, 25 May 2023 20:31:03 GMT
/
pages.protectsubrev.com/ 		21 B
359 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pages.protectsubrev.com/
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ce1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW02
Resource Hash
57de05264028a31a958c3315bb559a979fced7919c8920a4c36beaa14c5db5a1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 26 Apr 2023 02:10:17 GMT
content-encoding
br
referrer-policy
origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
RCW02
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCJN%2FAPf6WKBGVeAojoyLsPvvgyn4ogyf%2FY5uufiShrIM1yHkLTd4637iOibGhb0tCIo0pJyPXTYbj80tA037jePjylCE3CD37bNQSdr0RmYSyv%2FLOeNJjc%2BWoBHWTMLOb5cPOUe6QsLwm9u2wKonVnKROYL"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
cf-ray
7bdb49d76d472d04-FRA
expires
Fri, 28 Apr 2023 02:10:17 GMT
s.js
cdn.siftscience.com/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.siftscience.com/s.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.67.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 00:36:58 GMT
content-encoding
gzip
age
523999
x-guploader-uploadid
ADPycdsbVsrOPVHXqk4JgIHoSJBMy-Lns-rLQtSqq6Nvq9zGVTsktNiPbqJv9VJjZ2QbS69BEwR7n6xHG4EjKbRj2qYQOw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20500
last-modified
Tue, 28 Feb 2023 22:39:30 GMT
server
UploadServer
etag
"476f50cbc514dd2a147e8856d7d6a2eb"
x-goog-generation
1677623970358201
x-goog-hash
crc32c=v7KhDA==, md5=R29Qy8UU3SoUfohW19ai6w==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
20500
accept-ranges
bytes
expires
Fri, 19 Apr 2024 00:36:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304200101&st=env
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba3e3e949b215852ecf6544342fc51d6107aa244c3423e084e67946e99a57edf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11174
x-xss-protection
0
29265417.jpeg
img.ksl.com/slc/2926/292654/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2926/292654/29265417.jpeg?filter=kslv2/responsive_lg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
da64160b1fc33ec4dcd7fb591cae51ed641b081dc85de5ba7fbe159d52fd95aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 22:34:04 GMT
x-amz-version-id
I88S2Xq8R2mMASTq_ErcKcV5zdv94NbL
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
XEC0MTQWVF5T59ZP
age
12973
x-amz-server-side-encryption
AES256
x-cache
img01 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
15345
x-amz-id-2
eD2jTK0wv0jwGThUpYuWTTliX/f2jFnFaMiwztwg5+sHfaM5vwxXxalDDbDfKWx+9L/AWTBpzAE=
last-modified
Tue, 25 Apr 2023 14:05:20 GMT
server
AmazonS3
etag
"2e7c057a7a6258df59322dc68975d06b"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
161087534, 338784595 311959511
cache-control
max-age=604800
accept-ranges
bytes
b-8db6969-0d54047a.js
tagan.adlightning.com/deseretdigital/ Frame 02C0 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b512b1e143d27297a87f49b35f418f656508da018781e9e87019fa2922b6fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 00:43:20 GMT
content-encoding
gzip
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-amz-version-id
ktqVwPB8xkChf39sZlqPrBHeThdUR.QP
x-amz-cf-pop
FRA60-P4
age
1992417
x-cache
Hit from cloudfront
content-length
33929
x-amz-meta-git_commit
8db6969
last-modified
Mon, 07 Nov 2022 21:20:45 GMT
server
AmazonS3
etag
"b172b73159838e1e11f525531ea3264f"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
jPly5N4zktSWRpOYQnLz4_An1phJRGz91Hqd0y3DX_qa3UHAch7kYA==
14130026695638007165
tpc.googlesyndication.com/simgad/ Frame 02C0 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14130026695638007165
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a1e4c37310c39957d6a1dc2536b1b4d6473fac156464135afe1a10863eb8e2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 18:59:34 GMT
x-content-type-options
nosniff
age
285043
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65266
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 01:46:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 21 Apr 2024 18:59:34 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame 02C0 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:42:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
34079
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8535
x-xss-protection
0
server
cafe
etag
13968503839060854674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:42:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 02C0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
26493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 18:48:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 02C0 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49532
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682335668691775"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 02:10:17 GMT
b-8db6969-0d54047a.js
tagan.adlightning.com/deseretdigital/ Frame 1DF3 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b512b1e143d27297a87f49b35f418f656508da018781e9e87019fa2922b6fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 00:43:20 GMT
content-encoding
gzip
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-amz-version-id
ktqVwPB8xkChf39sZlqPrBHeThdUR.QP
x-amz-cf-pop
FRA60-P4
age
1992417
x-cache
Hit from cloudfront
content-length
33929
x-amz-meta-git_commit
8db6969
last-modified
Mon, 07 Nov 2022 21:20:45 GMT
server
AmazonS3
etag
"b172b73159838e1e11f525531ea3264f"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
vlQQHQYyI8D1IYxAGVVjc8Su-naN-6WFsNU95eDTUbAiTA3uq8_NTQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1DF3 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49532
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682335668691775"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 02:10:17 GMT
container.html
d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DC83 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 02:10:16 GMT
expires
Thu, 25 Apr 2024 02:10:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
b-8db6969-0d54047a.js
tagan.adlightning.com/deseretdigital/ Frame D1C5 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b512b1e143d27297a87f49b35f418f656508da018781e9e87019fa2922b6fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 00:43:20 GMT
content-encoding
gzip
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-amz-version-id
ktqVwPB8xkChf39sZlqPrBHeThdUR.QP
x-amz-cf-pop
FRA60-P4
age
1992417
x-cache
Hit from cloudfront
content-length
33929
x-amz-meta-git_commit
8db6969
last-modified
Mon, 07 Nov 2022 21:20:45 GMT
server
AmazonS3
etag
"b172b73159838e1e11f525531ea3264f"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
f7UIRQrEDRc8ze-ihQgPW0GTfz5VO3LsLbonXVFDHVQ017Hxhz2O_A==
user
messages-microservice.ksl.com/ 		0
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://messages-microservice.ksl.com/user
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.130.148 Sandy, United States, ASN11319 (DDMINC, US),
Reverse DNS
messages-microservice.ksl.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 02:10:18 GMT
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, DELETE, PUT, PATCH, OPTIONS
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, X-Requested-With
Keep-Alive
timeout=5
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47349
x-xss-protection
0
server
cafe
etag
16316860405809363469
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 26 Apr 2023 02:10:17 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304132133000/ Frame D1C5 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f5a74ea4fa94eaadca122239fe4031ac54bc6ccd5dc4324c2751ea86a943124
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Apr 2023 12:11:36 GMT
age
50321
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61827
x-xss-protection
0
server
sffe
etag
"1754d270d28e2ea6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 Apr 2024 12:11:36 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame D1C5 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Apr 2023 12:11:36 GMT
age
50321
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
server
sffe
etag
"8e65ad5048245435"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 Apr 2024 12:11:36 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame D1C5 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-analytics-0.1.mjs
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Apr 2023 12:11:36 GMT
age
50321
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28942
x-xss-protection
0
server
sffe
etag
"73bf4bf39cc8fedd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 Apr 2024 12:11:36 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame D1C5 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-fit-text-0.1.mjs
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Apr 2023 12:11:36 GMT
age
50321
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1921
x-xss-protection
0
server
sffe
etag
"f061d9295cdc41bd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 Apr 2024 12:11:36 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame D1C5 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-form-0.1.mjs
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Apr 2023 12:11:36 GMT
age
50321
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"8013fcb40cf8ec28"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 Apr 2024 12:11:36 GMT
css
fonts.googleapis.com/ Frame D1C5 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 26 Apr 2023 02:10:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 02:03:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Apr 2023 02:10:17 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D1C5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 08:26:03 GMT
x-content-type-options
nosniff
server
cafe
age
63854
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Wed, 26 Apr 2023 08:26:03 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D1C5 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 11:14:15 GMT
x-content-type-options
nosniff
server
cafe
age
53762
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Wed, 26 Apr 2023 11:14:15 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D1C5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CMTANCIhIZM_vK5Cpx_APkdu9-AaFzKWdcLbN8IbqENvZHhABIN_y1RhgleKQgqAHoAGu4JOjA8gBCakCW3Xz_1Zrsj7gAgCoAwHIAwqqBJICT9D4giJ90d953QZxHeATbUYCXulns7MO7Ce-VixCP93C66dQMaEeJcYk0oxwWEgNqyK4GXkHb4iKecpnom46vZm8zaKsEjWd-BfnCANHjTJwWhK4mRswT4IkmUqMw0ky727czFNhrfdYF6y5RAWJefWrDB22Vv1xorpRrFgSDvc5YsSE94kF5vnIEYvMEPRH2xUW9kez7JAky9OzdTNfVe_KCJ3yN_KEb53lvVMuwUfeMvZX6MNysj2FDHfTBu4RKOT-KZ4OQ958LnD6v-HzFocKzNreEmnwxpkBbYzmBR486TtjV8M1_OaiVbgHOLHcsNwQRczAgMKzDVGeF78JHnwRBvyivTPR9Fq-MHB3oiNuHMAEzqb89JYE4AQBkgUECAQYAZIFBAgFGASgBi6AB7qf7FyoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC3jgPSCBEIgOGAcBABGB0yAusCOgKAQIAKA8gLAdgTDIgUBtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zNzcxODY4NTQ2OTkwNTU5GMSZEA&sigh=I8TsOZjqMF4&uach_m=[UACH]&cid=CAQSTABygQiDbPngPUEGbnKJK8hN1XGdIH_f7K5AhsWyhrrkr_EhS521PcTuN6S0cwjA2_SGv2o5cAtk3zXLZ9tCzX_j0gVKnc8X_Eocnh4YAQ&template_id=5000
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/4563390585704619211/ Frame D1C5 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4563390585704619211/14763004658117789537
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e23c65ac4ccb850c2355ee4b26d77ea7202183aabb3d1a94fd6033311f86985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 19:05:01 GMT
x-content-type-options
nosniff
age
284716
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52979
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 09:18:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 21 Apr 2024 19:05:01 GMT
truncated
/ Frame D1C5 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D1C5 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D1C5 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab2587ffe2023ebe27951a4e32a7c39675398afcace2e697d9ecea44f4d3a01f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
bl-deea5a1-2e3b0aa9.js
tagan.adlightning.com/deseretdigital/ Frame DC83 		40 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-deea5a1-2e3b0aa9.js
Requested by
Host: d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
URL: https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
772e9fbdba851de624a2de4ed759b0752d6681ae1feef9d1859508e3d26dc729

