Submitted URL: http://click.oi.com.br/ls/click?upn=5zCDL-2BIpvU4z1elswBBmmTinI5M7jgVe7J8tz5U5f57bXY9Cj4YlOizeuxQkpfcCk-2B7bL-2BOloBfXo...
Effective URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Submission: On May 15 via api from US — Scanned from DE

Summary

This website contacted 93 IPs in 8 countries across 73 domains to perform 333 HTTP transactions. The main IP is 108.157.4.104, located in United States and belongs to AMAZON-02, US. The main domain is www.fox13now.com. The Cisco Umbrella rank of the primary domain is 233619.
TLS certificate: Issued by Amazon on February 17th 2022. Valid for: a year.
This is the only time www.fox13now.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.52 11377 (SENDGRID)
6 108.157.4.104 16509 (AMAZON-02)
6 99.86.7.103 16509 (AMAZON-02)
3 2600:9000:214... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 104.102.29.173 20940 (AKAMAI-ASN1)
1 13.226.132.34 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
6 65.9.66.173 16509 (AMAZON-02)
1 23.35.228.23 16625 (AKAMAI-AS)
1 104.92.74.8 16625 (AKAMAI-AS)
1 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 35.227.208.151 15169 (GOOGLE)
1 65.9.61.60 16509 (AMAZON-02)
1 19 151.101.66.137 54113 (FASTLY)
1 34.194.161.83 14618 (AMAZON-AES)
1 2.22.32.24 16625 (AKAMAI-AS)
10 142.250.186.66 15169 (GOOGLE)
2 99.86.7.96 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 3 99.86.7.38 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:231... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
5 34.98.64.218 15169 (GOOGLE)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 34.149.20.76 15169 (GOOGLE)
4 54.229.167.98 16509 (AMAZON-02)
4 13 37.252.173.215 29990 (ASN-APPNEX)
3 18.156.195.47 16509 (AMAZON-02)
9 159.89.246.130 14061 (DIGITALOC...)
2 3.67.60.21 16509 (AMAZON-02)
2 2602:803:c004... 26667 (RUBICONPR...)
2 8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.194.137 54113 (FASTLY)
1 151.101.2.137 54113 (FASTLY)
6 18.216.214.100 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 92.122.144.70 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
1 108.157.4.44 16509 (AMAZON-02)
18 2a00:1450:400... 15169 (GOOGLE)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
4 18.157.243.170 16509 (AMAZON-02)
16 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 8 64.202.112.191 23352 (SERVERCEN...)
2 151.101.114.132 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
5 14 142.251.36.66 15169 (GOOGLE)
5 7 92.122.147.230 16625 (AKAMAI-AS)
2 142.250.74.130 15169 (GOOGLE)
2 151.101.65.108 54113 (FASTLY)
2 104.89.20.125 16625 (AKAMAI-AS)
6 12 76.223.111.18 16509 (AMAZON-02)
2 99.86.7.45 16509 (AMAZON-02)
1 67.202.105.22 ()
1 141.95.98.66 16276 (OVH)
2 2 54.155.65.255 16509 (AMAZON-02)
1 34.247.233.198 ()
2 18.195.155.181 16509 (AMAZON-02)
2 178.162.133.149 60781 (LEASEWEB-...)
2 216