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 00:37:15 GMT
content-encoding
gzip
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-amz-version-id
ULb.COCfYdODK206ed5xAcH57USAJVoQ
x-amz-cf-pop
FRA60-P4
age
5583
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17292
x-amz-meta-git_commit
deea5a1
last-modified
Wed, 26 Apr 2023 00:36:29 GMT
server
AmazonS3
etag
"7009c6b3a31443a2b306d8a811c287f4"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
FlzNL4TSd2jm74kau7eI_g_K-L5q-nWHzPlIxMqQ5lvE3qHKeRGVSQ==
b-8db6969-0d54047a.js
tagan.adlightning.com/deseretdigital/ Frame DC83 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Requested by
Host: d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
URL: https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b512b1e143d27297a87f49b35f418f656508da018781e9e87019fa2922b6fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 00:43:20 GMT
content-encoding
gzip
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-amz-version-id
ktqVwPB8xkChf39sZlqPrBHeThdUR.QP
x-amz-cf-pop
FRA60-P4
age
1992417
x-cache
Hit from cloudfront
content-length
33929
x-amz-meta-git_commit
8db6969
last-modified
Mon, 07 Nov 2022 21:20:45 GMT
server
AmazonS3
etag
"b172b73159838e1e11f525531ea3264f"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
S-JimQlyL2EpVoycgQQNCKQwPhNux1Gc9OqpiYbVT3DbxNAt_OlN7w==
8e3adedd6f76ceb5825dd9d6f211c14b.js
www.gstatic.com/mysidia/ Frame DC83 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8e3adedd6f76ceb5825dd9d6f211c14b.js?tag=client_fast_engine_2019
Requested by
Host: d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
URL: https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af3db37cd37f8c6425e168cdde71e01053db2350a26ce758c1393820a2497453
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 20:46:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
278615
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3832
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 02:08:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 20:46:42 GMT
21eb5d7c47bc016b9c33858ab468091e.js
www.gstatic.com/mysidia/ Frame DC83 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/21eb5d7c47bc016b9c33858ab468091e.js?tag=pingback
Requested by
Host: d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
URL: https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95616f34a1e85258e238c14c3aa1ca3fb74a35703e0e8eb2cb4c834a423ee697
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 22:36:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7763
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 02:08:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 22:36:11 GMT
css
fonts.googleapis.com/ Frame DC83 		2 KB
629 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
URL: https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
564769d95ea349e3a6a0ab89ae661e3ed164e32fe2f845122acbed9f4862d3fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 26 Apr 2023 02:10:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 01:59:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Apr 2023 02:10:17 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame DC83 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
URL: https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:42:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
34080
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:42:18 GMT
ee2c59080e5bf120007802dc0b017c3c.js
www.gstatic.com/mysidia/ Frame DC83 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ee2c59080e5bf120007802dc0b017c3c.js?tag=analytics_pingback_2019
Requested by
Host: d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
URL: https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b977bf6527db152aec01f17b8ccdfcb28ba1526096c1af1d784cef47eab2fc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:12:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
331080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2361
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 00:44:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 06:12:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame DC83 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js
Requested by
Host: d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
URL: https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:42:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
34079
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8535
x-xss-protection
0
server
cafe
etag
13968503839060854674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:42:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame DC83 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js
Requested by
Host: d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
URL: https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
26495
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 18:48:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame DC83 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
URL: https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 21:21:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
17312
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 21:21:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DC83 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
URL: https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49532
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682335668691775"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 02:10:17 GMT
f8970ecc2196f374e9d99027c476dd6b.js
www.gstatic.com/mysidia/ Frame DC83 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
URL: https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 05:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
332398
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13747
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 02:08:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 05:50:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Apr 2023 02:10:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 02C0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1NP4YYZxlKQ_QdrAvB3l1lGF-Gl4R3zRqQlGhPzsEaqooffdGyFUy6gJMFl_YV88RG9h9xWAPkHbgq8QFNA1kMOvPPT_o3t2qqhI8zkdVejMqD7HdYog3XwYyhqSXNDMh_up9a7F6KVpR_lcR-witj7jc5zMFXwBtvtRVYy8ihXUhQ-9z7ilM6fh_-_5yoyddCK3s_eE688iwgKKd-V9zFGhAVglNZJGJ9a1SUnmWPYtb4iiMplLWttRYjcswr_oWu9UMIvfwg7AUv9dy8Nj0qW2D1CHjWOBy4M4DMPmaWaXL7qqhCLGWI_r4e50m6Q&sai=AMfl-YTjAEjgCGAr8VjBCHklKO7zU--5pt-9rj9IwHeU5JgLsldEPIEDWWikX-aaSgzVlVOAQEVQBZWaj-FVbXtbOT1uGW71XLej_nwGzyX1pahilL8cegNbcmcfSxiKL6dFmZHVDw86VrdblG2Y-zkd&sig=Cg0ArKJSzPv8Vjd8m0sEEAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 1DF3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJglV_M4vMJkvPVwcJ_8TlsG2eHQLxLGgNrAlCYZxWBFwy9CHZB84LzuKx_Of5uodjk-40zHeOgXSobeXkguuh_AwyRA-RirI2y_Y-34oyV8FfvSILw0qGqa528YeWs3iV0ht7TnslDlk0Iw05qTi0x_IyWyO-rCaVw7yRasSza7ldCFkPyvWqyykulAife9I6p-sJNaV6ATlysc7lHToqrClRDT6saNxWhvKaCEg007cG62kFbI214HzZP8ZI_9DSWFSdYHnukqBrNlKPIj1R3Trn-4WIxK0TjuF3pR4MOlokIjFcOMiqqRI6lNzP&sai=AMfl-YRw0nFvcvrVFk9W62r5-u9aqchM5STUN0NTZURyuwmjUeAiHBKoQdZukklys0f_FkLe6-AXNSV9yJ7hfyjhELvLWM2mCs148MSf7l98LgfZXo8yncrCcWsvDY_PkGXOjsUJNokBGq07nTgBLUQN&sig=Cg0ArKJSzLZcmyta2FuKEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ba00e54f-23c4-4e2d-b37d-416fdeab53e6.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ Frame 1DF3 		332 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/ba00e54f-23c4-4e2d-b37d-416fdeab53e6.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:2000:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b58caa65faa08db33acd759d602127d7104847752c7f4f28acfbfa3815c6da2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
Kvu6Zw50lHD7GrHd58C3xFfJo8bA7wL.
content-encoding
gzip
via
1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
date
Wed, 26 Apr 2023 02:10:04 GMT
x-amz-cf-pop
FRA56-P7
age
15
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 12 Apr 2023 09:46:04 GMT
server
AmazonS3
etag
W/"21b771b595a16ade784bb58aafa2bea2"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-id
MBktz0hAwI6MPufjCclOOaqgm00uwp15DvUThdrYCN1F7FvT_A0IpA==
apstag.js
c.amazon-adsystem.com/aax2/ 		226 KB
56 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:44:54 GMT
content-encoding
gzip
via
1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront), 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
last-modified
Wed, 19 Apr 2023 20:25:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
1525
x-amz-server-side-encryption
AES256
etag
W/"d0373f28cbce103f094bc2631a9c8dd5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
EzMfHoQVSbqyP4YzDd6a2tlG7Zv4wSEuO-fcbdRnWlIjo6rWAxmhGA==
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=1&c=2719&i=8qsnmi&p=ksl-com&s=15562&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI4cXNubWkiLCJwYWNrZXQiOjEsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APIXaHR0cHM6Ly9zdGF0aWMua3NsLmNvbS9rc2wtc3ZnLXNwcml0ZS8HAPAMLnN2Z3oiLCJ0eXBlIjoiZmV0Y2giLCJzdGFynADANjgyNDc1MDE1MjQwigBKZCI6MRQAUHNvdXJjOwDSRkVUQ0hfTUFOQUdFUkMA0XR1cyI6ImFsbG93ZWS0AEBhc29uswDUXSwiZGF0YVBhdHRlchIAsmxpc3QiOltdLCJpaADPMzYzNjU5MTY0MH0s5QAF8QBuZXh1cy5lbnNpZ2h0ZW7qAOFkZXNlcmV0ZGlnaXRhbPkAAAEB8hxzZXJ2ZXJDb21wb25lbnQucGhwP25hbWVzcGFjZT1Cb290c3RyYXBwZXImOwEgSnPMAR89YwAYY2NvZGUvJgkC8BVlZE9uPU1vbiUyMEFwciUyMDI0JTIwMTQ6MjI6MjMlMjBHTVQWAFIwMjMmQ0wCIEQ9SwKBJlBhZ2VJRD3JAcQlM0ElMkYlMkZ3d3fMATYlMka0AWJzY3JpcHRyAQq1AT0xNja1AVUzMDYsIrUBwmluc2VydEJlZm9yZUIAArQBP2xvYbEBIa8xNjM4MTYxNzc1sQH_JBAynQEiZW7-AgN6AwqxASBtddUDQ29uT2LOAh9MtwE3LzgxtwEIAhIDBIECUi9qYXZheQLQL3JlYWN0LnByb2R1Y4IEfy5taW4uanOhAhE-MzMzoQInMzWhAg_wAEKvMzI0OTUxMzg3OacCBwBuA_EBZ29vZ2xldGFnbWFuYWdlcl0E_xRndG0uanM_aWQ9R1RNLVRWTFo1WiZsPWtzbERhdGFMYXllcvsAEi4wNfsAGDicAw_7AEKvMDU2MjU2Mjg3N_sAB5Fqcy5zdHJpcGXwAD92My_QABIfOWwEACc5N8sBiWlubmVySFRNsgIPHQYnnzA0MTI3ODc4MLUCCHF0YWcuZHVyGQfwCG1lZGlhLm5ldC9zaXRlcy8xMTE1OS9kzQEP4AATHjmwAS85OeAAR58yOTg4NjE1MDTgAAjxA3ByZWJpZGFkcy5yZXZjYXRjaLMBABEAD4EDEy40MNcHARQAByIGD7YBOq8yNTM5MzQ4MTcygAIHBnsDoi1hbmFseXRpY3PYAAUOAA_eABUOZAM5NDUxtAEPAAc6rzM3NzAzMTM5NTTeAFEfMbwBAAneAA9CBEIF5AAPPQUIhnJlZ2lvbjEuvwECSwUBxgHwAGcvY29sbGVjdD92PTImdEkF9i0tSlc4OURMN1Q1RCZndG09NDVqZTM0ajAmX3A9MTkwNDg5OTc0OSZfZ2F6PTEmY2lkPTYxMzc5NzM3OC6QCvAQJnVsPWVuLXVzJnNyPTE2MDB4MTIwMCZ1YWE9JnVhYgUAMGZ2bAcAMG1iPRgAEG0MABFwBQAQdgYA13c9MCZfcz0xJnNpZD1YADBzY3QVAH9lZz0wJmRslwkK8wsmZHQ9VXRhaCUyME5ld3MlMkMlMjBTcG9ydAwAcldlYXRoZXIZAPAIQ2FycyUyMGFuZCUyMENsYXNzaWZpZWQUACAlNzoAM0tTTEoA8AcmZW49cGFnZV92aWV3Jl9mdj0xJl9zrQDyEGVwLkRETV9EZXZpY2VfSUQ9bW5nc3ZzMTMyNnE2JmUeADBTZXPSDAAfAMRwZHI3ZmltdGVtcWcfADBIaXQbAMBldWM0NTUxbWEwdTMbAKBLU0xfTWVtYmVyHgAAEgBgRXhwZXJpjAzBX0dyb3VwPWZhbHNlGgCQbnRpdHk9S1NM5gFDJTIwLboAoCUyRkNvbnRlbnQnAHFTaXRlX1NlKggQPSMBABUA0FRlbXBsYXRlPUhvbWXmAAEVAPEAaXRsZT1ub3QlMjBzcGVjGwEiJnXQAA_uAAQ6dXAutAAH2wWSZW5kQmVhY29uMgkKKwsvNDhNAwAAFAAFCQWvU0VOREJFQUNPTuUMO58wNjY0ODQxMzY0BAgAfQnxAHMuZy5kb3VibGVjbGlja8oGD0sDDA8pAwYJZANAYWlwPc8OAwMOH3MoAQwdMQcHKDQ4UwUPKAFFrzI2NzQ5OTk2NjhcBRENtQk3YWcvJg8BvwkIdgQKwQlXJmN4PWM7Ag9iDQYuNDAWCD80ODJiBkifOTA1Mzk0OTExBgF5D4oGAQkGAQ-KBkMEDAEPTAgIDzoDBRVqhQZRdD1kYyYEA2EmX3I9MyZZBWF2PWoxMDCdBkBVQS03MAtfMjA0LTJ8BgcRapUGgDA5ODk0MyZnDgAQMQwIgDY2MTI0Jl9nUQYgMzCxACg2N7MGwF91PWFHQkFnRUFqQQEA9gNFQUVLfiZ6PTEzNDYzOTAxMjSHAiB4aFoMDZsRLzQ5uwQAABQABbsEP1hIUrQEO68yNTMxNTgxMDMzhgIHD3oB0g8NBQAYOQ0FD3oBRw8uBggPQAsG_wJwbHVnaW5zL3VhL2xpbmtpZKcPFD40NDL1BQnoAA9IEj2POTgxNDgxNDTmAFoAPAsLfREZNOYAD8YEQhMx7AAfNUwDCA-SDyQdN7YBPzUxNJwGRwWSDx82FgQHD8oAIg9mBwEKygAPmgFCBNAAHzFyCAgA5gSgaWMucnVieWJsdfoKMC90ctoXH3JcAxUfMKYBAQhYEACSFmBuZENoaWyTFQBxAAFXFw-jFSRQMzc1OTOIBg_VAEoPEQgAEDUjGQWTBg-xAUIE3AAfNB0JCABAAQcVGQzIFE8tZG9tzBQlDm0QNzUzMG8DD_QAQp8yNDMxMzQ3MDIFCQgPBxNMKjUz5xMPUxE6DwcTEQ_gADgfNLoCAQngAA_GAUMD7RMfNTsFCA_tE0IoNTNrBA_HBzwP7RMRD9YALw-yAQII1gAPsgFDA8kUHzh4AwgvYmV-FgEBTQ4AvgUwZWQ_ixYxSWQ9jBYG6QsD3B0PqBABLjU1ZxcBFAAFWgV_UkVRVUVTVPELO58wOTY2MDMxMTM3GAjRY2RuLm1vdXNlZmxvdwoH_x5wcm9qZWN0cy81YjRkZTExMC1iYzNmLTQwYWEtODc1MS1jMzE3NmJiZjg3ZDUwBxQ-Mzk01ggnNzNnBQ_FAjyfMzI0NTQ0NDI3jAoID_sAUw8HCQIJ-wAP6gJCBAEBHzjxFQjxCmQzbmpncnE0dXZiNDk3LmNsb3VkZnJvbnSnElBhcHAtLX8gT2VhYmboARQuNTQYCTc2MTjoAQ_tAEKfMTkzMDI3MzUzdhkID-0AQQ5HEg_tAAsSQR0ED64fKwTsAA_VAwg1aW1n9B2Bc2xjLzI5MjYFACM1NwcA0DI2LkpQRz9maWx0ZXIHHfABdjIvcmVzcG9uc2l2ZV8yMD8jA1wUMmltZ7gACn0VPTY0ONQDKDY0wwUANxwgSW3_FsJTRVRBVFRSSUJVVEVMAAIEAQ9JHCefMjgzMzY0OTM28wEIDQcBozgwNS8yODA1MzQHAH80MC5qcGVnCAEsDwcCAA8IAVePMTY0NDY2MTA-CwgNCAEEDwIhNjEPAk82MTg3CAEwHjXSEhA2FAAF5QYPEAJJnzMwMTI4MzYwNQgBIQMeAzAyNjEQAg8PAiwA8wALkRAPBwFYjzY2ODExNjYykwoID2oSBgPiGwbTCA9WGAsQNygNC-oAKDczSRMPVhhGfzAwODQ4OTNWGBMLkB4HUBMvZWPYBhQuNjFMEwrrAA_ACD5_MTY4NDk4OWASCA_IAQYP4gAjDs4FCuIAD7oHQiMzMugAD6cIJgHJJP8YLzQwZDQ2ZTgwNzgzOTEzZjM0NWUwZDkzNzk1Mjc5N2EzLVF1ZXVl5SQYLjYxswsQN2wUBc4EDxABQo8xMDkwNDE1OUAiCQ_KCAsPEAFGDtoJDxABCw_tCDIEDwEPzwQIkHRhZ2FuLmFkbEwqQW5pbmfGDAtOKi9vcOoDFg4REig5MdUED-oDPGAxMDc3OTEmHQ-AFQcP4wA9DusDCuMAD9sCRAHpAC81MHwPCA-qCAYFuQovMTiqCAt3dG9wcGlja8koD78KBC4yM5MOKDkykw4PBgFCnzMzNDU4NjY3MsoVCA8GAVoOvQoPBgFYD4scCQBSIhBz1hUQdI4QUXVicmV22gNGP25ld6MID18dBC45M78FARQABb8FD-UbP38xMjcwMTE4_xoJD9QAwUJ0cGMuKSZhc3luZGljuCkBqgHwBXNpbWdhZC8xNjAyMDc2NDc0NjMyXx82ODQzwQEPnwMELzkzpQQAABQABcEBD5oqPI8yODA3NDQ5MToLEwHgALBhZHMvbWVhc3VyZVwlUC9sP2ViviNPZWZta-EAf2AxMTc3NTZ6GA9pBgcGUwowdGFnrC4zaWNlxilQY3RpdmXHJv8EL2pzL2N1cnJlbnQvcnhfbGlkYTcbFQ_VAV-PMTU0NzQ0ODkmEAg_YXBwZgQAAZgrIF9yNwj2Bj9jYj0wLjQ0NTAyNjk3MTM0MjM5OOABAlEvAtYQCiIRAacXCyENKDk0TAgPYwZCnzI3NDEzMDE0MzUJCA9jBgAQMwwQJDM4BwBQMzQucG75EQ8GEgsvMjYwCQAP5ABPnzE4NjQzMzYwOU0IGwTdAAPrAA_kABYPTQYAD-QAWA8EDgiQc2VjdXJlcHViPi4OaygAcAbwBWFkL3BwdWJfY29uZmlnP2lwcGQ96AMDYjYGyQIPSwcFHzUpCQAAFAAFigUPSwc-jzE3NDA3NzQxtwMJD_oA5wC9AQJxBwylBTB0YWeeBT9ncHTuDBYPZgcAHzb_HgkP1g0xjzMwNzU2Mzk3TzAJD6EEAAvDFh80tBQMDwoMGA7QNC85NqcFTo80MzU4MzIzMBUqCQ8GAVoPCwIBDwYBVw-tBhsDDAIQOckFQDY1OTK4FQ_IFwgPDAIYDh0oDwwCUNAxNjY2ODIyMjY4fV19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:18 GMT
cache-control
no-cache, no-store
server
nginx
expires
Wed, 26 Apr 2023 02:10:17 GMT
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=2&c=2719&i=8qsnmi&p=ksl-com&s=15703&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI4cXNubWkiLCJwYWNrZXQiOjEsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APENaHR0cHM6Ly9pbWcua3NsLmNvbS9zbGMvMjkyNgUAIzU5BwDwLTIwLmpwZWc_ZmlsdGVyPWtzbHYyL3Jlc3BvbnNpdmVfdG9wcGlja3MiLCJ0eXBlIjoiaW1nIiwic3RhcrsAwDY4MjQ3NTAxNTIzNqkARWQiOjEUAKA5NjEsInNvdXJjOQAxbXV0oACiT2JzZXJ2ZXJDTEgAoXR1cyI6ImxvYWTVAEBhc29u1ADUXSwiZGF0YVBhdHRlchIAsmxpc3QiOltdLCJpagDPMTY2NjgyMjI3M30sBgEfEjcGAX83MjYuSlBHBQEGIDIwAQIPAAELPjY1MQABLzg0AAEIH0H_ADCvMjgzMzY0OTM2OP8AB_EIZGVzZXJldC50ZWNobm9yYXRpbWVkaWEVAtNvcGVucnRiL2JpZHMvKQDDP3NyYz1wcmViaWRfBwBBNy4yNAUDAwQBMnhocr0ACQQCPTYwMAQCAhQABQQCslhIUl9NQU5BR0VSQQAC_QFvYWxsb3dlAAIhrzI5MzA3ODIyNDkBAf8JIGhi6AHBYmlkLnB1Ym1hdGlj_QGydHJhbnNsYXRvcj-hAQP2ARIt1wQG8wMP7wEFLDEw8wI4NjAx8wMP7wE_nzc2MDIwNjg5Nu8BBw_uAEYN4QNHNjAxMuEDD-4ARx837gAHkWV4LmluZ2FnZeADQC92MS_sAT9ydGK_ARAfNb8BAB810QBJnzA5MTc3MzI5M64FCA_RACkPfwQALzE20QBSHzSiAQdBYWRzLvIGIG5vgwMAjAffYWRyZXE_Y2I9Mzc1OKkBDx80egIAABQAArYDPyI6InoCP485MTcwOTkzMNgAXw9SA0sP2AAQDzUJBiE2Mi8IPzYyODUJDzZfc23YAQ8zCQYPQAUAHzUzCAkPMwkzjzk4OTg4MzUxRAUIDwQBWA-FBAAPBAFXLzIxuAMHoXd3dy5nb29nbGUuB7BhZHMvbWVhc3VyZYkL3y9sP2ViY2lkPWVmbWvrAQ4vOTTrAQAnNjibBA8eCwtAZXJyb3MJL3JlHwscfzE3NzU2MjRxBQmFbmV3cy1hcGkqDPIGdjEvd2VhdGhlci9nZXRIZWFkZXJXEQAG6QAPFAgELjE2hAU3MTY36QAPrAQ-nzMzOTk5NzM1NcwBCA_kADwdNzkHD-QAVR8ysAILBO0N9gdhcGkvMjAxNy9tZW1iZXIvYWN0aXZlvgFSZmV0Y2iCCwrDCwHIACJlbl0NAtsNKTYxqQJfRkVUQ0jFCzuvMDUyMTMzMDQxMN4ABxBzPQ4VY6QCRmtzbC2nDiEtaKUCEC8WAAILACcuarMOb3NjcmlwdO8AACA1Nh8IDO8AGDfDCgyYAw-2DTKPNDU3MTMxMDe2DQjxAnRhZ2FuLmFkbGlnaHRuaW5nhQQDow3_DGRpZ2l0YWwvYmwtZGVlYTVhMS0yZTNiMGFhOfkAFB85vAsANzE5M6gDsGluc2VydEJlZm9yOQIAgAEPqQ8qjzA4MDU5MzQ0UggID_QATg5ICQr0AAztAQ9wBzME-gAfNd4CBzN0cGNsBmFzeW5kaWMpEQHyAYBzaW1nYWQvMfgM9gA3NjQ3NDYzMjcwMzE4NDPPAw9hCAQPdgYBD_EAUJ8yODA3NDQ5MTLfAi7_Ai04ZGI2OTY5LTBkNTQwNDdh3gIVLTA5ogUvMzPeAkifMzgxOTgxNDQzqg0ID94CEw_zACYAeQ8LygQK8wAP3QJCBfkAD4ARCA1NCqM4MDUvMjgwNTM0BwAfNFELDA-BExMeMvQBGDb0AQwBAQ_LBTJ_MTY0NDY2MSkNCQ0AAQSGFSI2MVEMPzE4N4YVCw8AAYefMzAxMjgzNjA10g8I8QJhcHAucHJvdGVjdHN1YnJldtkE9wxjYXVnaHQvcmMtQ2ZaZXViLzczNDIwNTI5NC9uFQ9nCgQQM5MIDO4CABQADxMPSI8yNzg2NjQyNaUICA_qAO0AdwqVcnVsZXM_aWQ92gEGqAYPdwoGD9ABAxc5jwgPdwpAnzE2NjgxMTk4NKgGCA-8AwYDSRkwMjYxvAQPQRkHD7sDEx4zuwQnNzD-AA-7BEERM_8APzY2MrsFGQS7BCE1NLsEfzU0MDUuanD_ACogNjPrAAzNAwAUAAXNA_IHSFRNTEltYWdlX1NFVEFUVFJJQlVURdELD0IYLRAxAwJPNzc4NpkKCA4GAoAwOC8yOTA4M08bAAcAUDkxLnBuGRsDIhkPkgkELjI5Ow4vMzcIEBcPJhskfzM5MjY1MDC8BAoP5AA4HzjOAgAP5ABXDwcQCJBzZWN1cmVwdWKUFfInZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL21hbmFnZWQvanMvZ3B0L20yMDIzMDQyMDAxMDEvPQBfX2ltcGyNChUeNZkIEDQQEgXfAqBhcHBlbmRDaGlsAxsPag0tfzA4MTA4MDfgEwoPCQFkDuwTCgkBDOcED4ANMgUQAQ_oBAgAdAEWaV4QIG0tShDzAG1lc3NhZ2VzLXR3aWxpbxcbFC8XAA__ARM-NjA5jAwZNL4XD_8BO58xODQ2NTYzMzjWBggP7wBIEDG5BQvNBQrvAA_lAUID9gAvNDXlAQiCanMuc3RyaXDQFfEmdjMvbS1vdXRlci05M2FmZWViMTdiYzM3ZTcxMTc1OTU4NGRiZmM1MGQ0Ny5odG1sI3VybD1ZIZAlM0ElMkYlMkYiFgNyE_MRJTJGJnRpdGxlPVV0YWglMjBOZXdzJTJDJTIwU3BvcnQMAANHFQIZAPAIQ2FycyUyMGFuZCUyMENsYXNzaWZpZWQUACAlNzoAM0tTTEoA8gUmcmVmZXJyZXI9Jm11aWQ9TkEmcwcAA6ki8AA9NiZwcmV2aWV3PWZhbHOyEQSKBkBmcmFtEAANsyEQNZgVDKsBGDd1CQ-aAjswMjU0UhofMJoCCQ-kAf4PTwMBCaQBD08DQgSrAR85TQcIAP4CAiAZMnRhZzQHEXLaDVFndG0uagMM4kdUTS1OS01RVkdRJmw9mhWARGF0YUxheWXPGAOjAg-gFQY-NjA5MwYoNTCgFQ-nFD1_ODcwMTk2MBQMCQ_5AFEPRwUBCvkAD_gBQhIx_wAvMTLPDwgAGwcgZC5mIBF4NgnwCXcvMS4wL2pzdGFnP25jPTY2ODYtS1NMXwIFBvsND-QBBy4zNiEHLzUxMApOnzI5MDM5MDI2NVMZCA4UCwP3DQ__DDsOlxYoNTLkAgzrAQ-5EjEF9wwPlhYIIGNvhShSLWNkbi4LADFwcm_iA_8dY29uc2VudC80MjIyNTc4OC02ZmIxLTQzOGQtOTFhMC0wZGEzMmM3NzFmZTglABJWLmpzb24tAg_2EQQPsQYBHzX2EUufMzMxNjU5NjY0CQUIAhwBDycBeQ6BDRA1ZQMFcQwPhB1AAycBD00DCA8nAQYCGwT_BHRlbXBsYXRlcy9vdFNES1N0dWJiCxQfNcwaABA1OAcF8AB_cmVwbGFjZWINNQAYHV84NDA2MG0KCA_uAEgPLwQACe4ADC8ED0YNMgT0AA-kHQkP9ABIDkMPCuIBD_QASw_9AwgPSg8M0GdhbXBhZC9hZHM_cHazC5A0MDkzOTUwNTctGpE2NzUmY29ycmWGKVA9MjA2MmgB0DEyNzY0NjYyJmVpZD0oHnEyMDIwJTJDCwD4EDg3OSZvdXRwdXQ9bGRqaCZnZGZwX3JlcT0xJnZyZz2tEIAmcHR0PTE3Jq0Q4T1maWZzJml1X3BhcnRzpgdgJTJDZGRtUx9wJTJDSG9tZQARQCZlbmP3K_EDdl9pdXM9JTJGMCUyRjElMkYytQwPDwAVAY4M9gVfaXVfc3pzPTcyOHg5MCU3Qzk3MAkAIDI1EwBQMTA4NHgLAC8yQycABw8cAAsMVgDwECZpZmk9MSZhZGtzPTEyMDU5ODIxNzclMkMxMTIxNDSFHggNABA1DQD0CzgyODU0Mzg5NSZkaWRrPTE0Mzg4NjA1ODF-CwAmNzALAAYWANI2OCZzZnY9MS0wLTQw9QD1AXNjcD1wb3MlM0R0b3AlN0MMANgyJTI2cXVldWUlM0QxGQAXMxkAFTIZANBmb290ZXJhZCZjdXN0twGTYW1zPXYlM0RoqwFaJTI2Y2MQAPACYXJ0aWNsZS1pZCUzRDUzNThbACpwdCUAAOcBACoOASUA8gNldWM0NTUxbWEwdTMmc2M9MSbGA4BfZW5hYmxlZEkBlWJ4ZT0xJmR0PdsveDY2NTUmbG0SADcmZGwPAGM0NzM4JmkzAMgmYWR4cz00MzYlMkMGALEzMTUmYWR5cz03NYUBIDc2BwAwMzE0rQHwAjYxMTUmYml3PTE2MDAmYmlozAGCMCZzY3JfeD0IAJF5PTAmYnR2aT1JAjAlN0M9AXAzJnVjaXM9YQEBDwDyASU3QzQmb2lkPTImdV9oaXMIAAJNACN1X18AM3VfYWAANXVfYRQAkGNkPTI0JnVfcwYB-whkbWM9OCZiYz0zMSZ1YWNoPVd5SWlMQwQA_xtGdGRMR1poYkhObExHNTFiR3dzSWlJc1cxMHNabUZzYzJWZCZudnQ9MSZPEA6AZnJtPTIwJnbNAMEmcHN6PTEwODJ4MjbtAAILAADhAAMWAAcLAFEwJm1zenUDAFgDETdYAwwKAAA0A5AyNTAmZndzPTSXAQQEADImb2gAAQAWAyA2MHcEAIEBAw4A9QMmZ2FfdmlkPTYxMzc5NzM3OC4TAhA1HAAA4gQFEgAQNxIA4GhpZD0xOTA0ODk5NzQ5EgBwZmM9dHJ1ZQsAAEAnlzEzMDkwNTM2N0sADwoKDhA29gkLuxABFAAF8wcP4wg-jzI5NTYwMDIyMygJDw0G________AAJICQ8XEC37GDJiZjY1Y2MzLWFmNDMtNDYxNS04NjYwLTU0M2YyYTc2OWRlMS9lbkERD2khBhA25CkMOQcYOXQwD2khQJ8wNTg2OTI5Njk7IwgPLgEGDB4QcDIwMjIxMC50FL9vdEJhbm5lclNkaysQFB82GSgAGTb_AA_zGDufMzQ4MDIxNzAwZhMhD_oAOw8lEQAK-gAPQw9C0DM0ODAyMTcwMDZ9XX0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:18 GMT
cache-control
no-cache, no-store
server
nginx
expires
Wed, 26 Apr 2023 02:10:17 GMT
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=3&c=2719&i=8qsnmi&p=ksl-com&s=8118&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI4cXNubWkiLCJwYWNrZXQiOjEsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APANaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbRUA8BBpZC9pbnRlZ3JhdG9yLmpzP2RvbWFpbj13d3cua3NsJwDwCCIsInR5cGUiOiJzY3JpcHQiLCJzdGFyrwDANjgyNDc1MDE2NjQznQBGZCI6MRQAkDk5LCJzb3VyYzwAsmFwcGVuZENoaWxkQQCQdHVzIjoibG9hEABgcmVhc29uwQDUXSwiZGF0YVBhdHRlchIAsmxpc3QiOltdLCJpYwDPMDYzNjQzMjEwMX0s8wBlLzUw8wAMMW11dIcBIE9ifAFPZXJDTPoAOR84-gAHEWMzAlItY2RuLgsAMHByb8oBEi_BAfYYdGVtcGxhdGVzLzIwMjIxMC4xLjAvYXNzZXRzL290RmxhdC5qc29u-AFSZmV0Y2i8AAr3AT03MzkEATc3NDD3AdJGRVRDSF9NQU5BR0VSQwAC-QFvYWxsb3dl_AEhrzQyMzQwNDM0MzcCAULPdjIvb3RQY1BhbmVsCAEWLzQxCAEAHzIIAUufMTg5MTE3ODU0CgJF_wFDb21tb25TdHlsZXMuY3NzEQIRLzQyCQEAHzMJAUuvMjgyMjc4MjIwMxECB_ECYXBwLnByb3RlY3RzdWJyZXYQA4FhcGkvZ2V0c-MA8AhldHRpbmdzP2lkPXJjLUNmWmV1YiZ2PfIFAwAFDwgDBy80NPcAAB809wBLrzE2NTEwMjU3MzT3AAgM9wUvZGX2BToP7gEAGDbuAQ_2BTufMjA0NjYxNjc48gBnD_UFABk38gAP9QVCBPkALzky6wEH9BpkODNjY2Q0OWE1NjQ1NDVhM2UxMjg0OGQxZGI1ZmRmOS5zYWZlZnJhbQMIYXN5bmRpY6IGAQ0DBSAA8AgvMS0wLTQwL2h0bWwvY29udGFpbmVyLg8ABgMEEWlLAALSBQoVBi42NxkHNzc2NQ0Dwmluc2VydEJlZm9yZUIAAhQGDw0IJX8zOTcyMzQxEQYJDx4BeA8rBAAJHgEPQgJCEzAkAR80MQkIAiwIDzcIAHBsb2dvcy9zzggiYy8mAEBwcm9fFwBHLnBuZxUCEG0NAA0eCi83ORICACc5MRIC-AdIVE1MSW1hZ2VfU0VUQVRUUklCVVRFHAIPMAgnnzA1NjMxNDYyMygHIQDkAAX7AMJwb3dlcmVkQnlfY3D-ACBzdvEAAx8GH2n-AAUPJgUAGDkmBQ_-AEmfMjc0OTMwNzE2HQcIX3BhZ2VzHwcABtkBD_oGBj04NTj6BgEUAAX5Cw8CCkCfMjExODI0MjMz1AAIAqcCD80CDQ_SASMuODLEAyg4Ne4MD8QDQgTLAS85NQYGBw_3ABMCJgAPxAMcDuMKCvQAAuwHCLQDD9AFJQSxAx856ABgLjgyyg4K6AAP3AFCBKUEHzegBQjCbWVkaWEudHdpbGlv3A2AbS9zZGsvanOmBwCoEAHNB4BzL3JlbGVhc-ANAdsNAjIARi1jb24kAGcubWluLmrTCwIbDgK-AQrQBy4wOeMDNzk1Nr4FAvoBD9wPN282Mzk0MzSyBAkPCwFkHzHbCAAKCwEPHQJDETYSAS81M_kDCAKeBwS0ESAvaU0H_w1zL3dlYXRoZXIvTmV3MjAxMy9TVkcvc3VubnkuugYRLzgz-gEAGDnXDg_6ATuvMjM2NTc3NDI1NvkDBw_oAEMOxxAfOegAUQ_CEAgP6ABCD54PAA_oAFEvNjDQAVwPjw8AD-gAUg-fDQgP0AFDDqwGD-gAUg-lBggP6AAXv25pZ2h0X2NsZWFyjgQTD2QWABk5SAsPjgQ7nzM1ODI1MjIwNdYBMg_uAB8OZAoP7gBSD1QLCAAoDDNhZDJDGAxAEPYnZ2V0Y29uZmlnL3NvZGFyP3N2PTIwMCZ0aWQ9Z3B0JnR2PW0yMDIzMDQyMDAxMDEmc3Q9ZW52ZAw_eGhyfwgBPTk5NWIMKDk5fwg_WEhSYhY7nzIwNTg5MDg3NogGCA8MAWQfNgwBZg-sBgg1aW1neQiBc2xjLzI5MjYFACM1NAcA9xMxNy5qcGVnP2ZpbHRlcj1rc2x2Mi9yZXNwb25zaXZlXzIwZxUPSA8DPTcwMQkCAhQABWsOD0gPSY8wNDI5MTc3NEERCUBtZXNzSw9gLW1pY3Jv9RkAcRsDRxtAL3VzZeECAy0QD1IPBT03NTX5AwIUAAXnAA9SD0CPMzUxMzUwNDmqBwkP8gILAh4AAIwMU2Fkc2J5ZhwIYgwP8gAHHzbyAAAAFAAP8gBJAKcdTzQzNzk1GAkP2AJVDdUDIDc1aQwF_wAMVQwSQSgFDzUVKwTQAg_eBggAZQ6ic2lmdHNjaWVuYzQeH3M2DhQBrAYiZW6vHQImHiA3OEoOBdYAD64HPMA4MTIxMzU1Mzd9XX0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:18 GMT
cache-control
no-cache, no-store
server
nginx
expires
Wed, 26 Apr 2023 02:10:17 GMT
721297.gif
hexagon-analytics.com/images/ 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hexagon-analytics.com/images/721297.gif?bk=46e0e4c3e4&tm=622&r=251748133&v=106&cs=UTF-8&h=www.ksl.com&l=en-US&S=2a4192afe2d071f9addcd582115098f1&ui=0&uu=d3f17d0fc3aab892c4fa65aa1311884&t=Utah%20News%2C%20Sports%2C%20Weather%2C%20Cars%20and%20Classifieds%20%7C%20KSL%20News&u=https%3A%2F%2Fwww.ksl.com%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
42.232.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:18 GMT
via
1.1 google
x-content-type-options
nosniff
server
nginx
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ Frame 02C0 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f309d2f3633cd87e36d55813f09b751a231548ff773136e3ca121c341bfd07f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 02C0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMLKzOFRdg9-I3ynyTcI4yhKyQzLFnQk5HBcYLe3t5LJnjXQnrQdGuaRfYiDgh12H6U9Jbh7MDuCwrUt457bR0Rl4Pg_c16dGmPXtfEOG1ds3HlbcFB5SpN_t7aa0dyyEEo5uq1NpdaBQvX-jTQlM73sAR0E9EHgWfqaBqwDoaaE729HBpqqSGdL4PdjUOQfT_jUz_wTedkZVZ1tbKWMl46eetkBQw2OBO8ws1iDf0fGGxgYZfHaL3MPf5QBppAMgYukIrCnpsTyuk9TUgKNNdFRpP3WraGq6gLe7YLX34njTww2Zn5_QeAyDeEETI6uh6&sai=AMfl-YRJKdJ9Kl-3iCxxiej6UFW8RM9QkMwkn_6M0AiM4QF7MCrLKVwBjRUai-Z34XQfGWqBpSJpeQxrYJB4AuSYLH-rTTLlyViCciGB8Krg-LxJ9tJXVgucpIWBtKywBkM5ZvC46U-xxpD4lDBcnozO&sig=Cg0ArKJSzLYoVMezBkzSEAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 26 Apr 2023 02:10:18 GMT
truncated
/ Frame 1DF3 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58000a1ff5c085996eed8210b5d7db6ac325a6336108f45e20313aee88a42aef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame D1C5 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 22:26:30 GMT
x-content-type-options
nosniff
age
272628
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29728
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 16:59:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 22:26:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 355E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
26493
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:48:45 GMT
expires
Wed, 24 Apr 2024 18:48:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 35AC 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f1794e88326da2fbaad00cb551bb55d6f7d30d50bd3bf392c08f87281f1b5770
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qCcgBlYQqrR2vZNttwfo2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-qCcgBlYQqrR2vZNttwfo2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 02:10:18 GMT
expires
Wed, 26 Apr 2023 02:10:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
9b4d4e453ac54fe6a73a32132ed3e5ed.min.js
js.sentry-cdn.com/ Frame 1DF3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.sentry-cdn.com/9b4d4e453ac54fe6a73a32132ed3e5ed.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
711134976181adb2d46f7cd3eb5668d89149028592caad25564747b6b9236fea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
age
33
x-envoy-upstream-service-time
9
content-length
1213
x-xss-protection
1; mode=block
x-served-by
getsentry-web-default-common-production-787fcccd6d-v2slp, cache-fra-eddf8230077-FRA
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count
1
accept-ranges
bytes
timing-allow-origin
https://sentry.io
/
geoip.insticator.com/json/ Frame 1DF3 		242 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/ba00e54f-23c4-4e2d-b37d-416fdeab53e6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.73.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-73-41.compute-1.amazonaws.com
Software
/
Resource Hash
bb660b202f74be0a5a795ed49294eb04ec9094770358cf4bca8176f3905e22fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
https://www.ksl.com
date
Wed, 26 Apr 2023 02:10:19 GMT
access-control-allow-credentials
true
x-database-date
Tue, 25 Apr 2023 03:36:59 GMT
content-length
242
vary
Origin
content-type
application/json
810d5e42-1b55-4101-9b13-1bce1468f410.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ba00e54f-23c4-4e2d-b37d-416fdeab53e6/ Frame 1DF3 		338 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/ba00e54f-23c4-4e2d-b37d-416fdeab53e6/810d5e42-1b55-4101-9b13-1bce1468f410.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ae00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96f869fa9eb6dd696d098d53b949165f5a21b45e2c65d9c0d40cc0f75f5c394b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 20:36:33 GMT
x-amz-version-id
7JNnHTYP7fo0ptvZMHHUdFMVrT_xNuoC
content-encoding
br
last-modified
Wed, 12 Apr 2023 09:45:53 GMT
server
AmazonS3
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/"431e16f98048549edde5ddd7ca817cde"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
20027
x-amz-cf-id
nWEpBuiyGFTrW6zV8-37V28E7rgJFYdHsiKdwcU-G5iHQg5BQyspzg==
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ Frame 1DF3 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9cdab9e45d475492914a9d0cd174ef2eea98f9d2bea9679866a2cf51fae0b19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
NhbbKZnLP4u7VSyd1EC9z9nudl_OwwHi
content-encoding
gzip
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
date
Tue, 25 Apr 2023 03:08:58 GMT
last-modified
Fri, 10 Feb 2023 16:54:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
82882
x-amz-server-side-encryption
AES256
etag
W/"61dc0a76c2dda9f5ee8da5fe7ef89bb9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
5q_Q2GpGniwe39cF-65zp0TE8EXT4De4U3WJ3ZVO_ZO3H1gZUhw9Fg==
config.js
cdn.confiant-integrations.net/j70k-RPEAAeKQrBF1b_WkxVurYo/gpt_and_prebid/ Frame 1DF3 		125 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/j70k-RPEAAeKQrBF1b_WkxVurYo/gpt_and_prebid/config.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6917ca23027895f3670bc51b2c0b56115d759153e3082310172287573a28e6cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:19 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 25 Apr 2023 21:30:44 GMT
server
cloudflare
x-amz-request-id
Z43KQTAA3W7VQDE8
etag
W/"35c65c0137c0b68f79c912a64bb0808b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7bdb49e68b5b8fd6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
8In1sr7s6j54b287xjgNduR3tuuPuspP4U0wHed9OcAwBzWiy1AHc1fWbfsAEaw5F5ISvZMhs7o=
index.html
auth.instiengage.com/auth/ Frame 5691 		75 B
496 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5c00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
229
cache-control
max-age=300
content-length
75
content-type
text/html
date
Wed, 26 Apr 2023 02:06:31 GMT
etag
"2e3d17ce9023be2c1313c02113f5c568"
last-modified
Tue, 21 Mar 2023 10:30:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-id
TJkjF-iAKaEFjd_21b2yLNhzcI54aW59_9AvgF3Sl5jAzFGdPcFC5A==
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
4LmILVgfekmlhfSls.j2IJiEDmKflKjU
x-cache
Hit from cloudfront
/
pages.protectsubrev.com/ 		21 B
496 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pages.protectsubrev.com/
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ce1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
57de05264028a31a958c3315bb559a979fced7919c8920a4c36beaa14c5db5a1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 26 Apr 2023 02:10:19 GMT
content-encoding
br
referrer-policy
origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
RCW03
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEBEdZR5VlCjMMs228xbSE8DD%2F1FblYM5AquAcmQrtO9snRXxOUhEgd8MopMEhkRvB%2BWjFzsrC0vl2K5Zz4gAItmn1S9S5OM1z1ACAG3yxIUw9byLjbfcetL%2FnKIJxTjfjRP5yW1%2FcpNwVIKxaFujjCWTsIu"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
cf-ray
7bdb49e78b4a2d04-FRA
expires
Fri, 28 Apr 2023 02:10:19 GMT
event
event.insticator.com/v1/ Frame 1DF3 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/ba00e54f-23c4-4e2d-b37d-416fdeab53e6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.181.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-181-176.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.ksl.com
date
Wed, 26 Apr 2023 02:10:19 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
authIframe.js
auth.instiengage.com/auth/ Frame 5691 		65 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/authIframe.js?v=1
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5c00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
OuWMsLBhK4uFZNl_9s4OvQrmeYa9DU1h
content-encoding
gzip
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
date
Wed, 26 Apr 2023 02:06:24 GMT
last-modified
Tue, 21 Mar 2023 10:29:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
239
x-amz-server-side-encryption
AES256
etag
W/"e0bffec4a3929b23d4347f914449f5cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300
x-amz-cf-id
zblmogw8lGc0wReneYjlVWNPI-MKmMdVZaFyupKkdeEg37xlnct8Cw==
shopping
encrypted-tbn2.gstatic.com/ Frame DC83 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcT_h_6PMsev9aRzAdIpXQ3TakOcvH3Q53f2qOFD2wDYqRUfTHX-AG989lpsCw&usqp=CAI
Requested by
Host: d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
URL: https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0865523016de3e0634fb7582358cc22c76d5e670d8a5ad928683b0a61732363b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 16:10:50 GMT
x-content-type-options
nosniff
age
295169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40305
x-xss-protection
0
last-modified
Tue, 21 Mar 2023 14:32:24 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 21 Apr 2024 16:10:50 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame DC83 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQkDGEO3MJSUUtWMyu7YrCQhHHqX2FePFqmXaXEov9mUp_cTd9eyLCTjqm3qQ&usqp=CAI
Requested by
Host: d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
URL: https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ca8e9cacbd4a8bfe53891289bbf2f2422f28fa012b8384390a048f8c91350db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 21:28:16 GMT
x-content-type-options
nosniff
age
276123
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39177
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 11:35:22 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 21 Apr 2024 21:28:16 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame DC83 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcS5Lt9V0TU7nLipnrs2uUMmXJYmN_RDPJtXry6tiGJJ91Ki8muxpNBP4DVZKYI&usqp=CAI
Requested by
Host: d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
URL: https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7c11622f711882e65363525500cffd038d47b36fb54f1e027bef3ad93c09875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 22:40:38 GMT
x-content-type-options
nosniff
age
271781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35596
x-xss-protection
0
last-modified
Sat, 08 Apr 2023 07:54:56 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 21 Apr 2024 22:40:38 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame DC83 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcR2Fb5uajMFtSQBq_Wr-q3lePaW88cTrvztSZ-O6dkmFf8TwHSj8zWJtgnM2cY&usqp=CAI
Requested by
Host: d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
URL: https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d83bc093af7fb0dbc851442031ed6fe10c7f9b15c02ba047bf6a6b95be11e39f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 05:28:22 GMT
x-content-type-options
nosniff
age
333717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37830
x-xss-protection
0
last-modified
Fri, 24 Mar 2023 18:46:40 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 21 Apr 2024 05:28:22 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame DC83 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSYsIED13JG35aFNs5Jfa5QFQ04tGsZdqmohGjwEofSqr52Hl0&usqp=CAI
Requested by
Host: d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
URL: https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53e0cfe5a911f5faf9325f459850c6898dcb83914c5353fd8d8ac0f1ddf43775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:25:44 GMT
x-content-type-options
nosniff
age
290675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46446
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 14:18:54 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 21 Apr 2024 17:25:44 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame DC83 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ck4YGCIhIZM7vK5Cpx_APkdu9-Aaj8N-fcOb0lcCQEaXd9tGuMBABIN_y1RhgleKQgqAHoAG83Zy4A8gBCakCW3Xz_1Zrsj7gAgCoAwHIA8sEqgSMAk_QmYuhBFr9d0nIl3gdN8hi_a2Rxu1y9_foLJzyVjvWRtCq8NOwYZAT8boDtnajBRPA7dZC19n0RouGES3g9UWY7N3l0DcEB5wiYLTCcBTwb6qpiFY2zAPaqRZqzgL4B_PdEqWUToDkzmbasz75tufejAnuYKwMTaSANv4kKAJC-440mwV3QqWFu_QAf5DsPrAWRVvr0H2C65OcTJCxLzd0jLrSxcEoFPswfSq46J8sjyhdJrYGezP7AtzlOIppKYVIq9Q5sGhdIKMJ-P78BhYAGxOcKEjeKRCZYIy2fA6FfgIFGdxCCkMLtNoDm9vUeEnihc7Ac1vnyI0zcNzERfoHF8NjoTeQL7cU7SfABL7s5KeCBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAesouNHqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEELeOA9IIEQiA4YBwEAEYHTIC6wI6AoBAgAoDyAsB2BML0BUBmBYBgBcBshceChwIABIUcHViLTM3NzE4Njg1NDY5OTA1NTkYxJkQ&sigh=brzBM9XrhaY&uach_m=[UACH]&cid=CAQSTABygQiDbPngPUEGbnKJK8hN1XGdIH_f7K5AhsWyhrrkr_EhS521PcTuN6S0cwjA2_SGv2o5cAtk3zXLZ9tCzX_j0gVKnc8X_Eocnh4YAQ&template_id=494
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
truncated
/ Frame DC83 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e2144161706d7aa103f8478b83acbf07fdebf04172653c82c5e4145fcb6408b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.181.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-181-176.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.ksl.com
access-control-max-age
3600
content-length
0
date
Wed, 26 Apr 2023 02:10:19 GMT
vary
Origin
sodar
pagead2.googlesyndication.com/pagead/ Frame 35AC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304200101&jk=4093950574437675&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 02C0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEpGnFHhi0TXwJYv8cX40DBhUvXbuTwe-bpciW3kKHnRcYqwBNQEaAW-6CH3fnRo61MQ81797m_sgCSChjKkSaWMwSUszqnXlPrPo_75j4hP9X8rW-&sig=Cg0ArKJSzEfWBuuQa9FUEAE&id=lidar2&mcvt=1077&p=750,315,1000,1285&mtos=1077,1077,1077,1077,1077&tos=1077,0,0,0,0&v=20230424&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1205982177&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682475017091&rpt=1467&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DC83 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoSCAEqDmJhbm5lcjMtc3F1YXJlCgoIAioGc2VydmVyChUIBCoRbXlzaWRpYV9hbmFseXRpY3MKDRArIQAAAAAAAF5AMAQKDRADIQAAADMzp59AMAQKDRAKIQAAAACYmQlAMAQKDRANIQAAAAAAAAAAMAQKDRAeKgc5NzB4MjUwMAQKDRAZKgc5NzB4MjUwMAQKDRAOIQAAAACAmbk_MAQKDRAEIQAAADMzD6BAMAQKDRAPIQAAAAAAAAAAMAQKDRArIQAAAAAAAGNAMAQKDRAFIQAAgJmZEaBAMAQSGkNNNlQzTzI3eHY0Q0ZaRFVFUWdka1cwUGJ3IhJncGEvbWF4aW1hbF92MV9vY2goDA==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/21eb5d7c47bc016b9c33858ab468091e.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
ex.ingage.tech/v1/syncPage/ Frame 10D6 		951 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/syncPage/rubicon?userId=fef6be29-7321-4159-8834-adf975779342&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:43d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-ray
7bdb49e8ec8b9042-FRA
content-encoding
gzip
content-type
text/html
date
Wed, 26 Apr 2023 02:10:19 GMT
server
cloudflare
vary
Origin
pixel
ap.lijit.com/ Frame FB93 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2Ffef6be29-7321-4159-8834-adf975779342%3Fuid%3D%24UID
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Wed, 26 Apr 2023 02:10:19 GMT
X-Sovrn-Pod
ad_ap2ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 40D0 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=45674
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 26 Apr 2023 02:10:19 GMT
expires
Wed, 26 Apr 2023 14:51:33 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 0E3A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ffef6be29-7321-4159-8834-adf975779342%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ffef6be29-7321-4159-8834-adf975779342%3Fuid%3D&s=192379&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ffef6be29-7321-4159-8834-adf975779342%3Fuid%3D&s=192379&C=1
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
c97a1fa150377a0ccc902c9b567fa7744d5b883396aaaeb55a836258a29a41a1

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1970
Content-Type
text/html
Date
Wed, 26 Apr 2023 02:10:19 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Wed, 26 Apr 2023 02:10:19 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ffef6be29-7321-4159-8834-adf975779342%3Fuid%3D&s=192379&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 9F6B 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.24.0
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:f76:14f7:d635:25c4:c8d7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4890) /
Resource Hash
0f4328dd583577482da89d8af94cd1146cec997553dd53bc2f9ee3d406cfa9ce

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
76
cache-control
max-age=900
content-encoding
gzip
content-length
6755
content-md5
HcWFhk+tXaF3NZt1fPMIOA==
content-type
text/html; charset=utf-8
date
Wed, 26 Apr 2023 02:10:19 GMT
etag
9f484a91-0039-4789-8873-641b0861cba7
expires
Wed, 26 Apr 2023 02:25:19 GMT
last-modified
Thu, 02 Feb 2023 14:10:57 GMT
opc-request-id
iad-1:EyrQN9xTGkPNEan4guTCbTXxX9gf7uejLxYE4foVGklt3AbnGtXSG7k_8NwSEZJu
server
ECAcc (ama/4890)
storage-tier
Standard
vary
Accept-Encoding
version-id
68d8e56e-76a4-4241-8b88-07572b4580e7
x-api-id
native
x-cache
HIT
sync.html
public.servenobid.com/ Frame 5C45 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-106.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35158
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Tue, 25 Apr 2023 16:24:22 GMT
etag
W/"fd0102e5847015626666169917857ba8"
last-modified
Wed, 12 Apr 2023 16:16:50 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-id
uS5rZhMpaN733Q2Jex_FcXeEyLTX2ICdfWqmFh2t_WgQ8xKNQK3Axw==
x-amz-cf-pop
FRA60-P4
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:b4af218c-2bc9-4531-9210-521693d9d5d7
x-amz-meta-codebuild-content-md5
9cec9a15b660da7393081e2fc6c34731
x-amz-meta-codebuild-content-sha256
8e6d48a695640d90e0623cd4e573f94721be8c1becd249758c7df42fcffde7be
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:43d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.ksl.com
access-control-max-age
3600
cf-cache-status
DYNAMIC
cf-ray
7bdb49ea0e639223-FRA
content-length
0
date
Wed, 26 Apr 2023 02:10:19 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Headers
insticator
insticator.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_7.25.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://www.ksl.com
access-control-max-age
86400
date
Wed, 26 Apr 2023 02:10:19 GMT
server
nginx
arj
insticator-d.openx.net/w/1.0/ Frame 1DF3 		71 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.ksl.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0acf94c4-e8a8-4147-82e7-cf0eb2b07309&nocache=1682475019810&pubcid=619faae1-c454-447e-82f1-fc11c79fdd22&schain=1.0%2C1!insticator.com%2Cb084a98c-97ed-4c13-916c-6ed0855a0e6a%2C1%2C%2C%2C&aus=728x90&divids=div-insticator-ad-9&aucs=ksl.com-div-insticator-ad-9&auid=540832993
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/ba00e54f-23c4-4e2d-b37d-416fdeab53e6/810d5e42-1b55-4101-9b13-1bce1468f410.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3be7ee82747b50bd96eebb21a9a7d67f67d98bc67d383b66a5fb28ae8fe7bed9

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:19 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ksl.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
expires
Mon, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 1DF3 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=297221
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/ba00e54f-23c4-4e2d-b37d-416fdeab53e6/810d5e42-1b55-4101-9b13-1bce1468f410.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cba5e41ab4f810ed08be5d948c27977f77eca53a95b632ceabc650d634f4535

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EX%2F2sN2tddI5KqLVsaZaypNwKnCINBRtrWlv7%2B3SK3YG9JR8sI6AC1CcXUdbRhZS8qUk9iB9fLNBG2nJAJyJ16TQcAkZ394tDWByyYElaDO7T%2FjOke3HuiM%2BUCPhnnlQrF7oDKlQ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7bdb49ea08062baa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 1DF3 		279 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=156692&zone_id=747254&size_id=2&rp_schain=1.0,1!insticator.com,b084a98c-97ed-4c13-916c-6ed0855a0e6a,1,,,&eid_pubcid.org=619faae1-c454-447e-82f1-fc11c79fdd22%5E1&rf=https%3A%2F%2Fwww.ksl.com%2F&tg_i.pbadslot=ksl.com-div-insticator-ad-9&tk_flint=pbjs_lite_v7.25.0&x_source.tid=bac12aa7-02b0-4ef0-8d8d-33d651ad8c8c&l_pb_bid_id=679538938f923&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=ksl.com-div-insticator-ad-9&slots=1&rand=0.3496648221044911
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/ba00e54f-23c4-4e2d-b37d-416fdeab53e6/810d5e42-1b55-4101-9b13-1bce1468f410.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
70f6d6e35022b077756bb5356f79654816d010063fd57a5725a2c69b19856513

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
279
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame 1DF3 		94 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%228553d132741377%22%3A%2228cd0783cfa78994696e%7C728x90%7Cgpid%3Dksl.com-div-insticator-ad-9%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.ksl.com%2F&s=2662fb8c-818b-4e2d-8b32-00fd674eb4f4&pv=a8b6ec8d-3eb6-4185-9169-09a6b0acc0d3&vp=mobile&lib_name=prebid&lib_v=7.25.0&us=50&fpd=%7B%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22b084a98c-97ed-4c13-916c-6ed0855a0e6a%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22619faae1-c454-447e-82f1-fc11c79fdd22%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22619faae1-c454-447e-82f1-fc11c79fdd22%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/ba00e54f-23c4-4e2d-b37d-416fdeab53e6/810d5e42-1b55-4101-9b13-1bce1468f410.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
6b81643deef20fd1b9ce3940b869880e55c5d0d46ef7c10f5b1ac52d6e47c2cd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-51
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.ksl.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
119
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 1DF3 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/ba00e54f-23c4-4e2d-b37d-416fdeab53e6/810d5e42-1b55-4101-9b13-1bce1468f410.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a00acf9938b5d93a043cda293d61be1f2842e1ccf6e3c2ff303560fe0d52f61a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:19 GMT
AN-X-Request-Uuid
a95351dd-0f4e-4bfa-a154-440ae968d4f1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ksl.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.108; 146.70.117.108; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ Frame 1DF3 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/ba00e54f-23c4-4e2d-b37d-416fdeab53e6/810d5e42-1b55-4101-9b13-1bce1468f410.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Wed, 26 Apr 2023 02:10:19 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
imp
g2.gumgum.com/hbid/ Frame 1DF3 		340 B
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1682475019834&to=0&aun=div-insticator-ad-9&pubcid=619faae1-c454-447e-82f1-fc11c79fdd22&gpid=ksl.com-div-insticator-ad-9&maxw=728&maxh=90&si=19569&pi=3&bf=728x90&schain=1.0%2C1!insticator.com%2Cb084a98c-97ed-4c13-916c-6ed0855a0e6a%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ksl.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.25.0%22%7D&ogu=null&ns=9523
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/ba00e54f-23c4-4e2d-b37d-416fdeab53e6/810d5e42-1b55-4101-9b13-1bce1468f410.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.75.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-75-253.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
77ed4d213ee67d980fccc23c10ae50011c9cdc417cd98f7030ec795f1791a7da

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ksl.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame 1DF3 		0
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/ba00e54f-23c4-4e2d-b37d-416fdeab53e6/810d5e42-1b55-4101-9b13-1bce1468f410.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.207.16.146 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams03-convex-float1.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
openrtb
ex.ingage.tech/v1/ Frame 1DF3 		69 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/ba00e54f-23c4-4e2d-b37d-416fdeab53e6/810d5e42-1b55-4101-9b13-1bce1468f410.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:43d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ce959b4e1924e20460aaf268f8a697887c4aa42014abffbbdcb32a39abc9d1d

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ksl.com
access-control-allow-credentials
true
cf-ray
7bdb49eaad6c9042-FRA
hb
ssc.33across.com/api/v1/ Frame 1DF3 		87 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=ayecLO80ur6ik0aKkv7mNO
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/ba00e54f-23c4-4e2d-b37d-416fdeab53e6/810d5e42-1b55-4101-9b13-1bce1468f410.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
42ee378eaae1ea2d89bc161c171e2e413af4564cbfeb131b6e6f08c3db3b4e43

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.ksl.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
insticator
insticator.technoratimedia.com/openrtb/bids/ Frame 1DF3 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_7.25.0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/ba00e54f-23c4-4e2d-b37d-416fdeab53e6/810d5e42-1b55-4101-9b13-1bce1468f410.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
867563027
access-control-allow-origin
https://www.ksl.com
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 1DF3 		24 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.25.0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/ba00e54f-23c4-4e2d-b37d-416fdeab53e6/810d5e42-1b55-4101-9b13-1bce1468f410.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a2a7a8a9f2edf6156960595df99ac2fb2c8067ce0730ff0d7d457c3616a1b887

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 26 Apr 2023 02:10:19 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
hb-mm-multi
hb.minutemedia-prebid.com/ Frame 1DF3 		105 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/ba00e54f-23c4-4e2d-b37d-416fdeab53e6/810d5e42-1b55-4101-9b13-1bce1468f410.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.76.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-76-181.compute-1.amazonaws.com
Software
/
Resource Hash
15df8c6c38b0eb51c86085207ed9e4c40fdc318079d877fb52ade22ae0e19ba8

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.ksl.com
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
/
onetag-geo.s-onetag.com/ Frame 1DF3 		555 B
969 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-41.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 10:43:08 GMT
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront), 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA56-P5
age
55630
x-amzn-requestid
9cd51c47-f9e1-4071-af92-4c1efe8141ef
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
D7g9kFL1CYcFYdg=
content-length
555
x-amz-cf-id
ELZ9EZwfwiv71A23NjpZTs4-YKRDMvK-CvwE1EsJZRryWMUccvi0iQ==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
h0jfx2_ld0LSppgdK5454e6x8dlC_h3s
content-encoding
gzip
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
date
Wed, 26 Apr 2023 01:28:09 GMT
last-modified
Wed, 01 Mar 2023 12:13:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
2531
x-amz-server-side-encryption
AES256
etag
W/"fd89ceeda84b55780ed4e8f97b752a7a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
5cw9vljFR43pey7QTnp8k8FXXPpLqQLCa1P0WdGEtgwP4rDkpY-cXQ==
%2F
signal-segments.s-onetag.com/desktop/www.ksl.com/ Frame 1DF3 		122 B
435 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/www.ksl.com/%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-48.fra2.r.cloudfront.net
Software
/
Resource Hash
4a34e5dd7061d76c1db4ed23204d7a47d08db818fa49f7a6195899a7bfeeb828

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 10:38:26 GMT
via
1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
55913
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
content-length
122
apigw-requestid
D7gRdgsxiYcEPlA=
x-amz-cf-id
c6oWzVFvT9WQ2P1R_csvDUqfDOwk4yGDmswXeJhdOrEIp3fZUVwmXA==
www.ksl.com
signal-segments.s-onetag.com/desktop/ Frame 1DF3 		10 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/www.ksl.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-48.fra2.r.cloudfront.net
Software
/
Resource Hash
e2519179fc7e69cd8e9b2e78c0f2dc3696b6283242d2dae249ad3ecb88c55b2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 21:04:41 GMT
content-encoding
gzip
via
1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
18338
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-cf-id
fFFdg-yakRJJYTSKL9ji-ICI3ZoaKhhYaJOc3PJR61aWHsS9w_xulA==
apigw-requestid
D88AeijTCYcEM9A=
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202304241206/ Frame 1DF3 		240 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202304241206/wrap.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
369f20e17ce9308e9e488e6fdbdf3aa0e3c8c4705b903c23cd610e7c41eedd16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Apr 2023 16:10:41 GMT
server
cloudflare
x-amz-request-id
2SAPBJD96HTY5G3W
age
119133
etag
W/"d1226925b093cc62c3879362099dc851"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7bdb49ea3d5c8fd6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
k7HYQ7V7Kmbop96g+9kydF0dmIRtOV02SeP2rkDkN6a9rwo9EgQ4Fg9PFE6IU0BOtx9WVWZKfyg=
sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
pagead2.googlesyndication.com/bg/ Frame 355E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
50306
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14209
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Apr 2024 12:11:53 GMT
dcm
s.amazon-adsystem.com/ Frame 0E3A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ffef6be29-7321-4159-8834-adf975779342%3Fuid%3D&s=192379&C=1
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GGC3QDB2EZ2PMRCH34H2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1475DXBGC1QPVJYBV4D8
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0E3A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZEiIC9W5qezaTQnR9NkcIgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECNmHDn4Cfa9ZyMzub8mK3E&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECNmHDn4Cfa9ZyMzub8mK3E&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ffef6be29-7321-4159-8834-adf975779342%3Fuid%3D&s=192379&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECNmHDn4Cfa9ZyMzub8mK3E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 0E3A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBuKE94ZQJoRyHJZ2_TbyjU&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBuKE94ZQJoRyHJZ2_TbyjU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ffef6be29-7321-4159-8834-adf975779342%3Fuid%3D&s=192379&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBuKE94ZQJoRyHJZ2_TbyjU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 0E3A 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ffef6be29-7321-4159-8834-adf975779342%3Fuid%3D&s=192379&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 0E3A
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=b09d67cd-ff0c-4286-9747-48b9794a0b30
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=b09d67cd-ff0c-4286-9747-48b9794a0b30
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ffef6be29-7321-4159-8834-adf975779342%3Fuid%3D&s=192379&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=b09d67cd-ff0c-4286-9747-48b9794a0b30
date
Wed, 26 Apr 2023 02:10:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 0E3A
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f1dfd24f-a625-46cd-a9b9-66a6eee31e81&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f1dfd24f-a625-46cd-a9b9-66a6eee31e81&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ffef6be29-7321-4159-8834-adf975779342%3Fuid%3D&s=192379&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f1dfd24f-a625-46cd-a9b9-66a6eee31e81&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Wed, 26 Apr 2023 02:10:20 GMT
server
_
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 0E3A
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=7525a75c-2a48-e6f2-f57102bc
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=7525a75c-2a48-e6f2-f57102bc
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ffef6be29-7321-4159-8834-adf975779342%3Fuid%3D&s=192379&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

date
Wed, 26 Apr 2023 02:10:20 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=7525a75c-2a48-e6f2-f57102bc
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0E3A 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ffef6be29-7321-4159-8834-adf975779342%3Fuid%3D&s=192379&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:f896:3671:b11a:dd53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
fef6be29-7321-4159-8834-adf975779342
ex.ingage.tech/v1/sync/ix/ Frame 0E3A 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/ix/fef6be29-7321-4159-8834-adf975779342?uid=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ffef6be29-7321-4159-8834-adf975779342%3Fuid%3D&s=192379&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:43d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
cache-control
private, max-age=604800
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7bdb49eb9df19042-FRA
vary
Origin
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame DC83 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 05:48:51 GMT
x-content-type-options
nosniff
age
332488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 05:48:51 GMT
usync.html
eus.rubiconproject.com/ Frame 10D6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Requested by
Host: ex.ingage.tech
URL: https://ex.ingage.tech/v1/syncPage/rubicon?userId=fef6be29-7321-4159-8834-adf975779342&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ex.ingage.tech/v1/syncPage/rubicon?userId=fef6be29-7321-4159-8834-adf975779342&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Wed, 26 Apr 2023 02:10:20 GMT
etag
"40010-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 26 Apr 2023 02:10:20 GMT
location
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
server
AkamaiGHost
13926
g2.gumgum.com/usync/ Frame 7577 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.75.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-75-253.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
64eef05bca2963be525720c85007bd5be02f99a70b490de792b6d5303aa8269c

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 26 Apr 2023 02:10:20 GMT
etag
W/"01f1245f34e4ad6b88cac5e69914543f7"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 8F14 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame F3C0 		748 B
952 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
dfb56c1fb0078937d3c9fabc28063e9ae311c8147132b043db92d9b366a6ffff

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
748
content-type
text/html
date
Wed, 26 Apr 2023 02:10:19 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 62AE 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
5b52ce687db05ccd471954f194674af517f6c8db0b040bd57ed5dc029d584feb

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1894
Content-Type
text/html
Date
Wed, 26 Apr 2023 02:10:20 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame 634A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Wed, 26 Apr 2023 02:10:20 GMT
etag
"40010-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 26 Apr 2023 02:10:20 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F616 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=45673
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 26 Apr 2023 02:10:20 GMT
expires
Wed, 26 Apr 2023 14:51:33 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 65AC 		0
485 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6800:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Wed, 26 Apr 2023 02:10:20 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-id
nbjyxh0gV6gHrn-Y7Vg27b87pDSHrJ33Ph9HAzXO29_j_0ttX6FxRw==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user-sync
sync.adkernel.com/ Frame 6159 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Wed, 26 Apr 2023 02:10:20 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame A6AF 		0
329 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.59.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-59-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Wed, 26 Apr 2023 02:10:20 GMT
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame 5C45
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=4734284114297359280
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=4734284114297359280
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.249.69.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-69-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Wed, 26 Apr 2023 02:10:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.108; 146.70.117.108; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e79722a4-66db-4b80-a716-625ec0df1290
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=4734284114297359280
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 5C45
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=GivirRZHvbncHQ_qRZ-XCKVp
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=GivirRZHvbncHQ_qRZ-XCKVp
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.249.69.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-69-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=GivirRZHvbncHQ_qRZ-XCKVp
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 5C45 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 26 Apr 2023 02:10:20 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
/
rtb-csync.smartadserver.com/redir/ Frame 5C45
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1682475020130
  • https://ad.turn.com/r/cs?pid=45&rndcb=4560949642
  • https://sync.1rx.io/usersync/turn/2845974363401906573?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-1ff4c96a-4c61-4886-8d6e-0d14b2e4c048-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-1ff4c96a-4...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-1ff4c96a-4c61-4886-8d6e-0d14b2e4c048-003
43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-1ff4c96a-4c61-4886-8d6e-0d14b2e4c048-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
content-type
image/gif

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-1ff4c96a-4c61-4886-8d6e-0d14b2e4c048-003
date
Wed, 26 Apr 2023 02:10:20 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1ff4c96a4c6148868d6e0d14b2e4c048003
content-type
text/html
sync
ads.servenobid.com/ Frame 5C45
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5133329525369979545
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5133329525369979545
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.249.69.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-69-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5133329525369979545
Date
Wed, 26 Apr 2023 02:10:20 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 5C45 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-35
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 5C45
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=85c6db8b-489e-448c-a82a-1f9a1a00002b&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=85c6db8b-489e-448c-a82a-1f9a1a00002b&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.249.69.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-69-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=85c6db8b-489e-448c-a82a-1f9a1a00002b&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Wed, 26 Apr 2023 02:10:19 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 5C45
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-psEBYTJE2uFbtpF0BNyfbS3eS8otRms3L4hdXDA-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-psEBYTJE2uFbtpF0BNyfbS3eS8otRms3L4hdXDA-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.249.69.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-69-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-psEBYTJE2uFbtpF0BNyfbS3eS8otRms3L4hdXDA-~A
date
Wed, 26 Apr 2023 02:10:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 5C45
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-b36e9e86-f833-36d3-bbda-a201ad2db16b
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-b36e9e86-f833-36d3-bbda-a201ad2db16b
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.249.69.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-69-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-b36e9e86-f833-36d3-bbda-a201ad2db16b
pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 5C45
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-psEBYTJE2uFbtpF0BNyfbS3eS8otRms3L4hdXDA-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-psEBYTJE2uFbtpF0BNyfbS3eS8otRms3L4hdXDA-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.249.69.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-69-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-psEBYTJE2uFbtpF0BNyfbS3eS8otRms3L4hdXDA-~A
date
Wed, 26 Apr 2023 02:10:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 5C45 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.154.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-154-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
sync
ads.servenobid.com/ Frame 5C45
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.249.69.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-69-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Wed, 26 Apr 2023 02:10:20 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Wed, 26 Apr 2023 02:10:20 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 40D0 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95882195&p=158976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ad807567914c3d22abb9a5aea1339fe5b16524591ea5f9222f153a21ab4560bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 26 Apr 2023 02:10:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
pages.protectsubrev.com/ 		21 B
366 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pages.protectsubrev.com/
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ce1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW02
Resource Hash
57de05264028a31a958c3315bb559a979fced7919c8920a4c36beaa14c5db5a1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
content-encoding
br
referrer-policy
origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
RCW02
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcxPh8P2QF9aMlG%2FjYCTV7FC7VbkAdqnc2rt2l7phPrGKNjejxgwL6FIjwNVwcp7AoQlviOK2Is3fb8XYYDPRzReZ5QmJ8kWHIxkkP0%2B2oSnxtxlahkEuCF%2BKZqtC%2FrvDmCriFDlvJXXJuF2hcT3CBNtn1dx"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
cf-ray
7bdb49eb9e2a2d04-FRA
expires
Fri, 28 Apr 2023 02:10:20 GMT
div-gpt-ad-1%252B%2526div-gpt-ad-2%252B%2526div-gpt-ad-3%252B%2526div-gpt-ad-4
signal-floors.s-onetag.com/www.ksl.com/ Frame 1DF3 		0
291 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-floors.s-onetag.com/www.ksl.com/div-gpt-ad-1%252B%2526div-gpt-ad-2%252B%2526div-gpt-ad-3%252B%2526div-gpt-ad-4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-86.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:39:00 GMT
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
1880
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=7200, public
content-length
0
apigw-requestid
D9kMRh78iYcEMBQ=
x-amz-cf-id
WphmuUd1hwIAg9Hn2KLQi_mgobuDvxsVu0iEeg89SNrAvuv5U3UwTw==
bundle.min.js
browser.sentry-cdn.com/6.19.7/ Frame 1DF3 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
6ba797956f6d29b650d458897e48a190cddf0a6ba374350c0bb565fa04f80d65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ksl.com/
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 26 Apr 2022 13:11:05 GMT
server
Fastly
age
31494930
etag
"4dc87c1e025f84ef0d14fe9187946dfd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20887
expires
Wed, 26 Apr 2023 13:34:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DC83 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoSCAEqDmJhbm5lcjMtc3F1YXJlCgoIAioGc2VydmVyChUIBCoRbXlzaWRpYV9hbmFseXRpY3MKDRAQIQAAAAAAEqdAMAQKDRARIQAAAADQAPFAMAQKDRASIQAAAAAAACRAMAQKDRATIQAAAAAAABRAMAQKDRAXIQAAgJmZGKNAMAQKDRAUIQAAAACQNPFAMAQKDRAVIQAAAAAAADJAMAQKDRAWIQAAAAAAAChAMAQKDRAYIQAAgJmZA6VAMAQSGkNNNlQzTzI3eHY0Q0ZaRFVFUWdka1cwUGJ3IhJncGEvbWF4aW1hbF92MV9vY2goDA==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/21eb5d7c47bc016b9c33858ab468091e.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7577
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4734284114297359280
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4734284114297359280
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Wed, 26 Apr 2023 02:10:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.108; 146.70.117.108; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6d6db226-a8f7-4afb-8b0b-1274f5dc0831
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=4734284114297359280
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7577
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_6e5d5d75-7ec8-42db-9216-1580abfe2544&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_6e5d5d75-7ec8-42db-9216-1580abfe2544&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=f3f8b426-da8f-449a-a387-184654c7eb32&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=f3f8b426-da8f-449a-a387-184654c7eb32&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=01096a83-8029-4d57-8ada-7103df63d524&ssp=gumgum2&expires=30&user_group=5&bsw_param=f3f8b426-da8f-449a-a387-184654c7eb32
  • https://usersync.gumgum.com/usersync?b=bsw&i=f3f8b426-da8f-449a-a387-184654c7eb32&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=f3f8b426-da8f-449a-a387-184654c7eb32&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=f3f8b426-da8f-449a-a387-184654c7eb32&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 26 Apr 2023 02:10:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
c.gif
c.bing.com/ Frame 7577
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28phDegcEzEphxVUCLDGnIwbfUro0EOUNJ9QfMnwthKN9Hv2O5xjD0Sn4YBaTlzhXR%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_6e5d5d75-7ec8-42db-9216-1580abfe2544&obuid=ENC(phDegcEzEphxVUCLDGnIwbfUro0EOUNJ9QfMnwthKN9Hv2O5xjD0Sn4YBaTlzhXR)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
42 B
665 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:21 GMT
last-modified
Wed, 19 Apr 2023 15:34:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4F23842C281B44DA9C626AE37A88FA46 Ref B: FRAEDGE1820 Ref C: 2023-04-26T02:10:21Z
etag
"f5c05c67d472d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

Location
https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
Date
Wed, 26 Apr 2023 02:10:21 GMT
X-TraceId
756cb83c6dbc8bd339e2688764816469
Content-Length
0
usersync
usersync.gumgum.com/ Frame 7577
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=459dc5af-d4fa-4021-9e39-234318be7436
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=459dc5af-d4fa-4021-9e39-234318be7436
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 26 Apr 2023 02:10:20 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=459dc5af-d4fa-4021-9e39-234318be7436
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 7577
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4fb91207-c335-5be2-6cb8-4641cefb7a67$ip$146.70.117.108
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-4fb91207-c335-5be2-6cb8-4641cefb7a67$ip$146.70.117.108
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-4fb91207-c335-5be2-6cb8-4641cefb7a67$ip$146.70.117.108
Date
Wed, 26 Apr 2023 02:10:20 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 7577
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-cGffmntE2pfbpAp01._hoz4qNm4Ff4vQomdV~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-cGffmntE2pfbpAp01._hoz4qNm4Ff4vQomdV~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 26 Apr 2023 02:10:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-cGffmntE2pfbpAp01._hoz4qNm4Ff4vQomdV~A
content-length
0
usersync
usersync.gumgum.com/ Frame 7577
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=800bb875-75f2-48ce-827f-20047d786b90
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=800bb875-75f2-48ce-827f-20047d786b90
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=800bb875-75f2-48ce-827f-20047d786b90
Date
Wed, 26 Apr 2023 02:10:20 GMT
Connection
keep-alive
X-CI-RTID
d7ce4b7b-3892-4bfe-836e-c1aff20e3e38
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 7577
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 26 Apr 2023 02:10:20 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
912624069
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 7577 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 7577
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_6e5d5d75-7ec8-42db-9216-1580abfe2544&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=zNxvqFBvHP47G0RQjmor&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26SOPB3HCRSCOZEFANBXI4YFEULKNVXXE...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=zNxvqFBvHP47G0RQjmor&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=zNxvqFBvHP47G0RQjmor&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:21 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=zNxvqFBvHP47G0RQjmor&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7577
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=c00dc7df-0bf8-4f34-8a23-fbd14cfa7c1b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=c00dc7df-0bf8-4f34-8a23-fbd14cfa7c1b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=c00dc7df-0bf8-4f34-8a23-fbd14cfa7c1b
access-control-allow-origin
*
date
Wed, 26 Apr 2023 02:10:20 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 7577
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=F3rp569j2QVD&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=F3rp569j2QVD&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=F3rp569j2QVD&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6995c68ccb-tkvn2
expires
-1
usersync
usersync.gumgum.com/ Frame 7577
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=5840567035177493182
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=5840567035177493182
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=5840567035177493182
date
Wed, 26 Apr 2023 02:10:19 GMT
content-length
0
sync
ads.servenobid.com/ Frame 7577 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_6e5d5d75-7ec8-42db-9216-1580abfe2544
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.69.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-69-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
dcm
s.amazon-adsystem.com/ Frame 62AE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RDJVXJ3DEEKTFRC14AFA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5WCBFM3GATRF7YG4MYG6
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 62AE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBuKE94ZQJoRyHJZ2_TbyjU&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBuKE94ZQJoRyHJZ2_TbyjU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBuKE94ZQJoRyHJZ2_TbyjU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 62AE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 62AE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZEiIC9W5qezaTQnR9NkcIgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECNmHDn4Cfa9ZyMzub8mK3E&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECNmHDn4Cfa9ZyMzub8mK3E&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECNmHDn4Cfa9ZyMzub8mK3E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 62AE
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZEiIC9W5qezaTQnR9NkcIgAA%263257?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZEiIC9W5qezaTQnR9NkcIgAA%263257
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZEiIC9W5qezaTQnR9NkcIgAA%263257
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
34.250.10.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-10-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v047-0661987ee.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
lKpKbLjvQ1I=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v047-08feb8a8f.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
RqA9k1RJT9A=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZEiIC9W5qezaTQnR9NkcIgAA%263257
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 62AE
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=85905fe5-e3b3-4d96-8100-ce45edbbcff2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=85905fe5-e3b3-4d96-8100-ce45edbbcff2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=85905fe5-e3b3-4d96-8100-ce45edbbcff2
date
Wed, 26 Apr 2023 02:10:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 62AE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
2a05:d018:d29:3602:f896:3671:b11a:dd53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB
date
Wed, 26 Apr 2023 02:10:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tp_out
d.adroll.com/cm/index/ Frame 62AE 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:e045:2f8c:2f3e:d94f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
sync
ads.servenobid.com/ Frame 62AE 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.69.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-69-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
pagead2.googlesyndication.com/bg/ Frame 2FD2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
50307
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14209
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Apr 2024 12:11:53 GMT
/
onetag-geo.s-onetag.com/ 		555 B
967 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-41.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 10:43:08 GMT
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront), 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA56-P5
age
55631
x-amzn-requestid
9cd51c47-f9e1-4071-af92-4c1efe8141ef
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
D7g9kFL1CYcFYdg=
content-length
555
x-amz-cf-id
yArb7f81H8SOKweSY9L9y0ey4J8i44MwPHDNasC3tgIREtZwAUz9hQ==
usync.js
eus.rubiconproject.com/ Frame 10D6 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
517804de83d11ec1469b839d29b9be9ae3d28bdcc4c1148b851af286003f1a2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
content-encoding
gzip
last-modified
Tue, 25 Apr 2023 15:46:00 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=48938
content-length
10019
expires
Wed, 26 Apr 2023 15:45:58 GMT
usync.js
eus.rubiconproject.com/ Frame 634A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
517804de83d11ec1469b839d29b9be9ae3d28bdcc4c1148b851af286003f1a2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
content-encoding
gzip
last-modified
Tue, 25 Apr 2023 15:46:00 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=48938
content-length
10019
expires
Wed, 26 Apr 2023 15:45:58 GMT
usersync
usersync.gumgum.com/ Frame FCE9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=6ff46448-880c-4400-99c9-7106f6ec4a31&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=6ff46448-880c-4400-99c9-7106f6ec4a31&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 26 Apr 2023 02:10:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 26 Apr 2023 02:10:20 GMT
Expires
Wed, 26 Apr 2023 02:10:19 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master cdg-pixel-x27 config_version:"unknown"
location
https://usersync.gumgum.com/usersync?b=mmh&i=6ff46448-880c-4400-99c9-7106f6ec4a31&gdpr=0&gdpr_consent=
user-sync
sync.adkernel.com/ Frame 831F 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Wed, 26 Apr 2023 02:10:20 GMT
Pragma
no-cache
Server
nginx
usersync
usersync.gumgum.com/ Frame 9330
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZEiIDAAFfoTJQgAn
  • https://usersync.gumgum.com/usersync?b=atm&i=ZEiIDAAFfoTJQgAn&gdpr=0&gdpr_consent=&_test=ZEiIDAAFfoTJQgAn
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZEiIDAAFfoTJQgAn&gdpr=0&gdpr_consent=&_test=ZEiIDAAFfoTJQgAn
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 26 Apr 2023 02:10:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 26 Apr 2023 02:10:20 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZEiIDAAFfoTJQgAn&gdpr=0&gdpr_consent=&_test=ZEiIDAAFfoTJQgAn
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230093-FRA
x-timer
S1682475021.514987,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 31B4 		170 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82ZTVkNWQ3NS03ZWM4LTQyZGItOTIxNi0xNTgwYWJmZTI1NDQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 02:10:20 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8F69 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=45673
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 26 Apr 2023 02:10:20 GMT
expires
Wed, 26 Apr 2023 14:51:33 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame C872 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 26 Apr 2023 02:10:20 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
gen_204
pagead2.googlesyndication.com/pagead/ Frame DC83 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoSCAEqDmJhbm5lcjMtc3F1YXJlCgoIAioGc2VydmVyChUIBCoRbXlzaWRpYV9hbmFseXRpY3MKDRAyIQAAAACgmdk_MAQKDRAzIQAAAACgmdk_MAQKDRA0IQAAAACgmdk_MAQKDRA1IQAAAACgmdk_MAQKDRA2IQAAAACgmdk_MAQKDRA3IQAAAACgmdk_MAQKDRA4IQAAAAA0M_s_MAQKDRA5IQAAAICZmSBAMAQKDRA6IQAAAADNzCFAMAQKDRA7IQAAADMzDaNAMAQKDRA8IQAAADMzDaNAMAQKDRA9IQAAADMzGaNAMAQKDRA-IQAAADMz2qRAMAQKDRA_IQAAADMz2qRAMAQKDRBAIQAAgJmZEqVAMAQSGkNNNlQzTzI3eHY0Q0ZaRFVFUWdka1cwUGJ3IhJncGEvbWF4aW1hbF92MV9vY2goDA==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/21eb5d7c47bc016b9c33858ab468091e.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lb
be.durationmedia.net/ 		0
569 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/lb?s=11159&t=SD&c=4
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.217.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-217-223.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:19 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options
DENY
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
0
sponsorships
be.durationmedia.net/ 		414 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/sponsorships
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.217.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-217-223.compute-1.amazonaws.com
Software
/
Resource Hash
b19f6b62b4386e5d542b909fc74c74febd0673504147ee7f81380969fdf27d17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:20 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options
DENY
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
transfer-encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
0
sponsorships
be.durationmedia.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/sponsorships
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.217.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-217-223.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 26 Apr 2023 02:10:20 GMT
Expires
0
Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
sync
ads.servenobid.com/ Frame F3C0 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=5840567035177493182&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.69.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-69-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame F3C0
Redirect Chain
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03010005_6448880c72218&gdpr=0&gdpr_consent=
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03010005_6448880c72218&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Wed, 26 Apr 2023 02:10:20 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03010005_6448880c72218&gdpr=0&gdpr_consent=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
/
rtb-csync.smartadserver.com/redir/ Frame F3C0
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=5446679875
  • https://sync.1rx.io/usersync/turn/2773916769363978637?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-1ff4c96a-4c61-4886-8d6e-0d14b2e4c048-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-1ff4c96a-4...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-1ff4c96a-4c61-4886-8d6e-0d14b2e4c048-003
43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-1ff4c96a-4c61-4886-8d6e-0d14b2e4c048-003
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
content-type
image/gif

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-1ff4c96a-4c61-4886-8d6e-0d14b2e4c048-003
date
Wed, 26 Apr 2023 02:10:20 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1ff4c96a4c6148868d6e0d14b2e4c048003
content-type
text/html
/
rtb-csync.smartadserver.com/redir/ Frame F3C0
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=f1dfd24f-a625-46cd-a9b9-66a6eee31e81&gdpr_consent=null&gdpr=0
43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=f1dfd24f-a625-46cd-a9b9-66a6eee31e81&gdpr_consent=null&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Apr 2023 02:10:19 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=f1dfd24f-a625-46cd-a9b9-66a6eee31e81&gdpr_consent=null&gdpr=0
date
Wed, 26 Apr 2023 02:10:20 GMT
server
_
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame F3C0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=smartadserver&ssp_user_id=f3f8b426-da8f-449a-a387-184654c7eb32&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-q57xU1xE2pkGylTjDLf6UGqkgpJBqCTEI4oOSA--~A&expires=5&ssp=smartadserver
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=f3f8b426-da8f-449a-a387-184654c7eb32&gdpr=&gdpr_consent=
43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=f3f8b426-da8f-449a-a387-184654c7eb32&gdpr=&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
content-type
image/gif

Redirect headers

location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=f3f8b426-da8f-449a-a387-184654c7eb32&gdpr=&gdpr_consent=
date
Wed, 26 Apr 2023 02:10:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1DF3 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c65f76a3628b57fd2c40dce057663ac5c45ef92326c9cce3acff8e437dbead10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24999
x-xss-protection
0
server
cafe
etag
763 / 19473 / m202304200101 / config-hash: 3496528444417690014
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 26 Apr 2023 02:10:20 GMT
event
event.insticator.com/v1/ Frame 1DF3 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/ba00e54f-23c4-4e2d-b37d-416fdeab53e6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.181.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-181-176.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.ksl.com
date
Wed, 26 Apr 2023 02:10:20 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
usersync
usersync.gumgum.com/ Frame 7EB1
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZEiIDcCo8YUAADraGJoAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZEiIDcCo8YUAADraGJoAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 26 Apr 2023 02:10:21 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Wed, 26 Apr 2023 02:10:21 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZEiIDcCo8YUAADraGJoAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
0
X-SO-HostName
m-ad342.dc4p.scaleout.jp
X-SO-IP
146.70.117.108
X-SO-Key
ZEiIDcCo8YUAADraGJoAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZEiIDcCo8YUAADraGJoAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad342"}
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad342
usersync
usersync.gumgum.com/ Frame 0485
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=e_6e5d5d75-7ec8-42db-9216-1580abfe2544&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
  • https://usersync.gumgum.com/usersync?b=aad&i=b41812a1-ccc0-4681-9726-fd796b7c4ccb
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=b41812a1-ccc0-4681-9726-fd796b7c4ccb
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 26 Apr 2023 02:10:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Wed, 26 Apr 2023 02:10:20 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=b41812a1-ccc0-4681-9726-fd796b7c4ccb
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usermatchredir
ssum-sec.casalemedia.com/ Frame 7EA5 		43 B
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 26 Apr 2023 02:10:20 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame 1A7C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=nlyYhfBJOnxSCBAqu0wi&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=nlyYhfBJOnxSCBAqu0wi&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 26 Apr 2023 02:10:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 26 Apr 2023 02:10:20 GMT Wed, 26 Apr 2023 02:10:20 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=nlyYhfBJOnxSCBAqu0wi&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 8051
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Wed, 26 Apr 2023 02:10:20 GMT
etag
"40010-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 26 Apr 2023 02:10:20 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.181.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-181-176.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.ksl.com
access-control-max-age
3600
content-length
0
date
Wed, 26 Apr 2023 02:10:20 GMT
vary
Origin
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 10D6 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=insticator&khaos=LGX26PVW-1D-AQ61
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8bab65602db075726861004da5629947
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 634A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LGX26PVW-1D-AQ61
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 0379
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6ff46448-880c-4400-99c9-7106f6ec4a31&gdpr=0&gdpr_consent=
42 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6ff46448-880c-4400-99c9-7106f6ec4a31&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 26 Apr 2023 02:10:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 26 Apr 2023 02:10:20 GMT
Expires
Wed, 26 Apr 2023 02:10:19 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master cdg-pixel-x34 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6ff46448-880c-4400-99c9-7106f6ec4a31&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame CC1A
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=834358739037025458
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=834358739037025458
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 26 Apr 2023 02:10:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=834358739037025458
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 71E2 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 02:10:20 GMT
expires
Wed, 26 Apr 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
219572
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame DE25
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525369979545
42 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525369979545
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 26 Apr 2023 02:10:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Wed, 26 Apr 2023 02:10:20 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525369979545
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
Pug
image2.pubmatic.com/AdServer/ Frame 15C9
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kwtNP50HSWSIBk1mxAZUY8ReTTKIXEk1klkjrblQ
42 B
343 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kwtNP50HSWSIBk1mxAZUY8ReTTKIXEk1klkjrblQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 26 Apr 2023 02:10:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 26 Apr 2023 02:10:20 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kwtNP50HSWSIBk1mxAZUY8ReTTKIXEk1klkjrblQ
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 40D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SW6xwT6dR26q7cDuCCekOg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=45673
accept-ranges
bytes
content-length
5554
expires
Wed, 26 Apr 2023 14:51:33 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 40D0 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=496EB1C1-3E9D-476E-AAED-C0EE0827A43A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.208.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-208-238.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.23.217
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 40D0
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=178940815
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=496EB1C1-3E9D-476E-AAED-C0EE0827A43A
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=496EB1C1-3E9D-476E-AAED-C0EE0827A43A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
via
1.1 google
last-modified
Wed, 26 Apr 2023 02:10:20 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=496EB1C1-3E9D-476E-AAED-C0EE0827A43A
date
Wed, 26 Apr 2023 02:10:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 40D0
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=496EB1C1-3E9D-476E-AAED-C0EE0827A43A
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MWc1dVB6SmVXM0pSRGlmMFZXMnE5LUl1Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6716428918140250547&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
HTTP/1.1
Server
23.21.155.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-155-77.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 02:10:21 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 26 Apr 2023 02:10:21 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 40D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDk2RUIxQzEtM0U5RC00NzZFLUFBRUQtQzBFRTA4MjdBNDNB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 26 Apr 2023 02:10:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 40D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBzrM82dpsAJ7fWJBcbW-oc&google_cver=1
42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBzrM82dpsAJ7fWJBcbW-oc&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 26 Apr 2023 02:10:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBzrM82dpsAJ7fWJBcbW-oc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 40D0 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 25 Apr 2023 02:10:20 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 40D0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6716428918140250547
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6716428918140250547
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 26 Apr 2023 02:10:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6716428918140250547
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 40D0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.js
eus.rubiconproject.com/ Frame 8051 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
517804de83d11ec1469b839d29b9be9ae3d28bdcc4c1148b851af286003f1a2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
content-encoding
gzip
last-modified
Tue, 25 Apr 2023 15:46:00 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=48938
content-length
10019
expires
Wed, 26 Apr 2023 15:45:58 GMT
tap.php
pixel.rubiconproject.com/ Frame 10D6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/m9K_i1jid-UqRf1bPjL3wsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-r1cZLBJE2oLnI7NmoLql84fn3LFZhOUBKsXiNg--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-r1cZLBJE2oLnI7NmoLql84fn3LFZhOUBKsXiNg--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 26 Apr 2023 02:10:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-r1cZLBJE2oLnI7NmoLql84fn3LFZhOUBKsXiNg--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 10D6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmNkZjA5YjE0YzdkNmE4M2ZlMGY2MjZlN2VjMmI3Y2VkNDg2Y2E2MA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmNkZjA5YjE0YzdkNmE4M2ZlMGY2MjZlN2VjMmI3Y2VkNDg2Y2E2MA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmNkZjA5YjE0YzdkNmE4M2ZlMGY2MjZlN2VjMmI3Y2VkNDg2Y2E2MA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 10D6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMAkQ7ugRIIv3a3wZghOfCI&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMAkQ7ugRIIv3a3wZghOfCI&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMAkQ7ugRIIv3a3wZghOfCI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 10D6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Apr 2023 02:10:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 10D6 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FM71NBJJ62Y8087HXDQF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 10D6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGX26PVW-1D-AQ61
0
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGX26PVW-1D-AQ61
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 95DDA97471E64DB9B6AC6F3DC6329D62 Ref B: FRAEDGE1918 Ref C: 2023-04-26T02:10:20Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6M733+/I9Ff3PUVmcoA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGX26PVW-1D-AQ61
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame 10D6 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 10D6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=JVD2FSmWQ4GzIPru7nt0Ug&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=JVD2FSmWQ4GzIPru7nt0Ug
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=JVD2FSmWQ4GzIPru7nt0Ug
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9WA1K9XVYAGXZMD3TABH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=JVD2FSmWQ4GzIPru7nt0Ug
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/ Frame 1DF3 		399 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:00:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
29372
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126587
x-xss-protection
0
server
cafe
etag
1883905843074567667
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 24 Apr 2024 18:00:48 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 1DF3 		181 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ksl.com
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1757fd3889e518848bb6fbd879683daf74422b7928967969be977ac28a84651d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
x-xss-protection
0
expires
Wed, 26 Apr 2023 02:10:20 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 8051 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LGX26PVW-1D-AQ61
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
integrator.js
adservice.google.de/adsid/ Frame 1DF3 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ksl.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1DF3 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ksl.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1DF3 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2666814286166177&correlator=275777622178645&eid=31072020&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=2507246%3A6686%2Cksl.com_Web_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=2996578936&sfv=1-0-40&prev_scp=h%3D2%26shb%3D1%26tg%3D0%26ics%3D728x90%26iba%3D00001%26iaid%3D282c093eb0bc8ec%26ib%3DindexExchange%26p%3DBTF%26at%3D1%26hostname%3Dwww.ksl.com%26consent%3D0%26Exclude_Adx%3DN%26it%3Dil&cust_params=ip%3D0%26he%3D0&sc=1&cookie=ID%3Dd60890003adec919%3AT%3D1682475016%3AS%3DALNI_MY6edVuNu0uMBI9BF_B-dDpo19Lpw&gpic=UID%3D00000befbb51a54c%3AT%3D1682475016%3ART%3D1682475016%3AS%3DALNI_MbJpo0sRJZJhRWTwgkGbNJQjoTm5A&abxe=1&dt=1682475020997&lmt=1682475020&dlt=1682475017235&idt=3722&adxs=436&adys=1770&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=1&ucis=jmucttdlmr7w&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.ksl.com%2F&ref=https%3A%2F%2Fwww.ksl.com%2F&top=https%3A%2F%2Fwww.ksl.com%2F&frm=23&vis=1&psz=728x90&msz=728x-1&fws=256&ohw=0&ea=0&ga_vid=130905367.1682475015&ga_sid=1682475021&ga_hid=669284424&ga_fc=true
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0fb06dd9491033232d264501441a4cc7759b9121a30637e908b357ffda11583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12014
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3329 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 02:10:21 GMT
expires
Thu, 25 Apr 2024 02:10:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=4&c=2719&i=8qsnmi&p=ksl-com&s=14261&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI4cXNubWkiLCJwYWNrZXQiOjQsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APA4aHR0cHM6Ly9jZG4uc2lmdHNjaWVuY2UuY29tL3MuanMiLCJ0eXBlIjoic2NyaXB0Iiwic3RhcnQiOjE2ODI0NzUwMTY5OTR6ABdkFACwNzg5OCwic291cmM8ADFtdXRxAKJPYnNlcnZlckNMSAChdHVzIjoibG9hZKYAQGFzb26lANRdLCJkYXRhUGF0dGVyEgCybGlzdCI6W10sImlqAM8zODEyMTM1NTM4fSzXAAbxAS5hbWF6b24tYWRzeXN0ZW3ZALlhYXgyL2Fwc3RhZ-MAUmZldGNomgAJ4gBMODQ2MOIAAhQABeIA0kZFVENIX01BTkFHRVJDAALdAG9hbGxvd2XgACKfMzA0MDE4MjQz4AAH8QV3d3cuZ29vZ2xlLWFuYWx5dGljc-MAYGNvbGxlY68BBL8BkmVuZEJlYWNvbp4ACuEAPTYyM-EAARQABeEAr1NFTkRCRUFDT07mADuvMjAwODQ5MjI2MeYABzN0cGPmAGFzeW5kaWNMAgHnAGFzb2Rhci8GABkyywEPrgIGTTc4ODnrADc3MzeuAqBhcHBlbmRDaGlstwEyc3RhygEPpwIkrzExMzI1NDA5MjXhAFUeOa0CCuEAD48DQgXoAB826AAH8QRwYWdlcy5wcm90ZWN0c3VicmV2xwEGZgQPgwMFTDk0NDe3AQIUAAWiAg-DA0AgMjGAAwCfAg_UAAcPnQIT9gEvMjI1L3J1bm5lci5odG1s8gBvaWZyYW1llQMBLTcyqgJPOTU1NKoCRp8wNjgxNjA0MzhRBQgP7gBILTM24QEK7gAPtwJCBPUAHzmfAwgGZgUBrgL0AXJlY2FwdGNoYS9hcGkyL2HBAQNqBQ_RAQguMzTjAC82M9EBR380OTExNjIx0QEJD9wANw-_AQAJ3AAPvwFDA-MALzkwogMH8ERleC5pbmdhZ2UudGVjaC92MS9zeW5jUGFnZS9ydWJpY29uP3VzZXJJZD1mZWY2YmUyOS03MzIxLTQxNTktODgzNC1hZGY5NzU3NzkzNDImdG89aDYJ8wglM0ElMkYlMkZzZWN1cmUtYXNzZXRzLlMAcHByb2plY3QxAvAJJTJGdXRpbHMlMkZ4YXBpJTJGbXVsdGkthgABDQTwESUzRmVuZHBvaW50JTNEdXMtZWFzdCUyNnAlM0RpbnN08gYvb3IzBBAgOTZyASJlbiEJAp8JAhQABSYFEGmDBDlIVE2CCQ-lCCefNDExNTM5NDY5vwcI-xNwcmViaWQuYS1tby5uZXQvY2NoYWluLzA_Z2Rwcj0wJmNiUQEKsQFQJTJGdjFnAc95bmMlMkZhbXglMkaqARGfJTNGdWlkJTNEOgETDsACKDcwbQUPOgECW2Jsb2Nr3wlhIldoaXRlsAoPygoJCicAA9UKrzE5NzUzNDIyODnQAgdxYXAubGlqaVwCzy9waXhlbD9yZWRpckYBGV9zb3ZybkgBHV8lMjRVSU4BEi83ME4BAQhlCQ9OAQIPiAInnzA1Nzg2NDA0NzgBCbBkcy5wdWJtYXRpY5gDQS9BZFOPDEAvanMvAgQVX5ID_wQ_a2RudHVpZD0xJnA9MTU4OTc2RQIRLjcwsgc3NzEw4QUP9wA9jzYzNzAwNjc3JAwI8QVzc3VtLXNlYy5jYXNhbGVtZWRpYf8AAPMA721hdGNoP3M9MTkyMzc5iwMcH2mKA0I9NzEyJgcBFAAPxARFrzI4OTEzNjY4Nzd0AwggZC0jDwBBBmZub3JhdGlHAQDPCQE_AgY-AkJzcmM99gQTXwcAQTcuMjQdEA8lCA0-OTcxJQgBFAAP_wBGjzc0MDk4NDE1wwUJAK8QIWMuvg8gbm_OBQEhEDF5bmPBBg8cAxIfMRMEAB8xEwRInzEyMDcxNjg3MRwDCLF4LmJpZHN3aXRjaJsGAMMBVj9zc3A9dweAJmN1c3RvbV-SEA8hCBIPDQESHTKkDU85NzQyKQQND24GPY8wNTgzOTAyMD4JCQ-0DSZMMjAwOcoDAxQABcsCD7QNRj81NTbOAwjxFmQ4M2NjZDQ5YTU2NDU0NWEzZTEyODQ4ZDFkYjVmZGY5LnNhZmXXCw94EAUEIACBLzEtMC00MC8FBG9jb250YWnjDRhLNzQzMewETzIwMTMSDEiPMzk3MjM0ODnjDQgPHQF2EDWWEQnNCgwdAQ9TDEMBJAFPNTAwNA8Gcx01IgI5MjExKgSTc2VydEJlZm9yRxAPsBIqFDIPBh8y_wByHDQ2BioyMP8ADwQCQgQFAR84PAYI0m9uZXRhZy1nZW8ucy0NAAFXCQYABg_NEgRPMjAyNtYAAAAUAA8ZBUmfMzY3MTQ5ODM11AAIgXNpZ25hbC1iKRYK1wADFAA_bWluaRUTPjk4NtwENzI2OboCD2kVO1AzMjUzNbwDD7kCCA_gADsO3gYK4AAPmwJCBecAD8cBCHFpbWcua3NsjwKBc2xjLzI5MjYFACM2MgcA9hc4MC5qcGVnP2ZpbHRlcj1rc2x2Mi9yZXNwb25zaXZlX3RvcF9zbcsCA5kCDv4ZLTUyphRPMjAyOP4ZFwBLCyBvdaoYL3JlARobnzE5ODk4ODM1MbsTCA8KAS-Pc3RvcnlfbGcMARIcM9cJDwwBVTEyODAKDh8wDAEhITU5FgI_NTkyFgIMDwYBjo83NTI0MDkwMfwJCA8SAgYPBgEWIDIw5h0DyQ0PGQMID9wJAA8ZA1OfMjQ4NDIzMDY00g0IDwcBBxI3DQI_NzQ3IwQLDw0CFQ8mBQAPHwRSITI51g4vNDLICQgPBgEvDw0CFg8HAWWPMTUyMDQ5NDYaBCMEDQIvMTgNAjMMZx4PIAVWjzAzMzIyOTc5GgQiDwYBFQ8NAhYPBwFlnzE2NjQ1MTEyMS8ZCA8UAwYPPQgWDzMHGw_gDAAPIARTAzMHDwwBIg8tBhYPJgUVDwYBZgMzBx8yNgsIDxICBg8GARYPGQMWDxgNAA8NAlMEMwcPviAIDwcBBwQgBA8zBzUM6yAPJgVWBDMHD0YZCA8GAS8PDQIWDwcBZQQzBw8aBCMPDQIVeHRvcHBpY2tjJwIwJw9lDQEPCxMAD0wKU480MzU4MzIzMGUNIhQ1DAEPPwg1HjgMEw8fBFMCPwgvODAmBSIPBgEVDxkDFg8HAWUFPwgPZg4IUGJlLmR1IhsAhyoAaxwA8x8gbGJkHNYxMTU5JnQ9U0QmYz00UA8DnyoOAyU9MjAzDRsDFAADdw2fOiJSRVFVRVNUlSg8QDMwMDMSGA8nCQgP6AACAUARZ29yc2hpcNgDD-EACg75BzczMTUlEw_hAEJ_MTExODgxNxokCgD5KCVpY0gS9gdiZXRhL25vZGVfbW9kdWxlcy9rc2wtMxL_IS1oZWFkZXIvZGlzdC81MWQ2NjRiYzYzZTUzZjJhNDM5OGNmMjYwMWEzODcwNC5zdlEREi4zMDcNEDYUAAUAAg9kEwsPXRInjzQ0OTk2ODEwFh0JDyIBcw5MDA8iAVwPFAUqbzI2LkpQR4gUBg8TBRQuNjV5Eyg4MHkhDCgCEkFvBAIrGQ8nAiePMjgzMzY0OTNuHAkPMgkPDwUBDA9EDBMPBAFmnzEzNzgyMDc2N2kRGaM4MDUvMjgwNTM0BwAfNHwUDA8KAhYOdhgPCgJTjzE2NDQ2NjEwmBcZDwYBHg8LAhUPBQFknzM0MzQ4MzExMDkHCA8PAwYhNjF6FD82MTh6FDIuNjU8Bg8KAlKPMTc5OTYyOTh3KwkPBQEGA6kZMDI2MRADD6EZBw8JAhUOHgYPBAFSnzM4OTg5Nzc5NRQECA-ZJp8PTQEAGje1Iw-LHzsEmSYPriEID0UBng_RHwAZOEUBDKoHDy02MtAyODkxMzY2OTExfV19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:21 GMT
cache-control
no-cache, no-store
server
nginx
expires
Wed, 26 Apr 2023 02:10:20 GMT
generate_204
tpc.googlesyndication.com/ Frame 355E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Bxw-Rw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 1DF3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4ZCzRNPZUtmuVzd_fOkJ71sRwEGNtBPHuJhVwuhIkeWmmIbJeeMnUJr2IEiSricr_OWL97jysmmQuBQJyylhie-grRGTmvLPdnRnYkhcRvR4k2nSVADR6a3J59oz4rpA1Uv1JrVIBoCslJPK40SE3za9HnUGHNZuXTvvoirYC4eQvtTJlUtBBEI7aznsfaFBFw44Z4Aen-XtZz-ooHMJLx1bDP9Pf-gMHhjsAXh21d3wQxIajJ2_EMhQvjeSukvqO8ky-69GfjOAjgbb0OOkQbovU8mkHcgZcZU683_hZRwyJO9_0I2CIfJeAIwK66bs&sai=AMfl-YSZ5r3ZCNo7sL2E6Uh6wq3-C8PdkLAMphgmIgOxxpQeyUpFzFyBgQ5N3fD600mkBSQP1ubdbZFRX7fJTkCFkjE0Rp7sy1HSYoMB6EEXKtftqo87D65HIbwGZcSEvClfPOjI2NfokigPGUkHvUyT&sig=Cg0ArKJSzN3m5iurhJFFEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 26 Apr 2023 02:10:21 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1DF3 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304200101&st=env
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b31f428807652d424fffdccb7f1136db49c46c285deb4ce2f5278daf7c2d16cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11373
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1DF3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Apr 2023 02:10:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F973 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
26496
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:48:45 GMT
expires
Wed, 24 Apr 2024 18:48:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8ED5 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
175b877b387500f26ef72db9e4f4a9ec9b561cdead3e7b57b42fada252e87e5e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pe8pBdSOm9P8-jlbkOfskQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-pe8pBdSOm9P8-jlbkOfskQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 02:10:21 GMT
expires
Wed, 26 Apr 2023 02:10:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
pagead2.googlesyndication.com/bg/ Frame F973 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
50308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14209
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Apr 2024 12:11:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8ED5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304200101&jk=2666814286166177&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
container.html
c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A1E8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 02:10:21 GMT
expires
Thu, 25 Apr 2024 02:10:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bl-deea5a1-2e3b0aa9.js
tagan.adlightning.com/deseretdigital/ Frame A1E8 		40 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-deea5a1-2e3b0aa9.js
Requested by
Host: c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
URL: https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
772e9fbdba851de624a2de4ed759b0752d6681ae1feef9d1859508e3d26dc729

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 00:37:15 GMT
content-encoding
gzip
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-amz-version-id
ULb.COCfYdODK206ed5xAcH57USAJVoQ
x-amz-cf-pop
FRA60-P4
age
5587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17292
x-amz-meta-git_commit
deea5a1
last-modified
Wed, 26 Apr 2023 00:36:29 GMT
server
AmazonS3
etag
"7009c6b3a31443a2b306d8a811c287f4"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
m7BNbPnZypikL-P8mpVsIKZgMfP_YfhFHUJjQ6gjGPRknyMCwivcmg==
b-8db6969-0d54047a.js
tagan.adlightning.com/deseretdigital/ Frame A1E8 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Requested by
Host: c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
URL: https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b512b1e143d27297a87f49b35f418f656508da018781e9e87019fa2922b6fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 00:43:20 GMT
content-encoding
gzip
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-amz-version-id
ktqVwPB8xkChf39sZlqPrBHeThdUR.QP
x-amz-cf-pop
FRA60-P4
age
1992421
x-cache
Hit from cloudfront
content-length
33929
x-amz-meta-git_commit
8db6969
last-modified
Mon, 07 Nov 2022 21:20:45 GMT
server
AmazonS3
etag
"b172b73159838e1e11f525531ea3264f"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
QWNl5eJ_d5TlJmsy9pBNAr8QmGNEdba4NvTATHNGwMqaypVj7vl8jg==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame A1E8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js
Requested by
Host: c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
URL: https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
26497
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 18:48:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame A1E8 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
URL: https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 21:21:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
17316
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 21:21:45 GMT
l
www.google.com/ads/measurement/ Frame A1E8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT89RM1rDriZBvnDiDl8c3vrdnkvphrIU0hfBsqxsehXvilLUakeg6cviYffnlDTM6A7qhPESo6Xbc1q9EApJkDRaQ04w
Requested by
Host: c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
URL: https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A1E8 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
URL: https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 19:36:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
282854
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 21 Apr 2024 19:36:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A1E8 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
URL: https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49532
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682335668691775"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 02:10:21 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A1E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CrpuBDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSGAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpjFBL39yRhBmKvWYHHUnhdr9XTSgykR3jxpXaRUbOhTmWmMpxPszgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTI2OTc2Nzk1MTg1MTU4ODYY1MQM&sigh=NpYEz2lTYSo&uach_m=[UACH]&cid=CAQSPABygQiDqIo_liQPExCTC2-AoM5lJB5qObmOJbzitd6krftttHYxfrCsA2yI4eZGmBK2cw3n30z3teP-VxgB
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F973 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?eXzzlQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
publishBeacon
pixel.rubyblu.com/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pixel.rubyblu.com/publishBeacon
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.230.100.254 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
254.100.230.35.bc.googleusercontent.com
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 26 Apr 2023 02:10:22 GMT
Server
nginx/1.21.3
Access-Control-Allow-Methods
POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
Content-Length
0
winResponse
prod-rtb.ad4mat.net/ Frame A1E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jpgzrvf3jgmb64esnx7fx1bfez9hdf91xyhrq5pv0save59f5q9db5rbext2dhj7f49naa2e7ty0ff8bjrfbvwzw2weq2esfn3nmjrjxag17rnr1t1b8ejhj2y1qwtpam03fjxw2ba6kvwh3ms3acw4makw7243thm1yz74hy7973qnn2xbbas9927py1e57b84qhryhwrhjthwvf38hpvtcw3twgjhpwcf23edwrnyz4nxf7s603w6b2nqyt14kz64vtn273g2zrspd8hvz8jsrs98bs5mnbjrqfraqm9pq6j3jdz02hsst5gn92z2xgjb1r3y0mbahc77sdf70pww49jeeays69grayr1gtq53ysbpxda2fp7w385av75gprnr6qk7xgx8w8&b=ZEiIDQAAtSIK4HPVAApxR6J5raDMXc28eWMhBA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 26 Apr 2023 02:10:22 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 9356 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jq1ybqxqqbgvzk9k7sn8e3jav44ttb13pg76f71yh44dpd232qe1wfpps13wttzv0rgcgnwcx99rgjvamgbzn7nfsjw5wk45srfjydxfasew9kh9z5y1b77yytede6tkqd7a5wf45mcg3sy2yjh8rwhj7h02zskxsypwp346bdqsrn2s3qah9dqvwfawx5hw4vq9eya5svwb8v4p8xnx00vckdhkn41c5v50f0vx790rzb4dkbj98x2ycydyj7jp1fe75ajmmbnq23dmpe1sahbpcz9zb2pvcdes54x4k0rdsz6mhf4wtwr1k3qf615t9tc88ehmqb2jzwr6j4fegh4wd5y9212a9nfscsy3nrszn1gx3zjgvfvsf5r3psk6yysdz4063s058764ch1mt6cka5nqkfgwsx74wvafqzcnt8abqy00avkcyhw3j6k6wnpdsvy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%26client%3Dca-pub-2697679518515886%26adurl%3D
Requested by
Host: c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
URL: https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e76b4d2973a7c83ba07e6a31945344a4510620f921d25ac742d107aee10325a8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7bdb49f7ce35361d-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 02:10:22 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FC8A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
URL: https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
50310
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 12:11:52 GMT
etag
48472445140208031
expires
Wed, 26 Apr 2023 12:11:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A1E8 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
111cfd4b27bc80b3ec74a9b560d55854eadac55c094bdc862807f806682b40ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304200101&jk=4093950574437675&bg=!z8ylzJjNAAYfNdXmPzU7ADkAdvg8WrIGbJdMpyXNF6r-wQPOoAsBxGel01Dxu0kwHKr61hybHg4KwKNVahLOGpGkYsWXZ6UMjHwCAAADOVIAAAADaAEHCgCVxfrrC-F5Qy1prrG0-rXgWmTM8Ju64TU8X3B0-QEjbCmFLbSFv4wPfJ3YPCXzLKKWe2VqeRJHMMNGT4q-DeLu49a97zNu6P0oLen2Spk_2LubFN6ZOG5sptnKtQDn0u7NiKjIcaIozTreqSLaiZDKtM0CVuKM5Sy2Erl4Rgg_Fx5-vZevSUSfk67YAzYA-aKKvI4VcJWZAuN-_dTl5y1vOswzQDkD91jl1Fwokzm07p7IKSeGWy8dLGTLHuhLqtNvImGaWi7xLhA1aZ_H4OHvrG-P3FEcA0JzynVg5af9hpBoxEsz5jnRTNlDi6GG8ZkT8KxNaKf2LTf7JFQP5N1jOgyL-D3FSr-ZojclMOss_WyfsJ1iYbKTQ1xjkdofEGn-DFDeYxj0sEZEKkYNXG0mYQa7gXmh9w43gr-e4T4_WJ69OrTpZ4XGkE-bSXEgN2SGhKcc8KAw3r-7gc_gRO8WekIjbY4kuFGc_6fA7S6qH0XDUHl2J98-BBVIfN3xEh-7g5GhwEJBv3i6d_bMwc5mrdZXy6ebwDaKXDz-BQ3wSmfYZxVYYPDohiOhDzGYkJkO60s8hoFjMTy1Mg-ilW51htoX3dmjSUj7MmTdTh0R8aPezIscgwLfMA9FyU0c5rAQnJYSpytxCnhS4EP2-N2y4o2GSwekRbhJGhNL0Sb-7E3l3eg3HXMNOmGUpew2nAUmq5IaawJxAe8u1mnEuuNxpA50BWvPQYfMuxfr8sTQ52IgVBamxcHqr__xwpUf1xbUrJ3fL34ciCCsROWHeEkK2cYFgMuvL-AcIsC0IS9D-iunLJ7H3deC0oDutiTlC7vwDhOuGd2tAF-BC4u8PyBGYfpYP3nIMivtEKfWmnhqJjwmg9FJG4C7OQhF5-Ene6fKHP6m-b6SxRBm8WRtWGENfuGzLWJFFsGlz8cm49JmKkvkcLJkpfcTxg82ZnZUxmputRo1rf0NhP9vsmBcHVs-EfbYI3Np_CIfyFjsulzvgLrjBxM-q73OLk5gtf2jSRsbFTYVYmEaZo25vwggGUvER4q0n-KSLhOtFDhS1IPjVD96RGwfl4f3N4VKbHVN511HyjJx5GimxRFRq16znGARv2bm8BmLpX6tx2DwTz-oIGWC8JgvS6-kVBHZFreKTLIilAy0ORH6ZxpNMrIWZAmvNb-n8DrbTig1A0SE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame FC8A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEH2H-K0nH612T3D7_7W104E&google_cver=1&google_push=ATf1kGMdu_XRvpsgV6Cq-C-iUniMMMRhrITkHmxAZTOCZYN6rxQP3KqP-B8_GvVVyXfMgFXvu8zXNU_KhOfaSSjP-yn6HJNl_DTw
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc3MzkxNjc2OTM2Mzk3ODYzNw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH2H-K0nH612T3D7_7W104E&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH2H-K0nH612T3D7_7W104E&google_cver=1
Requested by
Host: c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
URL: https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Apr 2023 02:10:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH2H-K0nH612T3D7_7W104E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FC8A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEIku5G5X2V2gsxOVwHcWad0&google_cver=1&google_push=ATf1kGNOUAz0DNQSivi92Cl-ya45dspD5wcX27Txuan21D2bjBvJSXShq2EWul86kiSuxn1M8T7gK8zXjDs-83rL...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=b_RkSIgMRACZyXEG9uxKMQ&google_push=ATf1kGNOUAz0DNQSivi92Cl-ya45dspD5wcX27Txuan21D2bjBvJSXShq2EWul86kiSuxn1M8T7gK8zXjDs-83rL3k7yufDzOC4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=b_RkSIgMRACZyXEG9uxKMQ&google_push=ATf1kGNOUAz0DNQSivi92Cl-ya45dspD5wcX27Txuan21D2bjBvJSXShq2EWul86kiSuxn1M8T7gK8zXjDs-83rL3k7yufDzOC4
Requested by
Host: c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
URL: https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 26 Apr 2023 02:10:22 GMT
Server
MT3 830 785530e master cdg-pixel-x35 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=b_RkSIgMRACZyXEG9uxKMQ&google_push=ATf1kGNOUAz0DNQSivi92Cl-ya45dspD5wcX27Txuan21D2bjBvJSXShq2EWul86kiSuxn1M8T7gK8zXjDs-83rL3k7yufDzOC4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 26 Apr 2023 02:10:21 GMT
dds
rtb.openx.net/sync/ Frame FC8A 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHgSgeC-OIwxRnwJ3HuaIMU&google_cver=1&google_push=ATf1kGMQt2ZPcgbBmiIimaQiftGdQjhZ_xN0jb0qD0N18aNUx_ihuRT0-Jjn0-35WhMfKrAJeap9L97xT6yqYIgwVhN-K1Y5wsl0
Requested by
Host: c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
URL: https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:21 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
l6m1jmsvgmolj4daldbe23vj39tf8b7d
pixel
cm.g.doubleclick.net/ Frame FC8A
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SW6xwT6dR26q7cDuCCekOg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SW6xwT6dR26q7cDuCCekOg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMiB85r3hJ8qTnlJpyC7jKuCnpP1HcIAe0whkfnDo1ji3pE6nbYiAVung5Sc9xV3HySworiQMlH_ELserNTjjlj39c0nlGE
Requested by
Host: c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
URL: https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SW6xwT6dR26q7cDuCCekOg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMiB85r3hJ8qTnlJpyC7jKuCnpP1HcIAe0whkfnDo1ji3pE6nbYiAVung5Sc9xV3HySworiQMlH_ELserNTjjlj39c0nlGE
date
Wed, 26 Apr 2023 02:10:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync
ssbsync.smartadserver.com/api/ Frame FC8A
Redirect Chain
  • https://dsum-sec.casalemedia.com/cma?google_gid=CAESEBuKE94ZQJoRyHJZ2_TbyjU&google_cver=1&google_push=ATf1kGN9T459izzmfRMOjkfrAWPPbNkoHYOqbFhzzvpNkbHfZcOIVNy7BxWOT2MT0ZrBDDB5FxHM274caF8IsxDgD3391cn...
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
URL: https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:21 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
sync
ssbsync.smartadserver.com/api/ Frame FC8A 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEA6a0Ciwkd5_Ik2G-OLOKD8&google_cver=1&google_push=ATf1kGNRmlaPjaMLoW0nE4lmiOAs5BXCnB3X0Pfo6Du6oXP1EUXPMJAY_G8c6zUODZk4O_mVEYZ1U52uc_7ktmy8zGgVhWvwXzbz
Requested by
Host: c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
URL: https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:22 GMT
content-length
0
/
onetag-sys.com/match/ Frame FC8A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEII6gAcywv4jjx2fc6Tt5BU&google_cver=1&google_push=ATf1kGOxkZgcT8p3I1HFpvTH7I2uUslXP3scjL0a6Sl571i21lphVWOps_nEo8nwhjD9zpq1jHQa9dQExsT...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOxkZgcT8p3I1HFpvTH7I2uUslXP3scjL0a6Sl571i21lphVWOps_nEo8nwhjD9zpq1jHQa9dQExsTynlMkBbSycEdS1GNwvg
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
URL: https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame FC8A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Le0kwl01Xl1d_HHrF9nfagbTiU6BuNX21A4Iwsm2StxTCL6hsHgnCiAPydNBG2sX8CVecODw
Requested by
Host: c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
URL: https://c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 9356 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jq1ybqxqqbgvzk9k7sn8e3jav44ttb13pg76f71yh44dpd232qe1wfpps13wttzv0rgcgnwcx99rgjvamgbzn7nfsjw5wk45srfjydxfasew9kh9z5y1b77yytede6tkqd7a5wf45mcg3sy2yjh8rwhj7h02zskxsypwp346bdqsrn2s3qah9dqvwfawx5hw4vq9eya5svwb8v4p8xnx00vckdhkn41c5v50f0vx790rzb4dkbj98x2ycydyj7jp1fe75ajmmbnq23dmpe1sahbpcz9zb2pvcdes54x4k0rdsz6mhf4wtwr1k3qf615t9tc88ehmqb2jzwr6j4fegh4wd5y9212a9nfscsy3nrszn1gx3zjgvfvsf5r3psk6yysdz4063s058764ch1mt6cka5nqkfgwsx74wvafqzcnt8abqy00avkcyhw3j6k6wnpdsvy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jq1ybqxqqbgvzk9k7sn8e3jav44ttb13pg76f71yh44dpd232qe1wfpps13wttzv0rgcgnwcx99rgjvamgbzn7nfsjw5wk45srfjydxfasew9kh9z5y1b77yytede6tkqd7a5wf45mcg3sy2yjh8rwhj7h02zskxsypwp346bdqsrn2s3qah9dqvwfawx5hw4vq9eya5svwb8v4p8xnx00vckdhkn41c5v50f0vx790rzb4dkbj98x2ycydyj7jp1fe75ajmmbnq23dmpe1sahbpcz9zb2pvcdes54x4k0rdsz6mhf4wtwr1k3qf615t9tc88ehmqb2jzwr6j4fegh4wd5y9212a9nfscsy3nrszn1gx3zjgvfvsf5r3psk6yysdz4063s058764ch1mt6cka5nqkfgwsx74wvafqzcnt8abqy00avkcyhw3j6k6wnpdsvy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%26client%3Dca-pub-2697679518515886%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1681210094
age
54340
cf-polished
origSize=96968
x-guploader-uploadid
ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 11 Apr 2023 10:48:50 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1681210130860508
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CsCWE3UJHYUe%2Fp6pLNq1SXFAgan7xB96jMkMz1qplbIGOgD6bCCLE2Qm2V2WhIaKsX4BEqZWx6blcZZKE%2BeVr7FOzR8Z2iit%2FR3DXxdJrsm6wJiZ4%2Bnh2yXw46oppG8eyaPkJ%2BWjJJM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7bdb49f81e6d361d-FRA
expires
Wed, 26 Apr 2023 03:10:22 GMT
r62eglto.js
ad4m.at/ Frame 9356 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jq1ybqxqqbgvzk9k7sn8e3jav44ttb13pg76f71yh44dpd232qe1wfpps13wttzv0rgcgnwcx99rgjvamgbzn7nfsjw5wk45srfjydxfasew9kh9z5y1b77yytede6tkqd7a5wf45mcg3sy2yjh8rwhj7h02zskxsypwp346bdqsrn2s3qah9dqvwfawx5hw4vq9eya5svwb8v4p8xnx00vckdhkn41c5v50f0vx790rzb4dkbj98x2ycydyj7jp1fe75ajmmbnq23dmpe1sahbpcz9zb2pvcdes54x4k0rdsz6mhf4wtwr1k3qf615t9tc88ehmqb2jzwr6j4fegh4wd5y9212a9nfscsy3nrszn1gx3zjgvfvsf5r3psk6yysdz4063s058764ch1mt6cka5nqkfgwsx74wvafqzcnt8abqy00avkcyhw3j6k6wnpdsvy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
44673
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKBcgr39k6eB2ge5JYoUbezkjqizlvSSBBRNVUry0wJedCqRpLWhgWH2hBfqTngFIBljN26CbFExTRWv6DmcTC1TSaYYrm8UcRWU9n9rw%2BSdxo4pbTZo6x2jEUNsdrGfinKAiTk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7bdb49f82e7c361d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 18 Apr 2023 13:45:45 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 9356 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2693
x-guploader-uploadid
ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDaCrFhzjLQJjLu4IfPrYafhickrpfbctOukfn3tD%2FSp9WaPMsTvvMLLOtHqPX61tLMLMGWuDZkqLwFrwpF4WwNh0VRTr0Kj2j1cSc54d5Q4fCkVOhAsh27UY64dYBg88gJ8fo7sl8FVgfW2e%2BPhKSAq"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7bdb49f88f0b9219-FRA
expires
Wed, 26 Apr 2023 02:25:29 GMT
frame.html
ad4m.at/ Frame 2FEC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1889673
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7bdb49f85a603674-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 26 Apr 2023 02:10:22 GMT
expires
Thu, 30 Mar 2023 21:56:13 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pLS5IDZxAeRMBtp1U8S91V9uHRPBUbBGLp8Eww1sCYa4f6XV7TdDdxdwDTdn%2BUGZ3d1vJzYkfO0pwQFtvtgsxAYx4WI8EH0c9nS8RS7jjewIEtcfM7fHxPlBhXCjDF4PTElSUg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7bdb49f8a9e52c71-FRA
content-length
24
content-type
text/plain
date
Wed, 26 Apr 2023 02:10:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7NV7ApRidA%2Fl06SoTFU%2FX8gxvmO3AMfDrtzdtaNx9Dbp%2BjTqNbp2%2Bmd9dNYRup25JCoImpWUWP3JsDbdcJrm1RQSmWidUllkrpW2964I%2B%2Fn9b6gH6DyT1j4P6MWM6QkiT6Hess%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-0ps5
rs
ad4m.at/ Frame 9356 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eac9cf01e4fa457918e5b48223b6613fdeec93a55f005166a9cbf0466f518baf

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 26 Apr 2023 02:10:22 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BF5RxJjTywV0KfRfi9qQEspVUtHbz5xdFk%2Bbd1rezrt3zoM%2FdXS6BR1Iqr9TMHtQAVSw74%2BanhYNS40wSzPj%2FqFfXe0ZlDT4Ir2Aire1qMRkv7QmMqFdRYQLkqSonpw20zB3Vs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7bdb49f8da142c71-FRA
x-backend-server
aa-reachservice-group-europe-west1-0ps5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rar
as.ad4m.at/ad/ Frame F01F 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=3b9a464432c568e2fa211b3db6b3d172%2F8136189430209663707&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682475022233&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq3mbe2jv5tm1p60dpqnxbn3gxaexpmsnttx2q1yr5tsvdv94m7c6d1jsnn8238yjxpazszfdegqvek2gckam0223mar5j4egwgdbk6dr2gs4n14vdmefnd72hz6t4hk87y8rhzzj5svpc2rx47rfwhzvjg34s4dmbvwmvccr6anj6jjcp6zam86kkyjh08ep4p53hgmms2428y393rpnsvmbqvy4ry6pwpepmvg9q0mhbxzprqjthaw2wccqseh18b1ahns7ngcny3zyhq872y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbb55ad540c126c529554d0145d5ff99342d32f201202d10c09dcc4ec48a953c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jq1ybqxqqbgvzk9k7sn8e3jav44ttb13pg76f71yh44dpd232qe1wfpps13wttzv0rgcgnwcx99rgjvamgbzn7nfsjw5wk45srfjydxfasew9kh9z5y1b77yytede6tkqd7a5wf45mcg3sy2yjh8rwhj7h02zskxsypwp346bdqsrn2s3qah9dqvwfawx5hw4vq9eya5svwb8v4p8xnx00vckdhkn41c5v50f0vx790rzb4dkbj98x2ycydyj7jp1fe75ajmmbnq23dmpe1sahbpcz9zb2pvcdes54x4k0rdsz6mhf4wtwr1k3qf615t9tc88ehmqb2jzwr6j4fegh4wd5y9212a9nfscsy3nrszn1gx3zjgvfvsf5r3psk6yysdz4063s058764ch1mt6cka5nqkfgwsx74wvafqzcnt8abqy00avkcyhw3j6k6wnpdsvy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%26client%3Dca-pub-2697679518515886%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7bdb49f90b053674-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 02:10:22 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame F01F 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=3b9a464432c568e2fa211b3db6b3d172%2F8136189430209663707&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682475022233&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq3mbe2jv5tm1p60dpqnxbn3gxaexpmsnttx2q1yr5tsvdv94m7c6d1jsnn8238yjxpazszfdegqvek2gckam0223mar5j4egwgdbk6dr2gs4n14vdmefnd72hz6t4hk87y8rhzzj5svpc2rx47rfwhzvjg34s4dmbvwmvccr6anj6jjcp6zam86kkyjh08ep4p53hgmms2428y393rpnsvmbqvy4ry6pwpepmvg9q0mhbxzprqjthaw2wccqseh18b1ahns7ngcny3zyhq872y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=3b9a464432c568e2fa211b3db6b3d172%2F8136189430209663707&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682475022233&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq3mbe2jv5tm1p60dpqnxbn3gxaexpmsnttx2q1yr5tsvdv94m7c6d1jsnn8238yjxpazszfdegqvek2gckam0223mar5j4egwgdbk6dr2gs4n14vdmefnd72hz6t4hk87y8rhzzj5svpc2rx47rfwhzvjg34s4dmbvwmvccr6anj6jjcp6zam86kkyjh08ep4p53hgmms2428y393rpnsvmbqvy4ry6pwpepmvg9q0mhbxzprqjthaw2wccqseh18b1ahns7ngcny3zyhq872y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1681210094
age
54340
cf-polished
origSize=96968
x-guploader-uploadid
ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 11 Apr 2023 10:48:50 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1681210130860508
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYg%2BvsnHj2%2F2k%2Fop37760NuAhVX4qboSc8Dh1zxNuAoVM4uMQQTXJzXXODJmAUQU%2FyiDVzvKMNp03%2FrAo9BfWLOvgUoP8G01VkBhJrcQIaQMLyiw8xgUDmzW4tC95krbgO5A6%2FUYRvk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7bdb49f95b3e3674-FRA
expires
Wed, 26 Apr 2023 03:10:22 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame F01F 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=3b9a464432c568e2fa211b3db6b3d172%2F8136189430209663707&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682475022233&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq3mbe2jv5tm1p60dpqnxbn3gxaexpmsnttx2q1yr5tsvdv94m7c6d1jsnn8238yjxpazszfdegqvek2gckam0223mar5j4egwgdbk6dr2gs4n14vdmefnd72hz6t4hk87y8rhzzj5svpc2rx47rfwhzvjg34s4dmbvwmvccr6anj6jjcp6zam86kkyjh08ep4p53hgmms2428y393rpnsvmbqvy4ry6pwpepmvg9q0mhbxzprqjthaw2wccqseh18b1ahns7ngcny3zyhq872y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1678297
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsrXV8a%2FsmZrQzFk7hSMMlZK4J%2BhVSGiYhf%2F1oCpSLvukYEBNRHlV6CY0y0wdRwb5e2l1eJQ02uPxoEzLw8rU0lbXhBH78gGKpsf9E0t363Hb2k9HDsHjlHltLtxQ8BLbTJgCf6Aq%2F4avBj%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7bdb49f97f6c361d-FRA
expires
Thu, 27 Apr 2023 02:10:22 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame F01F 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=3b9a464432c568e2fa211b3db6b3d172%2F8136189430209663707&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682475022233&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq3mbe2jv5tm1p60dpqnxbn3gxaexpmsnttx2q1yr5tsvdv94m7c6d1jsnn8238yjxpazszfdegqvek2gckam0223mar5j4egwgdbk6dr2gs4n14vdmefnd72hz6t4hk87y8rhzzj5svpc2rx47rfwhzvjg34s4dmbvwmvccr6anj6jjcp6zam86kkyjh08ep4p53hgmms2428y393rpnsvmbqvy4ry6pwpepmvg9q0mhbxzprqjthaw2wccqseh18b1ahns7ngcny3zyhq872y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1889370
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkEKoWvsCBm5YsN95L8PKjOebm7mpf5u9Ebi0%2Fl7g0YBcD275mMRUQ8CvXJukloZ3aWaG%2BgFR0i94QCLZvi%2Fw4Ok%2F7mKb21z07j5fH22rsV75PWqFCNvnhAo7pe7ZvuJbNll%2F0Eyk8cDFCO6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7bdb49f97f6e361d-FRA
expires
Thu, 27 Apr 2023 02:10:22 GMT
cshow.php
www.awin1.com/ Frame F01F 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=3b9a464432c568e2fa211b3db6b3d172%2F8136189430209663707&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682475022233&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq3mbe2jv5tm1p60dpqnxbn3gxaexpmsnttx2q1yr5tsvdv94m7c6d1jsnn8238yjxpazszfdegqvek2gckam0223mar5j4egwgdbk6dr2gs4n14vdmefnd72hz6t4hk87y8rhzzj5svpc2rx47rfwhzvjg34s4dmbvwmvccr6anj6jjcp6zam86kkyjh08ep4p53hgmms2428y393rpnsvmbqvy4ry6pwpepmvg9q0mhbxzprqjthaw2wccqseh18b1ahns7ngcny3zyhq872y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:22 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame F01F 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=3b9a464432c568e2fa211b3db6b3d172%2F8136189430209663707&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682475022233&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq3mbe2jv5tm1p60dpqnxbn3gxaexpmsnttx2q1yr5tsvdv94m7c6d1jsnn8238yjxpazszfdegqvek2gckam0223mar5j4egwgdbk6dr2gs4n14vdmefnd72hz6t4hk87y8rhzzj5svpc2rx47rfwhzvjg34s4dmbvwmvccr6anj6jjcp6zam86kkyjh08ep4p53hgmms2428y393rpnsvmbqvy4ry6pwpepmvg9q0mhbxzprqjthaw2wccqseh18b1ahns7ngcny3zyhq872y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
723462
cf-polished
origSize=115129, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75430
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h71%2BZVRue1ujvbneZ88mkJRKqeXd0NpMHz7pXpyt%2BCntSaUpj33EFus%2Fkb2FZHtK2IygUaOWhDss%2BNbfSjHug5kWCXEHKBplWlFz57dc09j%2BFOC1043pag%2BcJp%2FQIWggD%2BHbqEDS2WeHGmV2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7bdb49f97f70361d-FRA
expires
Thu, 27 Apr 2023 02:10:22 GMT
0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame F01F 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=3b9a464432c568e2fa211b3db6b3d172%2F8136189430209663707&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682475022233&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq3mbe2jv5tm1p60dpqnxbn3gxaexpmsnttx2q1yr5tsvdv94m7c6d1jsnn8238yjxpazszfdegqvek2gckam0223mar5j4egwgdbk6dr2gs4n14vdmefnd72hz6t4hk87y8rhzzj5svpc2rx47rfwhzvjg34s4dmbvwmvccr6anj6jjcp6zam86kkyjh08ep4p53hgmms2428y393rpnsvmbqvy4ry6pwpepmvg9q0mhbxzprqjthaw2wccqseh18b1ahns7ngcny3zyhq872y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1140074
cf-polished
qual=85, origFmt=jpeg, origSize=60344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22974
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Mar 2023 22:20:34 GMT
server
cloudflare
etag
"06609266defcd14ec685b2464aeced2e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FioNfEJM3K2UYEGveB0tpr6h8odCJvj2DFBpOwOG4sE3bBA1UBsgHo62AnzSPUaY67%2BeIGlL8lAP%2B7ilnx9HJaN4CN%2BPoIbxDpO37GuG%2FKjfePA9K2%2FfEbpxyStk2mG6GoRngajDeVbDq3Wm"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7bdb49f97f6f361d-FRA
expires
Thu, 27 Apr 2023 02:10:22 GMT
/
partner.o2online.de/a/ Frame F01F
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMWvvPC7xv4CFY6W_Qcd3ggOTw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023042604102284316499929X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202304...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023042604102284316499929X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023042604102284316499929X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=3b9a464432c568e2fa211b3db6b3d172%2F8136189430209663707&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682475022233&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq3mbe2jv5tm1p60dpqnxbn3gxaexpmsnttx2q1yr5tsvdv94m7c6d1jsnn8238yjxpazszfdegqvek2gckam0223mar5j4egwgdbk6dr2gs4n14vdmefnd72hz6t4hk87y8rhzzj5svpc2rx47rfwhzvjg34s4dmbvwmvccr6anj6jjcp6zam86kkyjh08ep4p53hgmms2428y393rpnsvmbqvy4ry6pwpepmvg9q0mhbxzprqjthaw2wccqseh18b1ahns7ngcny3zyhq872y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 02:10:22 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023042604102284316499929X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023042604102284316499929X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
date
Wed, 26 Apr 2023 02:10:22 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame F01F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=3b9a464432c568e2fa211b3db6b3d172%2F8136189430209663707&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682475022233&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq3mbe2jv5tm1p60dpqnxbn3gxaexpmsnttx2q1yr5tsvdv94m7c6d1jsnn8238yjxpazszfdegqvek2gckam0223mar5j4egwgdbk6dr2gs4n14vdmefnd72hz6t4hk87y8rhzzj5svpc2rx47rfwhzvjg34s4dmbvwmvccr6anj6jjcp6zam86kkyjh08ep4p53hgmms2428y393rpnsvmbqvy4ry6pwpepmvg9q0mhbxzprqjthaw2wccqseh18b1ahns7ngcny3zyhq872y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1140142
cf-polished
origFmt=png, origSize=10283
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4736
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Apr 2023 12:21:02 GMT
server
cloudflare
etag
"b90d04a587c2a1ab6749e51d8bb195d1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBIa6622TENw8wFHV4bR84NkTnpcDoTCPnj1QFTwJr654Bb%2F%2B%2FV302fiZhziZCybvJQtiSQgxu3MO1chRRC8kzO49JKHdDMyZPQnxaGenKUN%2BWO23eAmJQSRgP2J9fHauoYV2Gsh3mUnky7u"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7bdb49f97f72361d-FRA
expires
Thu, 27 Apr 2023 02:10:22 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame F01F 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=3b9a464432c568e2fa211b3db6b3d172%2F8136189430209663707&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682475022233&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq3mbe2jv5tm1p60dpqnxbn3gxaexpmsnttx2q1yr5tsvdv94m7c6d1jsnn8238yjxpazszfdegqvek2gckam0223mar5j4egwgdbk6dr2gs4n14vdmefnd72hz6t4hk87y8rhzzj5svpc2rx47rfwhzvjg34s4dmbvwmvccr6anj6jjcp6zam86kkyjh08ep4p53hgmms2428y393rpnsvmbqvy4ry6pwpepmvg9q0mhbxzprqjthaw2wccqseh18b1ahns7ngcny3zyhq872y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
541594
cf-polished
origSize=105738, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
92686
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwoSUlWWIAYNpKaxqT%2F3TCNXUEQl5rOfaMgDCyJCwi2w7EKLI6dTF%2B1LgPx%2BvbO9o22W9GehmXlFUdriRfrqCnFXghcZvecCb%2Bkob0M5PgsNVAEPsRBmoTYAl6xfJdPDsBonb3kh29vx55ay"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7bdb49f97f71361d-FRA
expires
Thu, 27 Apr 2023 02:10:22 GMT
link.html
track.webgains.com/ Frame F01F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gc1a8ft49tzc6b3gj2jrcsyjwj3n56k4b32nwx2zekrf4dwkt45wnbq9v2af64pcjwevmdwmsjk5b5x22dw5bhwkwe4xyqmy7v5mzcw71xxbecq6pazbd83j9f3vascz9wvcyppe3magggf7v2qyrewwj55p6ajyd34esyfpgxp3ftvyckb4vn3pksd869d1y53fzwg78y2qhnxmekthm6cm1mss9sxysxnwzph27mjzqfm7jhjfe3az0pkqn3s7yj0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gq3mbe2jv5tm1p60dpqnxbn3gxaexpmsnttx2q1yr5tsvdv94m7c6d1jsnn8238yjxpazszfdegqvek2gckam0223mar5j4egwgdbk6dr2gs4n14vdmefnd72hz6t4hk87y8rhzzj5svpc2rx47rfwhzvjg34s4dmbvwmvccr6anj6jjcp6zam86kkyjh08ep4p53hgmms2428y393rpnsvmbqvy4ry6pwpepmvg9q0mhbxzprqjthaw2wccqseh18b1ahns7ngcny3zyhq872y%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=3b9a464432c568e2fa211b3db6b3d172%2F8136189430209663707&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682475022233&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq3mbe2jv5tm1p60dpqnxbn3gxaexpmsnttx2q1yr5tsvdv94m7c6d1jsnn8238yjxpazszfdegqvek2gckam0223mar5j4egwgdbk6dr2gs4n14vdmefnd72hz6t4hk87y8rhzzj5svpc2rx47rfwhzvjg34s4dmbvwmvccr6anj6jjcp6zam86kkyjh08ep4p53hgmms2428y393rpnsvmbqvy4ry6pwpepmvg9q0mhbxzprqjthaw2wccqseh18b1ahns7ngcny3zyhq872y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.51.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-51-149.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c43f1c90530a01ff62e8403f0f2b2e40f4fcdd0e51ae4fb6b89579fc547fc05f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:22 GMT
last-modified
Wed, 26 Apr 2023 02:10:22 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 26 Apr 2023 02:11:22 GMT
pvClk.min.js
analytics.webgains.io/ Frame F01F 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gc1a8ft49tzc6b3gj2jrcsyjwj3n56k4b32nwx2zekrf4dwkt45wnbq9v2af64pcjwevmdwmsjk5b5x22dw5bhwkwe4xyqmy7v5mzcw71xxbecq6pazbd83j9f3vascz9wvcyppe3magggf7v2qyrewwj55p6ajyd34esyfpgxp3ftvyckb4vn3pksd869d1y53fzwg78y2qhnxmekthm6cm1mss9sxysxnwzph27mjzqfm7jhjfe3az0pkqn3s7yj0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gq3mbe2jv5tm1p60dpqnxbn3gxaexpmsnttx2q1yr5tsvdv94m7c6d1jsnn8238yjxpazszfdegqvek2gckam0223mar5j4egwgdbk6dr2gs4n14vdmefnd72hz6t4hk87y8rhzzj5svpc2rx47rfwhzvjg34s4dmbvwmvccr6anj6jjcp6zam86kkyjh08ep4p53hgmms2428y393rpnsvmbqvy4ry6pwpepmvg9q0mhbxzprqjthaw2wccqseh18b1ahns7ngcny3zyhq872y%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 05:34:41 GMT
content-encoding
gzip
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
74142
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
Ragy-DdnCTu6NEgSf5exGz4Xsu0W2caHTWmiQSPyUnPW6DBhJAUlmA==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame F01F 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1682475322&Signature=MeLJVt3UvxUcOcbENpV3tlOtA0ij~R67NkHOIutmuB3HbIQNSGz-A7X0UnT6NqDzEqw32fsoPX7XCUBc2ttR8G4zOprE3DjkCG99ZZLQIc0-TEnKGR83wqnrW597~xituMxNjrkkapdCormtzt46YrcOPi02ZFpCoKyMeHAd9sNXE6eTZr60Mex-VyolYUTFCkmN1l7ErbZU35tdWA1w89iZ8NahFmJ~ZTdY6WcwS77NJdv50iULB1cL~3HI68-7YiTuJttP6qWJZMU0iU1qzx2yCS2AQtazcBWP3ZBJQsCD6rXt7hdLK2YcTS~Q1DKmD0X-gSO7SrlQgtiuMupuNA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=3b9a464432c568e2fa211b3db6b3d172%2F8136189430209663707&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682475022233&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq3mbe2jv5tm1p60dpqnxbn3gxaexpmsnttx2q1yr5tsvdv94m7c6d1jsnn8238yjxpazszfdegqvek2gckam0223mar5j4egwgdbk6dr2gs4n14vdmefnd72hz6t4hk87y8rhzzj5svpc2rx47rfwhzvjg34s4dmbvwmvccr6anj6jjcp6zam86kkyjh08ep4p53hgmms2428y393rpnsvmbqvy4ry6pwpepmvg9q0mhbxzprqjthaw2wccqseh18b1ahns7ngcny3zyhq872y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 25 Apr 2023 06:04:45 GMT
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
72338
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
smVT0gn-xcZ5mhij2ye7oZNSSaQRKKu1IUkP2WMPzhD9Y8fNYByPfA==
SPug
simage4.pubmatic.com/AdServer/ Frame 40D0 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar
pagead2.googlesyndication.com/pagead/ Frame 1DF3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304200101&jk=2666814286166177&bg=!trWlteHNAAYfNdXmPzU7ADkAdvg8Wjm80LfuyyTURqMyZu9RpTFVIa2UhU5dA3CjTo2VkspRjNQ6Epokyr_OSodvxgCxtrd8HLQCAAADcFIAAAADaAEHCgAqvSYqu8ILK79F2wFhf2n3BVOLbhbCjglf9YbA3MweuYfczcO006q_hIMbmQL1hv2BAOUCGU66rWi2ccAmbiOP1UE8VTHXGtucZBp3EvAbJnAoMqbuSzsrExiM0IkBX4mlUwDkv5O-KZ_JawwiqsHzbm6q5LSOMaGlV4dRZnjNEcgM5vjWgdIDvVkDkXSQtg3APljb3Tdc-d5tL9RHWieaKweZyU6Uhs5M60kCXdOzL8ZqrtpDuCFxKNFekaQQvxSo7O_p9dHyiqGsb8712BxdHFSjPEtB_LMXIJ7Zd6l4SQH2Rjbs8qYcqgMj8oAaryLLTXkuBg0kpU2MFeBzv8N8dD94o5crjwGWTjMzy5AeNnLnewzH37NN02drqmn6OeCb3e7LfYbwyTo20b6Osz8KOAJGkGQ6FyIrV1W5IAyH1Rwo27ly_3A7pwtZPPrUvQjYp9GYIsgx8_sCkuvayF7OA0EWNP4ehG2SOf67Ni9KTj2wpwUpOJBKCLxsZfJmfKfujJU_kEknW89oC1nGX9u4QpFBMgcIqY4XU2FG5tpabF6wgjC_RnWEXo0iz_rOTAJExYtuokX-xUuq2UBZNUfexdp_pz3rZRrAh0FRyGVXoQMzR2RuOkbrM6Fy4qbRKpYimhVtvO01Sauu5msnDuMbDlXa1wLzpYN3nTXqE_PGrKgyCgwLk0HF2rH_NOsE0hg8GfBYXf15plfqGvZLzQN9lX2bfD00A3a0-K_JCXXDJutwHoh0WcesbyIR_sbkpHc3ORxaR_E3W0jYv1uATTQyOLhZf-eONSzm43ITAe6WJ0w7Ursuud9qNCs3vloJlwk9DZz3aBHTLcj2BJAJSg0oLk26ZWEEr5A5U_9sOfDOKoVh6uxqqmhUSfvJzaO8xHDqQs5WhQX3T4vpjvRw2z7q3248gNroiYy8GjFXgeKukE59RZ8bduDz5iW1KzYCzlwO3vg0mclGbcnoO88e7cBjjEkcgeDpjVnZrIzsO4UJZZ9T0mcw9bUmy6wgch-4ShWwmDZCqb9Ds6p8N4TA05-TBjP11XRNCDPZeQUggZqhiN2A-w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame F616 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=50841272&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
366ff6662ca78ca22a437b7ed0fb6c2dc5018889123e4bcbbbb8d41efd1e7c51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 26 Apr 2023 02:10:21 GMT
content-length
2002
content-type
text/html; charset=UTF-8
prebid
id5-sync.com/api/config/ Frame 1DF3 		135 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
9122d35ca0b1532a344f0801f9004b862de73fe3ec70d6eb04a345cc02e8e2a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Wed, 26 Apr 2023 02:10:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 1DF3 		0
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=88
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Apr 2023 02:10:23 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.ksl.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rid
match.adsrvr.org/track/ Frame 1DF3 		63 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8005e9fe5a4f7da9c83d15dbd8742eedcb03b7e3b9bf8408cba885e898a67aee

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Apr 2023 02:10:23 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ksl.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Fri, 26 May 2023 02:10:23 GMT
pd
u.openx.net/w/1.0/ Frame A757 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 26 Apr 2023 02:10:23 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usersync.html
ad-cdn.technoratimedia.com/html/ Frame C712 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.25.0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:f76:14f7:d635:25c4:c8d7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4890) /
Resource Hash
0f4328dd583577482da89d8af94cd1146cec997553dd53bc2f9ee3d406cfa9ce

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
80
cache-control
max-age=900
content-encoding
gzip
content-length
6755
content-md5
HcWFhk+tXaF3NZt1fPMIOA==
content-type
text/html; charset=utf-8
date
Wed, 26 Apr 2023 02:10:23 GMT
etag
9f484a91-0039-4789-8873-641b0861cba7
expires
Wed, 26 Apr 2023 02:25:23 GMT
last-modified
Thu, 02 Feb 2023 14:10:57 GMT
opc-request-id
iad-1:EyrQN9xTGkPNEan4guTCbTXxX9gf7uejLxYE4foVGklt3AbnGtXSG7k_8NwSEZJu
server
ECAcc (ama/4890)
storage-tier
Standard
vary
Accept-Encoding
version-id
68d8e56e-76a4-4241-8b88-07572b4580e7
x-api-id
native
x-cache
HIT
usync.html
eus.rubiconproject.com/ Frame BF55 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Wed, 26 Apr 2023 02:10:23 GMT
etag
"40010-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame A902 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ayecLO80ur6ik0aKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 26 Apr 2023 02:10:23 GMT
server
33XP003
x-33x-status
2000208
ixmatch.html
js-sec.indexww.com/um/ Frame 7C70 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
94
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7bdb4a00cdf99bbf-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 26 Apr 2023 02:10:23 GMT
expires
Wed, 26 Apr 2023 06:10:23 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7151 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-8db6969-0d54047a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
68146
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 26 Apr 2023 02:10:23 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 17 Apr 2023 07:14:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1531, 848
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230058-FRA
X-Timer
S1682475023.494748,VS0,VE0
9.gif
id5-sync.com/s/441/ Frame 1DF3 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 26 Apr 2023 02:10:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
tracking-event
api.webgains.io/ Frame F01F 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.81.67 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-81-67.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 26 Apr 2023 02:10:23 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.81.67 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-81-67.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 26 Apr 2023 02:10:23 GMT
server
nginx
v1
lb.eu-1-id5-sync.com/lb/ Frame 1DF3 		33 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
6aa3150c8219b0d75ed240d85c972665d26bd6fb8d66b4200391a338ac7557dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Wed, 26 Apr 2023 02:10:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame BF55 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
517804de83d11ec1469b839d29b9be9ae3d28bdcc4c1148b851af286003f1a2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:23 GMT
content-encoding
gzip
last-modified
Tue, 25 Apr 2023 15:46:00 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=48935
content-length
10019
expires
Wed, 26 Apr 2023 15:45:58 GMT
match
c1.adform.net/serving/cookie/ Frame 3F6E 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=496EB1C1-3E9D-476E-AAED-C0EE0827A43A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 26 Apr 2023 02:10:23 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5049 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=496EB1C1-3E9D-476E-AAED-C0EE0827A43A&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 26 Apr 2023 02:10:23 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
W829RV73BJ0NCJHARBDY
Pug
simage2.pubmatic.com/AdServer/ Frame CDF7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4734284114297359280&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4734284114297359280&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 26 Apr 2023 02:10:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
e27161a9-5636-4d92-aa88-6f391bb382cc
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 26 Apr 2023 02:10:23 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4734284114297359280&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
146.70.117.108; 146.70.117.108; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame C984
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7226175200131283083&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7226175200131283083&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 26 Apr 2023 02:10:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 26 Apr 2023 02:10:23 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7226175200131283083&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame E94B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T7kSB8M1W-JsuEZBzvt6Z5JGdWw&gdpr=0&gdpr_consent=
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T7kSB8M1W-JsuEZBzvt6Z5JGdWw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 26 Apr 2023 02:10:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 26 Apr 2023 02:10:23 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T7kSB8M1W-JsuEZBzvt6Z5JGdWw&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 2CF1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHZE9VN0lrUkFBQUNCN04wNklZUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGdOU7IkRAAACB7N06IYQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAGdOU7IkRAAACB7N06IYQ&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGdOU7IkRAAACB7N06IYQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5840567035177493182&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGdOU7IkRAAACB7N06IYQ&gdpr=0&gdpr_consent=
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGdOU7IkRAAACB7N06IYQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 26 Apr 2023 02:10:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 26 Apr 2023 02:10:23 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGdOU7IkRAAACB7N06IYQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
sync
ads.servenobid.com/ Frame 568E 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=496EB1C1-3E9D-476E-AAED-C0EE0827A43A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.69.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-69-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Wed, 26 Apr 2023 02:10:23 GMT
mw
mwzeom.zeotap.com/ Frame F616 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=496EB1C1-3E9D-476E-AAED-C0EE0827A43A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:23 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7bdb4a015e7bbbe3-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame F616
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=496EB1C1-3E9D-476E-AAED-C0EE0827A43A&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=496EB1C1-3E9D-476E-AAED-C0EE0827A43A&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=496EB1C1-3E9D-476E-AAED-C0EE0827A43A&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:29 GMT
frontend-id
2
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:29 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=496EB1C1-3E9D-476E-AAED-C0EE0827A43A&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame F616
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=496EB1C1-3E9D-476E-AAED-C0EE0827A43A&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c4eced2fb2bb3330/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Apr 2023 02:10:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame F616
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=496EB1C1-3E9D-476E-AAED-C0EE0827A43A&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-SgR2JYpE2uX0cxRkzsdnyCODrr.YpzA-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-SgR2JYpE2uX0cxRkzsdnyCODrr.YpzA-~A&gdpr=0
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 23:05:09 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-SgR2JYpE2uX0cxRkzsdnyCODrr.YpzA-~A&gdpr=0
date
Wed, 26 Apr 2023 02:10:23 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
496EB1C1-3E9D-476E-AAED-C0EE0827A43A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F616 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/496EB1C1-3E9D-476E-AAED-C0EE0827A43A?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:f896:3671:b11a:dd53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame F616
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=ca89b59c-ad9f-4f42-9f9d-17b75509a161&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f3f8b426-da8f-449a-a387-184654c7eb32&gdpr=&gdpr_consent=&gdpr_pd=
1 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f3f8b426-da8f-449a-a387-184654c7eb32&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 26 Apr 2023 02:10:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f3f8b426-da8f-449a-a387-184654c7eb32&gdpr=&gdpr_consent=&gdpr_pd=
date
Wed, 26 Apr 2023 02:10:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame F616 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Wed, 26 Apr 2023 02:10:23 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame F616 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=496EB1C1-3E9D-476E-AAED-C0EE0827A43A&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.158.223.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams02-nessy-float2.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:23 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
369.json
id5-sync.com/g/v2/ Frame 1DF3 		216 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
bc65ca6d9248fe3d55c74b3bcca0bdddf9ca871cb9f60570ceafe274f8265e9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Wed, 26 Apr 2023 02:10:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
usermatch
ssum-sec.casalemedia.com/ Frame A5DE 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
8de978b510b045a8779d7c15cf6e3287d97ac7d3bea8527b6511f9cd6fb781ea

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1538
Content-Type
text/html
Date
Wed, 26 Apr 2023 02:10:23 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=5&c=2719&i=8qsnmi&p=ksl-com&s=3415&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI4cXNubWkiLCJwYWNrZXQiOjUsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APBMaHR0cHM6Ly9leC5pbmdhZ2UudGVjaC92MS9zeW5jUGFnZS9ydWJpY29uP3VzZXJJZD1mZWY2YmUyOS03MzIxLTQxNTktODgzNC1hZGY5NzU3NzkzNDImdG89aFoA8wglM0ElMkYlMkZzZWN1cmUtYXNzZXRzLlMA8BRwcm9qZWN0LmNvbSUyRnV0aWxzJTJGeGFwaSUyRm11bHRpLYYA9kguaHRtbCUzRmVuZHBvaW50JTNEdXMtZWFzdCUyNnAlM0RpbnN0aWNhdG9yIiwidHlwZSI6ImlmcmFtZSIsInN0YXJ0IjoxNjgyNDc1MDE5NjY0LCJlbmQUAMEyMTEyNSwic291cmM8AKNuc2VydEJlZm9yQgChdHVzIjoibG9hZE8BQGFzb25OAdRdLCJkYXRhUGF0dGVyEgDBbGlzdCI6W10sImlkZADPNDExNTM5NDY5Mn0sgAHwMDc0NakCAhwBEDKUAQyAATFtdXSgAqJPYnNlcnZlckNMyAEPhgExPzc3M4YBB9B3d3cuZ29vZ2xldGFnfABAaWNlc58C9hMvYWN0aXZldmlldy9qcy9jdXJyZW50L3J4X2xpZGFyLmpzegJic2NyaXB0sgAJegJONTk0MPoAJzYyegIP-gALYHRpbWVvdVsAL3JlgwIbrzIxNTQ3NDQ4OTf9AAdxaW1nLmtzbO8AgXNsYy8yOTI2BQAjNTQHAPASMDUuanBnP2ZpbHRlcj1rc2x2Mi9yZXNwb25zaXZlXzIw_gQDgAMDTQMOgAM-NjM3BgE_NDMzBgEIEkFNAQL_AQ8FASevMTExOTg3Nzg2NAUBSCdsZwoCAlEEDwQBAh0xCgIPBAFSnzM0MDExMzU0MIwECMFhZHMucHVibWF0aWMOAjFBZFOIAwD7AgAGBhVflgX2BD9rZG50dWlkPTEmcD0xNTg5Nzb_AA-DBQcuNzEDAjc5NTQDAh9pgwU7EDB2Ak8wNjc3-wEID_cAUA_6BAAK9wAPAAQLD4AGJAP9AD84MDn4AgcBkAggYy70BGFlbm9iaWT5AQXoAQ_VARMdN9QCGTneBA_VATyfMTIwNzE2ODcx1QEID9gAMS80NtgADA-2AUIE3gAfNLAGCFBwaXhlbE4JQXlibHWyAQHwAIZzaEJlYWNvbrYBRXNlbmQUABpzEglfMjE5NjPiAAAIjwP4A1NFTkRCRUFDT05fTUFOQUdFUpMFb2FsbG93ZRsJIa8yMjczMDYwNjY4mwIHD5gGD28xNy5qcGWZBi09NzAxmQg4MjE2BwEM6QEPmQY0rzA0MjkxNzc0NDEGAUkPmgYSPTcwMe4CDwUBU9AyOTYzMjEzMzcxfV19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:23 GMT
cache-control
no-cache, no-store
server
nginx
expires
Wed, 26 Apr 2023 02:10:22 GMT
async_usersync
ib.adnxs.com/ Frame 7151 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:23 GMT
AN-X-Request-Uuid
b6c34fac-3d92-41bd-9a77-27333b972ed2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.108; 146.70.117.108; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A5DE
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4734284114297359280
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4734284114297359280
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 26 Apr 2023 02:10:23 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.108; 146.70.117.108; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e2255ed4-ff21-4472-8333-0f8532cbca2a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4734284114297359280
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A5DE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZEiIDAAFfoTJQgAn
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZEiIDAAFfoTJQgAn
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fra-eddf8230093-FRA
pragma
no-cache
date
Wed, 26 Apr 2023 02:10:23 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682475024.652000,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZEiIDAAFfoTJQgAn
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame A5DE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6ff46448-880c-4400-99c9-7106f6ec4a31
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6ff46448-880c-4400-99c9-7106f6ec4a31
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 26 Apr 2023 02:10:23 GMT
Server
MT3 830 785530e master cdg-pixel-x35 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6ff46448-880c-4400-99c9-7106f6ec4a31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 26 Apr 2023 02:10:22 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame A5DE 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.52.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-52-255.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:23 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame A5DE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
crum
dsum.casalemedia.com/ Frame A5DE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4734284114297359280
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4734284114297359280
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 26 Apr 2023 02:10:23 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.108; 146.70.117.108; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
755e5fdb-d451-4804-8330-3e12d190fb13
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4734284114297359280
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ssbsync.smartadserver.com/api/ Frame A5DE 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:23 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame A5DE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6716428918140250547&expiration=1683684623
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6716428918140250547&expiration=1683684623
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6716428918140250547&expiration=1683684623
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
htw-pixel.gif
cdn.indexww.com/ht/ Frame A5DE 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZEiIC9W5qezaTQnR9NkcIgAA%263257
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:23 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
54243
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7bdb4a025b8003d8-FRA
content-length
43
expires
Thu, 27 Apr 2023 02:10:23 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 8F69 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51908225&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1c7d8bece645148ef450d51239483d24064975e6d7d94a250bd32a88f8066b82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 26 Apr 2023 02:10:22 GMT
content-length
1689
content-type
text/html; charset=UTF-8
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JW89DL7T5D&gtm=45je34j0&_p=1904899749&cid=613797378.1682475015&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1682475015&sct=1&seg=0&dl=https%3A%2F%2Fwww.ksl.com%2F&dt=Utah%20News%2C%20Sports%2C%20Weather%2C%20Cars%20and%20Classifieds%20%7C%20KSL%20News&en=Ad%20Block&ep.DDM_Device_ID=mngsvs1326q6&ep.DDM_Session_ID=pdr7fimtemqg&ep.DDM_Hit_ID=euc4551ma0u3&ep.KSL_Member_ID=&ep.User_Pseudo_ID=613797378.1682475015&ep.Experiment_Group=false&ep.Entity=KSL.com%20-%20News%2FContent&ep.Site_Section=News&ep.Template=Homepage&ep.Title=not%20specified&ep.Event_Category=Ad%20Block&ep.Event_Action=off&_et=3148&up.User_Pseudo_ID=613797378.1682475015
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:10:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame C410 		85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 26 Apr 2023 02:10:23 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230093-FRA
x-timer
S1682475024.704817,VS0,VE93
cm
ipac.ctnsnet.com/int/ Frame 2C63 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 26 Apr 2023 02:10:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
i.match
s.tribalfusion.com/z/ Frame C1F9
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
439 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7bdb4a03dbc4bb4f-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 26 Apr 2023 02:10:24 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7bdb4a028b0bbb4f-FRA
content-type
text/html
date
Wed, 26 Apr 2023 02:10:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
97
cookiesync
core.iprom.net/ Frame 896A 		43 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 26 Apr 2023 02:10:23 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-c638d1cd1c71@version_1.550v2
X-core-time
1ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame A0BC
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 26 Apr 2023 02:10:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 26 Apr 2023 02:10:23 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
bridge
cm.adgrx.com/ Frame 9F24 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 Secaucus, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Wed, 26 Apr 2023 02:10:23 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-3
Pug
simage2.pubmatic.com/AdServer/ Frame 700D
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=oOrhioAtM&gdpr=0&gdpr_consent=
42 B
221 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=oOrhioAtM&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 26 Apr 2023 02:10:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
content-type
text/html; charset=utf-8
date
Wed, 26 Apr 2023 02:10:23 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=oOrhioAtM&gdpr=0&gdpr_consent=
vary
Origin
via
1.1 google
usersync
usersync.gumgum.com/ Frame 68A5 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=496EB1C1-3E9D-476E-AAED-C0EE0827A43A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 26 Apr 2023 02:10:23 GMT
Expires
0
Pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame 8F69
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2773916769363978637&gdpr=0&gdpr_consent=&us_privacy=
1 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2773916769363978637&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 26 Apr 2023 02:10:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2773916769363978637&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 26 Apr 2023 02:10:23 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 8F69
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4734284114297359280
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4734284114297359280
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 26 Apr 2023 02:10:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 26 Apr 2023 02:10:23 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.108; 146.70.117.108; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9811ce08-6b07-49d3-8e0d-f15ae5b88d5a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4734284114297359280
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8F69
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f00dcedf-d5a8-4232-87c0-ce40962269dd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f00dcedf-d5a8-4232-87c0-ce40962269dd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 26 Apr 2023 02:10:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f00dcedf-d5a8-4232-87c0-ce40962269dd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 26 Apr 2023 02:10:23 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
async_usersync
ib.adnxs.com/ Frame 7151 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:10:24 GMT
AN-X-Request-Uuid
23b3c641-6715-4450-b669-957bd20b6ae4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.108; 146.70.117.108; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame F616 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 8F69 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=6&c=2719&i=8qsnmi&p=ksl-com&s=2187&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI4cXNubWkiLCJwYWNrZXQiOjYsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APCOaHR0cHM6Ly9yZWdpb24xLmFuYWx5dGljcy5nb29nbGUuY29tL2cvY29sbGVjdD92PTImdGlkPUctSlc4OURMN1Q1RCZndG09NDVqZTM0ajAmX3A9MTkwNDg5OTc0OSZjaWQ9NjEzNzk3Mzc4LjE2ODI0NzUwMTUmdWw9ZW4tdXMmc3I9MTYwMHgxMjAwJnVhYT0mdWFiPSZ1YWZ2bAwAgG1iPTAmdWFtDAARcAUAEHYGANd3PTAmX3M9MiZzaWQ9WADxAHNjdD0xJnNlZz0wJmRsPd8A8AElM0ElMkYlMkZ3d3cua3Ns1ADzDiUyRiZkdD1VdGFoJTIwTmV3cyUyQyUyMFNwb3J0DAByV2VhdGhlchkA8AhDYXJzJTIwYW5kJTIwQ2xhc3NpZmllZBQAICU3OgAzS1NMSgBQJmVuPUEnAPQUQmxvY2smZXAuRERNX0RldmljZV9JRD1tbmdzdnMxMzI2cTYeADBTZXNGAgAfAMRwZHI3ZmltdGVtcWcfADBIaXQbAMBldWM0NTUxbWEwdTMbAKBLU0xfTWVtYmVyHgAAEgCwVXNlcl9Qc2V1ZG8TAA98AQKQZXAuRXhwZXJpJwLAX0dyb3VwPWZhbHNlQQCiRW50aXR5PUtTTCcBIzAt1gCgJTJGQ29udGVudCcAgFNpdGVfU2VjRwIQPT8BABUA8QFUZW1wbGF0ZT1Ib21lcGFnUQDxAVRpdGxlPW5vdCUyMHNwZWM3AQAuAOtFdmVudF9DYXRlZ29yeTIBAh0AEkFgAP8Bb2ZmJl9ldD0zMTQ4JnVwLuUAEPQPIiwidHlwZSI6InNlbmRCZWFjb24iLCJzdGFydCI6MQJQMjM2Njg2AxpkFACAOSwic291cmNAAPIDU0VOREJFQUNPTl9NQU5BR0VSSADRdHVzIjoiYWxsb3dlZGUDQGFzb25kA9RdLCJkYXRhUGF0dGVyEgCzbGlzdCI6W10sImltACA4OBgDXzY5NX0slgMFM3RwY4gDYXN5bmRpY7YDAJgBYi9zb2RhcgYARzIuanPvAFJjcmlwdKMACOsAXTE4NzM26wA3OTA46wCgcmVtb3ZlQ2hpbNEAMnN0YeQAYHRpbWVvdVQAL3Jl5AAbrzExMzI1NDE3NzLkAFYfN-QAZh8z5AAHgWFwLmxpaml0uwG7cGl4ZWw_cmVkaXKgBPALZXguaW5nYWdlLnRlY2glMkZ2MSUyRnN5bmMHAPYrb3ZybiUyRmZlZjZiZTI5LTczMjEtNDE1OS04ODM0LWFkZjk3NTc3OTM0MiUzRnVpZCUzRCUyNFVJRB4Cb2lmcmFtZR4CAD05NzA6ARo0HgKzaW5zZXJ0QmVmb3JCAA8fAi2vMDU3ODY0MDQ4MDsBqyw0NXUCCzsBMW11dLsDok9ic2VydmVyQ0yDAQ9BAS7ANTc4NjQwNTE4fV19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:10:26 GMT
cache-control
no-cache, no-store
server
nginx
expires
Wed, 26 Apr 2023 02:10:25 GMT

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 boolean| credentialless string| ddmTopDomain string| ddmPageviewId string| ddmSessionId string| ddmDeviceId function| ddmUeid object| KSL object| ensBootstraps object| Bootstrapper object| ensClientConfig boolean| ensBrowserSupported object| gateway function| s2nFloatCallback boolean| _GDPR_ object| googletag object| pbjs object| kslDataLayer object| tempDataLayer object| React object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| cX object| rubyBluScript object| rubyblu object| gaplugins object| gaGlobal object| gaData object| webpackChunkStripeJSouter function| noop function| Stripe object| regeneratorRuntime object| rubyBluPageData function| setupRubyBlu object| ReactDOM number| catchversion object| catchdetectrun object| catchhoneyevent object| dm_logger boolean| dmjs_loaded boolean| mouseflowDisableKeyLogging object| mouseflowHeatmap object| mouseflow object| scrolldepth object| lazySizesConfig object| lazySizes function| fitvids function| StockTicker function| PrepScoreboard function| PickemWidget object| ddm object| picturefillCFG function| picturefill object| pbjsChunk object| _pbjsGlobals string| nobidVersion object| nobid object| kslEventBus boolean| commentsDisableDepth object| kslSocialShare object| impressions object| mostViewedImpressions object| _sift object| aoi8dB2 function| aoi8dB3 object| xop object| 132da3ikuu4g object| ibeydw19wxs object| rc_styleSettings object| catchhoneydropevent object| catchtriggerlogin object| catchaftercheck object| catchtriggermessageagain object| catchdo object| helpmodal object| removeModal object| saveLog object| eventRecorder object| catchspider object| catchsend object| catchsendservice object| catchrecordrec object| catchunverified object| catchverified object| catchrclogin object| catchsubscribe object| clearexperience object| catchnewsletter number| planViews boolean| ab_present boolean| ab_service_present boolean| jsnoloadcatch object| adblockerfound object| adblockernotfound object| adblockerservicefound object| adblockerservicenotfound object| ggeac object| google_js_reporting_queue object| getMessagesCountContainer object| KslHeader object| headerDataLayer object| uTZGbe function| uTZGbm object| xblacklist object| Ni9t6c2 function| Ni9t6c3 function| xblocker boolean| senddone undefined| google_measure_js_timing object| m-ksl-messages function| postscribe object| google_tag_manager_external function| OX object| OX_swfobject object| oxhbjs object| OXHBConfig object| OneTrustStub function| OptanonWrapper string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| Optanon object| OneTrust object| Twilio boolean| DFPMessageEnabled object| rccbase_styles object| GoogleGcLKhOms function| __siftFlashCB undefined| Sift object| PluginDetect boolean| updatedone object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| ads_list object| embeds_list boolean| isPageviewSent object| federatedObj object| __connect object| google_image_requests

168 Cookies

Domain/Path Name / Value
.mrtnsvr.com/sync Name: userId
Value: oOrhioAtM
www.ksl.com/ Name: ksl-ab-test-titles
Value: 0
www.ksl.com/ Name: KSL-PARKED-PICKS
Value: %5B50628944%2C50629137%2C50629055%5D
www.ksl.com/ Name: KSL-PARKED-PICKS-COUNT
Value: 1
www.ksl.com/ Name: ksl-ab-test-custom-news-feed
Value: 0
.ksl.com/ Name: ddmSessionId
Value: pdr7fimtemqg
.ksl.com/ Name: ddmDeviceId
Value: mngsvs1326q6
.ksl.com/ Name: _gid
Value: GA1.2.130905367.1682475015
.ksl.com/ Name: _dc_gtm_UA-72877204-2
Value: 1
.ksl.com/ Name: bluSyncTime
Value: 1682475015518
.ksl.com/ Name: bluSiteUserID
Value: ksl.bxm2znbxj6xq
.ksl.com/ Name: _ga
Value: GA1.2.613797378.1682475015
.bidr.io/ Name: bito
Value: AAGdOU7IkRAAACB7N06IYQ
.bidr.io/ Name: bitoIsSecure
Value: ok
www.ksl.com/ Name: OX_sd
Value: 1
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.ksl.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Wed+Apr+26+2023+02%3A10%3A16+GMT%2B0000+(GMT)&version=202210.1.0&hosts=&consentId=3206efef-ad40-4228-96ec-d18de469d78e&interactionCount=0&landingPath=https%3A%2F%2Fwww.ksl.com%2F&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CBG102%3A1%2CC0004%3A1
m.stripe.com/ Name: m
Value: bdfe2c63-820f-4d6a-827a-2f82f16c7480ef9780
.www.ksl.com/ Name: __stripe_mid
Value: c8668a90-6891-4267-9b25-e1a52c09feef1c91a7
.www.ksl.com/ Name: __stripe_sid
Value: e76b4302-e3a7-44a5-85ee-9d19a7eca217c63ca7
.ksl.com/ Name: __gads
Value: ID=d60890003adec919:T=1682475016:S=ALNI_MY6edVuNu0uMBI9BF_B-dDpo19Lpw
.ksl.com/ Name: __gpi
Value: UID=00000befbb51a54c:T=1682475016:RT=1682475016:S=ALNI_MbJpo0sRJZJhRWTwgkGbNJQjoTm5A
.doubleclick.net/ Name: IDE
Value: AHWqTUluhPtYtU_0jkIvB6mL64LBJVaM8GpmC4vxLhjlJfubgcdNBEpiEv9R4zmOgqs
.ksl.com/ Name: __ssid
Value: d3f17d0fc3aab892c4fa65aa1311884
.ksl.com/ Name: _ga_JW89DL7T5D
Value: GS1.1.1682475015.1.0.1682475018.57.0.0
.ksl.com/ Name: InstiSession
Value: eyJpZCI6IjQ2MDUzZTc0LTgwZjMtNDExMi05MWYyLTU2MDZiNDFlYjc1NiIsInJlZmVycmVyIjoid3d3LmtzbC5jb20iLCJjYW1wYWlnbiI6eyJzb3VyY2UiOm51bGwsIm1lZGl1bSI6bnVsbCwiY2FtcGFpZ24iOm51bGwsInRlcm0iOm51bGwsImNvbnRlbnQiOm51bGx9fQ==
.ingage.tech/ Name: instUid
Value: fef6be29-7321-4159-8834-adf975779342
www.ksl.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.ksl.com/ Name: _pubcid
Value: 619faae1-c454-447e-82f1-fc11c79fdd22
.casalemedia.com/ Name: CMID
Value: ZEiIC9W5qezaTQnR9NkcIgAA
.casalemedia.com/ Name: CMPS
Value: 3257
.casalemedia.com/ Name: CMPRO
Value: 3257
.technoratimedia.com/ Name: tads_ipv6
Value: 2001:ac8:20:272::2e
.prebid.a-mo.net/ Name: __amc
Value: 1_1682475019_1682475019
www.ksl.com/ Name: visitorGeo
Value: DE
www.ksl.com/ Name: visitorCity
Value: Frankfurt am Main
www.ksl.com/ Name: visitorIP
Value: 146.70.117.108
.adnxs.com/ Name: icu
Value: ChgIrulfEAoYASABKAEwi5CiogY4AUABSAEQi5CiogYYAA..
.adnxs.com/ Name: uuid2
Value: 4734284114297359280
.rubiconproject.com/ Name: khaos
Value: LGX26PVW-1D-AQ61
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoVTrNAAKYJwQ/5onLiA/RiY1TdhAkPVQDw07SfgJDFJ0Y8xokzH94KTwYNHTxBv9Vo2B05UvZjLzV3gOdXM6J0sqlSNZOaaDQ=
.gumgum.com/ Name: vst
Value: e_6e5d5d75-7ec8-42db-9216-1580abfe2544
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdwXgciFy314eCa8DRCNeggGrjseZRwJeO1s7wLe7fQhoZdxTmDhc5s1R-C2zHo_aFjssR5O-Uy4gw
match.sharethrough.com/ Name: AWSALBCORS
Value: DMHBunxuegDtF6UNkpin/M1DHJ2TxXZyMHzm+zc4VAmC4gZdI9HFJt6hHuc3Z3KzCULUzyMpacH9fQVbsZ+YY68Aw7C5f3vJqvefcCaFAFfza4b+nAR6yYNRB74d
.lijit.com/ Name: ljt_reader
Value: GivirRZHvbncHQ_qRZ-XCKVp
.csync.loopme.me/ Name: viewer_token
Value: f1dfd24f-a625-46cd-a9b9-66a6eee31e81
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjU2s7Q0tzQ1MRXiM9QNM43yS60y8sl28wwCAO9eO7slAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjU2s7Q0tzQ1MRXiM9QNM43yS60y8sl28wwCAO9eO7slAAAA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 496EB1C1-3E9D-476E-AAED-C0EE0827A43A
.yahoo.com/ Name: A3
Value: d=AQABBAyISGQCEAZBuyMnsIw3sZes-dWsOhgFEgEBAQHZSWRSZAAAAAAA_eMAAA&S=AQAAAo51ttU6hq3BSJggCXq_Xow
.smartadserver.com/ Name: pid
Value: 5840567035177493182
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.brand-display.com/ Name: _knxq_
Value: 7525a75c-2a48-e6f2-f57102bc.1682475020.0.1682475020.1682475020
.servenobid.com/ Name: pid_312
Value: 4734284114297359280
.bidswitch.net/ Name: tuuid
Value: f3f8b426-da8f-449a-a387-184654c7eb32
.bidswitch.net/ Name: c
Value: 1682475020
.bidswitch.net/ Name: tuuid_lu
Value: 1682475020
.go.sonobi.com/ Name: __uis
Value: 03a58f17-c07a-4a5b-9d0c-cd28a98ee3a0
.go.sonobi.com/ Name: _usd_ksl.com
Value: a8b6ec8d-3eb6-4185-9169-09a6b0acc0d3
.go.sonobi.com/ Name: HAPLB8A
Value: s8551|ZEiID
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_327
Value: 85c6db8b-489e-448c-a82a-1f9a1a00002b
.servenobid.com/ Name: pid_309
Value: e_6e5d5d75-7ec8-42db-9216-1580abfe2544
.openx.net/ Name: i
Value: 610c5e86-5568-4780-a394-fb46b4c9468d|1682475020
.servenobid.com/ Name: pid_333
Value: ZEiIC9W5qezaTQnR9NkcIgAADLkAAAIB
.servenobid.com/ Name: pid_324
Value: 5133329525369979545
.servenobid.com/ Name: pid_317
Value: 5840567035177493182
.servenobid.com/ Name: pid_353
Value: 0000EEA
.servenobid.com/ Name: pid_310
Value: GivirRZHvbncHQ_qRZ-XCKVp
.servenobid.com/ Name: pid_337
Value: y-psEBYTJE2uFbtpF0BNyfbS3eS8otRms3L4hdXDA-~A
.servenobid.com/ Name: pid_339
Value: y-psEBYTJE2uFbtpF0BNyfbS3eS8otRms3L4hdXDA-~A
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-b36e9e86-f833-36d3-bbda-a201ad2db16b
.mathtag.com/ Name: uuid
Value: 6ff46448-880c-4400-99c9-7106f6ec4a31
.dyntrk.com/ Name: dyn_u
Value: 03010005_6448880c72218
.creativecdn.com/ Name: u
Value: nlyYhfBJOnxSCBAqu0wi
.creativecdn.com/ Name: ts
Value: 1682475020
.360yield.com/ Name: tuuid
Value: c00dc7df-0bf8-4f34-8a23-fbd14cfa7c1b
.360yield.com/ Name: tuuid_lu
Value: 1682475020
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZEiIDAAFfoTJQgAn
.demdex.net/ Name: demdex
Value: 33405125657101122704082349647464246661
.go.sonobi.com/ Name: HAPLB8S
Value: s8535|ZEiID
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFkYm5qYGRgamF4ShyJb2RoAACEXBvKIAAAAA
.quantserve.com/ Name: d
Value: EIQBCwHsKPijAA
.quantserve.com/ Name: mc
Value: 6448880c-94aa9-daa45-c027f
.servenobid.com/ Name: pid_346
Value: ua-b36e9e86-f833-36d3-bbda-a201ad2db16b
.creative-serving.com/ Name: tuuid
Value: 01096a83-8029-4d57-8ada-7103df63d524
.creative-serving.com/ Name: c
Value: 1682475020
.creative-serving.com/ Name: tuuid_lu
Value: 1682475020
.weborama.fr/ Name: AFFICHE_W
Value: xZd6spckEjzF22
.simpli.fi/ Name: suid
Value: A8E06D1614DD413797F6B0570DD730D7
.de17a.com/ Name: guid
Value: 1.834358739037025458
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5133329525369979545
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-kwtNP50HSWSIBk1mxAZUY8ReTTKIXEk1klkjrblQ&KRTB&19420-kwtNP50HSWSIBk1mxAZUY8ReTTKIXEk1klkjrblQ&KRTB&22979-kwtNP50HSWSIBk1mxAZUY8ReTTKIXEk1klkjrblQ&KRTB&23462-kwtNP50HSWSIBk1mxAZUY8ReTTKIXEk1klkjrblQ
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:6ff46448-880c-4400-99c9-7106f6ec4a31&KRTB&16736-uid:6ff46448-880c-4400-99c9-7106f6ec4a31&KRTB&23019-uid:6ff46448-880c-4400-99c9-7106f6ec4a31&KRTB&23114-uid:6ff46448-880c-4400-99c9-7106f6ec4a31
.amazon-adsystem.com/ Name: ad-id
Value: A-mlz3xZ2koIncy5GLwJOdw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.admanmedia.com/ Name: admtr
Value: b41812a1-ccc0-4681-9726-fd796b7c4ccb
.admanmedia.com/ Name: ac_r
Value: CS71
.zemanta.com/ Name: zuid
Value: zNxvqFBvHP47G0RQjmor
.outbrain.com/ Name: obuid
Value: 1865d37d-69e1-4cfc-8b7f-47ed0c74da69
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-834358739037025458
.ipredictive.com/ Name: cu
Value: 800bb875-75f2-48ce-827f-20047d786b90|1682475020676
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4fb91207-c335-5be2-6cb8-4641cefb7a67.5Y3ETEQyRjW0dHxntt5s9rVtPZV8m%2BUQOXuyvPTlgQo
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AT7kSB8M1W-JsuEZBzvt6Z5JGdWw.RH7U71IWdCejSqPX5y4wPMBHV3%2Bm7tjm8eLxSQA25k0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AT7kSB8M1W-JsuEZBzvt6Z5JGdWw.RH7U71IWdCejSqPX5y4wPMBHV3%2Bm7tjm8eLxSQA25k0
.adform.net/ Name: C
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 33405125657101122704082349647464246661
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEBzrM82dpsAJ7fWJBcbW-oc&KRTB&16514-CAESEBzrM82dpsAJ7fWJBcbW-oc&KRTB&23025-CAESEBzrM82dpsAJ7fWJBcbW-oc&KRTB&23386-CAESEBzrM82dpsAJ7fWJBcbW-oc
.turn.com/ Name: uid
Value: 2773916769363978637
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 70826096223715c2
.adform.net/ Name: uid
Value: 6716428918140250547
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1ff4c96a-4c61-4886-8d6e-0d14b2e4c048-003%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6716428918140250547&KRTB&23263-6716428918140250547&KRTB&23481-6716428918140250547
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1ff4c96a-4c61-4886-8d6e-0d14b2e4c048-003%22%7D
.audrte.com/ Name: arcki2
Value: 1g5uPzJeW3JRDif0VW2q9-Iug!20220908!1682475020934!ip#146.70.117.108
.audrte.com/ Name: arcki2_pubmatic
Value: 496EB1C1-3E9D-476E-AAED-C0EE0827A43A!20220908!1682475020937
.linkedin.com/ Name: bcookie
Value: "v=2&2165a339-7c4a-4fe9-8917-419387d435bf"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODI0NzUwMjA7MjswMjGoV6JcVsc/wBkE5GON5e8dNeDbmnWVVQpXG92puFgN3g==
.linkedin.com/ Name: lidc
Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2625:u=1:x=1:i=1682475020:t=1682561420:v=2:sig=AQGc-KXmoVgVAQBIUwlPChu5BRfTtlKm"
.bluekai.com/ Name: bku
Value: ikG9990/usuHKhXQ
.bluekai.com/ Name: bkpa
Value: KJhz0X+03M9R9mY7iE+Fwh4wCMAMZCOGWk9YxER5eWhnFEjOodg67Vbbbw3qqtgfGjrY1NdXI2IlyPBXlE2JKvKjrTCZtXlcbVJsoZ+fWfywy2DijTZ9/YefrUtz2KEj7jgp6Wp68Ru9lsh7fmmLWje2X5R5ZCTO6zlhrsd6TKz8oWUmVGH9Rlz+SPpkFLzAntLSIupkF/ouMy7rQx/ZNXJE4l0Cz1S9k0g7B5+hDDxgHNJKImglJjn0fRfinB7QroeQ8tAVm7uNpP5oMzkuCaULfQQrt/LG3yG7LAhaPiN5ZSENHAPITAPR8zei6P+fBzaL5nmFP2w4sd6/8rwhIcL97AkKcQ==
.audrte.com/ Name: arcki2_ddp2
Value: 1g5uPzJeW3JRDif0VW2q9-Iug!20220908!1682475021112
.audrte.com/ Name: arcki2_adform
Value: 6716428918140250547!20220908!1682475021274
.bing.com/ Name: MUID
Value: 2CE0F6B4410E67072E73E44B400E661C
.c.bing.com/ Name: MR
Value: 0
.mathtag.com/ Name: mt_mop
Value: 4:1682475022
.awin1.com/ Name: awpv20044
Value: 412871|1682475022|801c3740-e3d7-11ed-89a2-223974343f8d
.awin1.com/ Name: AWSESS
Value: 415363:2904924
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjIwMDAwMDAwMDYxNjgyNDc1MDIydmxlYTFkZTIwMjMwNDI2MDQxMDIyODQzMTY0OTk5MjlYMTE3NzAzVjEyMjYxMzI3MDJNU21tX1NVQklEVEVTVF92aWV3MTE3NzAz
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023042604102284316499929X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjIwMDAwMDAwMDYxNjgyNDc1MDIydmxlYTFkZTIwMjMwNDI2MDQxMDIyODQzMTY0OTk5MjlYMTE3NzAzVjEyMjYxMzI3MDJNU
.pubmatic.com/ Name: DPSync3
Value: 1683676800%3A235_227_226_219_197_201_245_241
www.ksl.com/ Name: _lr_retry_request
Value: true
www.ksl.com/ Name: _lr_env_src_ats
Value: false
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
www.ksl.com/ Name: pbjs-unifiedid
Value: %5Bobject%20Object%5D
.servenobid.com/ Name: pid_316
Value: 496EB1C1-3E9D-476E-AAED-C0EE0827A43A
.analytics.yahoo.com/ Name: IDSYNC
Value: "198o~2baq:175w~2baq:18z8~2baq"
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4734284114297359280&KRTB&23339-4734284114297359280
.adfarm1.adition.com/ Name: UserID1
Value: 7226175200131283083
.zeotap.com/ Name: zc
Value: ad493d66-ab07-42bd-4dd6-ad9c07179785
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7226175200131283083&KRTB&23369-7226175200131283083
.pubmatic.com/ Name: PugT
Value: 1682475023
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-T7kSB8M1W-JsuEZBzvt6Z5JGdWw&KRTB&23334-T7kSB8M1W-JsuEZBzvt6Z5JGdWw&KRTB&23417-T7kSB8M1W-JsuEZBzvt6Z5JGdWw&KRTB&23426-T7kSB8M1W-JsuEZBzvt6Z5JGdWw
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: SyncRTB3
Value: 1685059200%3A203%7C1683331200%3A63%7C1683072000%3A223_2_15%7C1683676800%3A166_7_56_55_22_81_8_161_220_46_71_176_249_233_3_13_251_234_238_21_204_214_54_165%7C1683763200%3A35
ads.avct.cloud/ Name: uuid
Value: ca89b59c-ad9f-4f42-9f9d-17b75509a161
ads.playground.xyz/ Name: connect.sid
Value: s%3AXIgOHZlJ6n-aEpykAzyo3YvYsdhhGhvO.YZgqYDNCTk1FEV9hXxOtWG4RKjTqQnUJRnlunzrK7aQ
.ctnsnet.com/ Name: cid_7d5b03ff8ed5492ba2c74bda8c2d84ce
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2773916769363978637&KRTB&23150-2773916769363978637
.adsby.bidtheatre.com/ Name: __kuid
Value: f00dcedf-d5a8-4232-87c0-ce40962269dd.451689023
.onaudience.com/ Name: cookie
Value: c4eced2fb2bb3330
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-f3f8b426-da8f-449a-a387-184654c7eb32
.smartadserver.com/ Name: csync
Value: 124:f1dfd24f-a625-46cd-a9b9-66a6eee31e81|127:AAGdOU7IkRAAACB7N06IYQ
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAGdOU7IkRAAACB7N06IYQ
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-oOrhioAtM&KRTB&23413-oOrhioAtM&KRTB&23479-oOrhioAtM
.onaudience.com/ Name: done_redirects147
Value: 1
.semasio.net/ Name: SEUNCY
Value: 2C861BDCF7175319
.tribalfusion.com/ Name: ANON_ID
Value: aensIHu4YUdmqcn63go1j8ltjGUihwoZa1oEtZby4WtXaWpmUTHs0Ve8Qw4aaGfVYv75jkVNBaiFwpfw9VvOLxOQ84
.pubmatic.com/ Name: SPugT
Value: 1682475024

19 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.bxm2znbxj6xq&_bee_ppp=1
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security warning URL: https://www.ksl.com/ensighten_news(Line 576)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://www.ksl.com/ensighten_news(Line 576)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://www.ksl.com/ensighten_news(Line 576)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network error URL: https://messages-microservice.ksl.com/user
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
security warning URL: about:blank#blocked
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: about:blank#blocked
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network error URL: https://signal-floors.s-onetag.com/www.ksl.com/div-gpt-ad-1%252B%2526div-gpt-ad-2%252B%2526div-gpt-ad-3%252B%2526div-gpt-ad-4
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=496EB1C1-3E9D-476E-AAED-C0EE0827A43A&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://as.ad4m.at/ad/dr?ed=1jq1ybqxqqbgvzk9k7sn8e3jav44ttb13pg76f71yh44dpd232qe1wfpps13wttzv0rgcgnwcx99rgjvamgbzn7nfsjw5wk45srfjydxfasew9kh9z5y1b77yytede6tkqd7a5wf45mcg3sy2yjh8rwhj7h02zskxsypwp346bdqsrn2s3qah9dqvwfawx5hw4vq9eya5svwb8v4p8xnx00vckdhkn41c5v50f0vx790rzb4dkbj98x2ycydyj7jp1fe75ajmmbnq23dmpe1sahbpcz9zb2pvcdes54x4k0rdsz6mhf4wtwr1k3qf615t9tc88ehmqb2jzwr6j4fegh4wd5y9212a9nfscsy3nrszn1gx3zjgvfvsf5r3psk6yysdz4063s058764ch1mt6cka5nqkfgwsx74wvafqzcnt8abqy00avkcyhw3j6k6wnpdsvy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%26client%3Dca-pub-2697679518515886%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=3b9a464432c568e2fa211b3db6b3d172%2F8136189430209663707&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682475022233&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq3mbe2jv5tm1p60dpqnxbn3gxaexpmsnttx2q1yr5tsvdv94m7c6d1jsnn8238yjxpazszfdegqvek2gckam0223mar5j4egwgdbk6dr2gs4n14vdmefnd72hz6t4hk87y8rhzzj5svpc2rx47rfwhzvjg34s4dmbvwmvccr6anj6jjcp6zam86kkyjh08ep4p53hgmms2428y393rpnsvmbqvy4ry6pwpepmvg9q0mhbxzprqjthaw2wccqseh18b1ahns7ngcny3zyhq872y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8VuJDYhIZKLqAtXngQfH4qm4DZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAlt18_9Wa7I-4AIAqAMBqgSJAk_QpnqbmpneA5C12gz1zj6RLnux4PMNAqqR7_yajXoqVrtnLOuqKvmCCkiqUVzRuuUe9CSVqe1whSPdEYBkf-nHGmMVRX-lZSShkoGy0tpk9htW3oZ4LwLp9_270-trrCAMmTCO9AttB0WDUq0vo92eCj32NWIzEXiv4Eu2mI9sPwRxeCk_0T-W5wCD1ZWxtqSRUg6tU27lukGnLkzdeBUOTjiQFC-hNXZHFgERWWgglC68HNaF1ylqh8iS1ZB7yGjyALaAoREnPItpbnjiyuBwR1I-sGKFQ9PpfNlYOgVpzlJqTQtoA1lCOi6RxwBzhIZDR4U4vwU-RleT175amxWOTRbufgQxXgDgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33ZtaXdgxsZWxXeUZXtyr6p4kt6A%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=88
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad4m.at
ads.avct.cloud
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
analytics.webgains.io
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
api.webgains.io
app.protectsubrev.com
as.ad4m.at
assets.ad4m.at
auth.instiengage.com
b1sync.zemanta.com
be.durationmedia.net
bh.contextweb.com
browser.sentry-cdn.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c283d98ecaf37d57f720ced6dd408cf0.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.confiant-integrations.net
cdn.indexww.com
cdn.mouseflow.com
cdn.siftscience.com
cdn.track.production.webgains.team
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
cookie-cdn.cookiepro.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csync.loopme.me
d.adroll.com
d3lcz8vpax4lo2.cloudfront.net
d3njgrq4uvb497.cloudfront.net
d5p.de17a.com
d83ccd49a564545a3e12848d1db5fdf9.safeframe.googlesyndication.com
data.privacy.ensighten.com
deseret.technoratimedia.com
df80k0z3fi8zg.cloudfront.net
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
event.insticator.com
ex.ingage.tech
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geoip.insticator.com
get.s-onetag.com
gu.dyntrk.com
hb.minutemedia-prebid.com
hbopenbid.pubmatic.com
hbx.media.net
hexagon-analytics.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.ksl.com
insticator-d.openx.net
insticator.technoratimedia.com
ipac.ctnsnet.com
js-sec.indexww.com
js.sentry-cdn.com
js.stripe.com
ksl-d.openx.net
lb.eu-1-id5-sync.com
m.stripe.com
m.stripe.network
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
media.twiliocdn.com
messages-microservice.ksl.com
mwzeom.zeotap.com
news-api.ksl.com
nexus.ensighten.com
onetag-geo.s-onetag.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pages.protectsubrev.com
partner.o2online.de
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.rubyblu.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebidads.revcatch.com
prod-rtb.ad4mat.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
q.stripe.com
r.turn.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-floors.s-onetag.com
signal-segments.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static-de.ad4mat.net
static.ksl.com
static.rubyblu.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tag.durationmedia.net
tagan.adlightning.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
web.hb.ad.cpe.dotomi.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ksl.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
104.18.10.47
104.18.11.47
104.18.24.185
107.22.59.202
124.146.215.48
13.224.189.48
13.224.189.86
13.224.192.181
130.211.32.235
141.95.98.65
142.250.181.226
143.204.101.39
143.204.89.74
147.75.84.158
15.197.193.217
151.101.194.49
151.101.65.108
151.139.128.10
162.19.138.118
162.19.80.91
164.92.213.94
167.233.13.224
169.197.150.8
172.217.16.134
172.67.14.39
173.231.181.122
178.250.7.11
18.132.51.149
18.133.81.67
18.203.208.238
18.66.112.41
18.66.147.106
18.66.147.52
18.66.147.69
185.184.8.90
185.29.134.244
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.80.39.216
185.86.139.102
185.89.210.141
185.89.210.20
193.0.160.130
195.5.165.20
198.148.27.140
2001:4860:4802:34::36
213.155.156.180
213.19.147.45
216.52.2.16
216.52.2.6
23.21.155.77
23.35.228.23
23.35.236.201
23.56.202.187
23.56.205.163
2600:1901:0:76b9::
2600:9000:2057:ae00:19:7d10:bd80:93a1
2600:9000:206f:5c00:9:78a:e540:93a1
2600:9000:223d:8400:10:ce97:9fc0:93a1
2600:9000:223f:6800:1f:4c18:bd40:93a1
2600:9000:2251:ae00:10:3422:3f00:21
2600:9000:2491:2000:1c:386f:ec80:21
2602:803:c003:200::41
2603:c020:400d:3000:f50:982a:7877:65bd
2606:2800:233:f76:14f7:d635:25c4:c8d7
2606:4700:10::6816:43d
2606:4700:10::ac43:db6
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::681a:ce1
2606:4700:4400::6812:220a
2606:4700:4400::6812:2894
2606:4700::6812:19ad
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:806::2001
2a00:1450:4001:808::2008
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::200e
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c0a::9b
2a04:4e42:400::729
2a05:d018:cc3:fe05:e045:2f8c:2f3e:d94f
2a05:d018:d29:3602:f896:3671:b11a:dd53
2a06:98c1:3121::3
3.122.79.66
3.124.173.63
3.216.217.223
3.217.85.246
3.227.181.176
3.227.73.41
3.70.80.110
3.71.149.231
34.102.163.6
34.102.232.42
34.102.253.54
34.111.129.221
34.111.131.239
34.111.151.213
34.120.133.55
34.149.20.76
34.247.205.196
34.249.69.20
34.250.10.83
34.95.81.168
34.96.67.224
35.186.193.173
35.186.253.211
35.204.74.118
35.214.153.92
35.230.100.254
35.244.159.8
37.157.3.20
46.228.164.11
51.222.80.231
51.89.9.253
52.18.4.70
52.46.155.104
52.49.52.255
52.50.75.253
52.51.235.201
52.95.122.74
54.186.23.98
54.187.99.131
54.225.103.173
54.227.76.181
54.235.234.56
54.93.154.54
64.147.130.148
64.147.131.160
64.147.131.201
64.158.223.140
64.202.112.255
65.9.66.24
65.9.66.33
67.202.105.21
69.166.1.10
69.166.1.15
69.173.144.138
69.173.151.100
69.192.160.219
70.42.32.255
77.243.60.138
77.245.57.72
80.77.87.161
84.200.5.215
85.114.159.93
89.207.16.146
98.98.134.243
99.86.4.52
99.86.4.9
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
02c604ce4a743bf32a3b03577d5fd882471ebff8dfd223985a9f5a068cbc621d
02d46f48955fb155e11ab9c892f2eb8436118171ccb40040a09f197e51362c47
02eb04d67c2aa1fc80a323c7aa6d9a0ffebaf83c9bb6effeb3b57b9ce2669b7f
04a279b71eef60b3cdd816fb23751fd2eb86de757f4285914613ded6792dcc86
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
07656a2adff8d382f921e38d596120cdf3f4255ee5eab320421cbf4fe389b470
07982897340672379f268b1272ae3c8a34d3e4047736753447a45586b6083c17
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0865523016de3e0634fb7582358cc22c76d5e670d8a5ad928683b0a61732363b
087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d
088dbe5e4bb2f902e2e7c62ca7a15bae5cb55f4708d99f7c4daae7148a19a865
0a1e4c37310c39957d6a1dc2536b1b4d6473fac156464135afe1a10863eb8e2e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca8e9cacbd4a8bfe53891289bbf2f2422f28fa012b8384390a048f8c91350db
0f4328dd583577482da89d8af94cd1146cec997553dd53bc2f9ee3d406cfa9ce
1046556f3287ce2629cfa94e16d0ed14b39ffadb1fb62fe3a962afaf8f04ffb5
111cfd4b27bc80b3ec74a9b560d55854eadac55c094bdc862807f806682b40ce
1352d98291981d5de453bedf44dbc99a22689eebbae5d548daddc7e1128ee697
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
15df8c6c38b0eb51c86085207ed9e4c40fdc318079d877fb52ade22ae0e19ba8
1757fd3889e518848bb6fbd879683daf74422b7928967969be977ac28a84651d
175b877b387500f26ef72db9e4f4a9ec9b561cdead3e7b57b42fada252e87e5e
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1c7d8bece645148ef450d51239483d24064975e6d7d94a250bd32a88f8066b82
1cba5e41ab4f810ed08be5d948c27977f77eca53a95b632ceabc650d634f4535
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1df9aee0014c1553fa6f462aa38714f3f35678bba639483b6141e42e52ec2951
1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae
21cd559db3c100842a8ef209f2579e691ee47e2d1469ebeaaaac7cbd439509ab
239fc127561ee7617947020d9e5db6339a54ee6dcec914094f55fc740f637323
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2af6de0161679525ed17e3cab74b1f2ecbadbf3a3e83706d44549aa377daec16
2c49a101969df6c5a1f16910f1321e4485531589fa5b5df567dad4d6d5498c3e
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d
32dddeed43e3fbde44d76523d3a40dc8a00aaaee5f9f319f21e7c769ef2a43cc
34afbbddb63363c4a20897ab7d2586df8db2e817c0c1218c54e99de841f0526b
3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
366ff6662ca78ca22a437b7ed0fb6c2dc5018889123e4bcbbbb8d41efd1e7c51
369f20e17ce9308e9e488e6fdbdf3aa0e3c8c4705b903c23cd610e7c41eedd16
3765c2dfc7d63a4c31891a3a38f7c1f4d0d9bd0c9bcd7c9c17fdbe3e496af4de
3a49cd8fd0e016991f1f7079f2de6a46709e4e74920d5be9b900059ba16fada1
3be7ee82747b50bd96eebb21a9a7d67f67d98bc67d383b66a5fb28ae8fe7bed9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e2144161706d7aa103f8478b83acbf07fdebf04172653c82c5e4145fcb6408b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
42ee378eaae1ea2d89bc161c171e2e413af4564cbfeb131b6e6f08c3db3b4e43
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
45df8300639a2c449239e3f0ddd1575ec2a867266840be6309b69903f032d919
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85
4a34e5dd7061d76c1db4ed23204d7a47d08db818fa49f7a6195899a7bfeeb828
4b977bf6527db152aec01f17b8ccdfcb28ba1526096c1af1d784cef47eab2fc6
4ce959b4e1924e20460aaf268f8a697887c4aa42014abffbbdcb32a39abc9d1d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
502bb63550cd079d5447f95d545f65bb1ad7edf88d42bd409b6e8c9f11a11566
517804de83d11ec1469b839d29b9be9ae3d28bdcc4c1148b851af286003f1a2d
53be8563970adca668a392dc8601a9a9b3bfa2502253cff54d56155c2f5918e2
53e0cfe5a911f5faf9325f459850c6898dcb83914c5353fd8d8ac0f1ddf43775
54d7476e51d2e6d5c1777199d3a168155d0e5f6fbef1dbf4f33f6bdcfda0df17
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564769d95ea349e3a6a0ab89ae661e3ed164e32fe2f845122acbed9f4862d3fa
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
56d7d530b05d933f850a7010cb84959a31b634cddb142607288ddd6e7692327f
57de05264028a31a958c3315bb559a979fced7919c8920a4c36beaa14c5db5a1
58000a1ff5c085996eed8210b5d7db6ac325a6336108f45e20313aee88a42aef
5b52ce687db05ccd471954f194674af517f6c8db0b040bd57ed5dc029d584feb
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
60e384e3d355a4dc81603132dd733800f17de974229c9d5755d3117ca2caa93b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64eef05bca2963be525720c85007bd5be02f99a70b490de792b6d5303aa8269c
667972a15a943e8dd3ec1cbe0c5e8c8c2ebc08b3adbab0acf944e991ad5e350c
68f3e36ddb7827da173cedd0e1c166bd6e2782b4aa7c2168b5ea05b8b7ca756f
6917ca23027895f3670bc51b2c0b56115d759153e3082310172287573a28e6cc
6aa3150c8219b0d75ed240d85c972665d26bd6fb8d66b4200391a338ac7557dc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6bdb341440c662d46a4fe200f47772ede3040d2ce52ecfcab8f017f4fa2738
6b81643deef20fd1b9ce3940b869880e55c5d0d46ef7c10f5b1ac52d6e47c2cd
6ba797956f6d29b650d458897e48a190cddf0a6ba374350c0bb565fa04f80d65
6f3a01e144ec2db45bb24f5ee5e9ed1da37760b01593395c01e4c1e4780b89ae
6f5a74ea4fa94eaadca122239fe4031ac54bc6ccd5dc4324c2751ea86a943124
70f6d6e35022b077756bb5356f79654816d010063fd57a5725a2c69b19856513
711134976181adb2d46f7cd3eb5668d89149028592caad25564747b6b9236fea
7139a516d34e8287e32158a5208e4f6758dd6544a4e5ff30bccf0d05abcd6b16
716b82c3e58ae25b0d300b57afed6cf313338d9bbb6a14d3c607edab2575fae3
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73da3b369596f2ea8e701ec80155bf93c638eb66f1de5eac9a88f2eb8e565fd8
772e9fbdba851de624a2de4ed759b0752d6681ae1feef9d1859508e3d26dc729
77ed4d213ee67d980fccc23c10ae50011c9cdc417cd98f7030ec795f1791a7da
7815473f068f708bcde391e444f1e2d3f19d1ead1174a2281a8833648356b80d
79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8005e9fe5a4f7da9c83d15dbd8742eedcb03b7e3b9bf8408cba885e898a67aee
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca
878a331836150935afb12b3ec3e5521dadd7902173b4fd24adfee940a3931b61
8962cda663958c916414d04ee15873722d4d0604001d8bdf4f4e7460a37dfe73
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b512b1e143d27297a87f49b35f418f656508da018781e9e87019fa2922b6fb9
8b58caa65faa08db33acd759d602127d7104847752c7f4f28acfbfa3815c6da2
8c9dc2e1b5bc7767c70ac0231321f202797bfa38dfe330150a1b1ab6bb46105d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de978b510b045a8779d7c15cf6e3287d97ac7d3bea8527b6511f9cd6fb781ea
8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447
8e23c65ac4ccb850c2355ee4b26d77ea7202183aabb3d1a94fd6033311f86985
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
90767fabd53fe6949c8e19f3ab9d3da69cfc52c7bbfafe42739ed14c2e837920
90ccee6904ff98b13b372eaaa87d8629cf12fedc238801722557c19562540b2a
9122d35ca0b1532a344f0801f9004b862de73fe3ec70d6eb04a345cc02e8e2a3
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95616f34a1e85258e238c14c3aa1ca3fb74a35703e0e8eb2cb4c834a423ee697
96ef25e49f08e1b85f724d7d792b0186c58e78f25ee4a5451f3aefc7ffb4ddea
96f869fa9eb6dd696d098d53b949165f5a21b45e2c65d9c0d40cc0f75f5c394b
97cc1c91070e278a0fe69e25c2f8f917517d950af0ac4915c7e5de0347b25143
987a0c16c0f4200eb6b82dec5896e0dcb809d390bf3caf366044aeab6dabcea9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9903035e5b61b366e5709819a66349add4a4d132af460c00dc37babc30774ebb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
a00acf9938b5d93a043cda293d61be1f2842e1ccf6e3c2ff303560fe0d52f61a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2a7a8a9f2edf6156960595df99ac2fb2c8067ce0730ff0d7d457c3616a1b887
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a7921b1571870bdf998d2ec79a1302ff957c0856603a32052cb73f525f7a7184
a99409d3936e07e64095dc36275663cf599da1c031c6692fad0fd14126461568
ab2587ffe2023ebe27951a4e32a7c39675398afcace2e697d9ecea44f4d3a01f
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad807567914c3d22abb9a5aea1339fe5b16524591ea5f9222f153a21ab4560bb
af3db37cd37f8c6425e168cdde71e01053db2350a26ce758c1393820a2497453
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19f6b62b4386e5d542b909fc74c74febd0673504147ee7f81380969fdf27d17
b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d
b31f428807652d424fffdccb7f1136db49c46c285deb4ce2f5278daf7c2d16cc
ba3e3e949b215852ecf6544342fc51d6107aa244c3423e084e67946e99a57edf
bad0df693ad0a15a34c0e6dcf035b49ef766fdf26f87f5b7fc249d12c5d84091
bb2f78ca38fb772d6a66c435607ca4b95a0a60f532f7de3b6a07e0a2ce3327cd
bb5475141629bcfd2cbfc8d6a2703fc93def1efc916f7f46a27e6c0a5f1f1174
bb660b202f74be0a5a795ed49294eb04ec9094770358cf4bca8176f3905e22fa
bc65ca6d9248fe3d55c74b3bcca0bdddf9ca871cb9f60570ceafe274f8265e9b
bf64852d6ba356ad309f01e973172dedbcd33fcc0823bb2e98484028c12a8074
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c28957e93457965263407d0f2a745b1b8bc118e46c38b5da75915558e4a81f03
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef
c3adf27b675b74309190e5e8488c721cbf0907909941004538a706a969562b90
c43f1c90530a01ff62e8403f0f2b2e40f4fcdd0e51ae4fb6b89579fc547fc05f
c65f76a3628b57fd2c40dce057663ac5c45ef92326c9cce3acff8e437dbead10
c7d2c0791ad181a85f3590f792a95ed07df8b248146bf42a6eb032ea370fdb17
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c97a1fa150377a0ccc902c9b567fa7744d5b883396aaaeb55a836258a29a41a1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe0d8a95e939e84e53b647392d8a2f021972eaeacf26df355a01875c6f940b5
d0ba6ae3f869ef3b1fd5b0751e54c88de732c5041d081f62bb948c1bed1d1f65
d18c05b903e42fe072a80fb16a7aae87c94e506237fce86f68ad8241fa70f759
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7c11622f711882e65363525500cffd038d47b36fb54f1e027bef3ad93c09875
d83bc093af7fb0dbc851442031ed6fe10c7f9b15c02ba047bf6a6b95be11e39f
d93ffc94ba249bd3d9dde170fac6bc48bd56c1fbda9af6b89acdaaacae09408a
da64160b1fc33ec4dcd7fb591cae51ed641b081dc85de5ba7fbe159d52fd95aa
db2ee7a386958f6e858c181063d50b9bd3dfe79f9318bc1550d15482a5e49350
dbb55ad540c126c529554d0145d5ff99342d32f201202d10c09dcc4ec48a953c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dfb56c1fb0078937d3c9fabc28063e9ae311c8147132b043db92d9b366a6ffff
e1871d9be5879b788dd9f3088b7c9411bd9c2dbbb87b435062a7f9fb5133ec40
e2519179fc7e69cd8e9b2e78c0f2dc3696b6283242d2dae249ad3ecb88c55b2f
e316b868ed9c868fb27430b2cf7a60a49bfc0b5503a9775c5a73ad7d8911d2cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76b4d2973a7c83ba07e6a31945344a4510620f921d25ac742d107aee10325a8
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e7c4de52590b8796a00be1ad80242a15875d929508aaa6d211236ea8741a0ae1
ea894a98bca06239c4ca61cc092fc6ba6495acce946e13959d528274a0d2d8ec
eac9cf01e4fa457918e5b48223b6613fdeec93a55f005166a9cbf0466f518baf
eb12070a6b2aa3c1c3db3386bfe577c9ee57bbf7af2a7a541b2c5dd2e189ceac
eca0b00bcdc228fa9087597c23b3108ad4c079791b6ddd56658e48ce83939b6e
ed51c6c44f063fffd3fef1042b859a00d4cbdcee5dbc742c758f7a275ff85f58
eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017
eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fb06dd9491033232d264501441a4cc7759b9121a30637e908b357ffda11583
f1794e88326da2fbaad00cb551bb55d6f7d30d50bd3bf392c08f87281f1b5770
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f309d2f3633cd87e36d55813f09b751a231548ff773136e3ca121c341bfd07f0
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f49b521799308f8cf36318142dbab92925dcae0ca9e2e35050f7d7635ce6c4b0
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e
f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af
f9cdab9e45d475492914a9d0cd174ef2eea98f9d2bea9679866a2cf51fae0b19
fe1a293cdb4905ed390da36b47fa01878068dc52306b495f97d39c56f00ea2fc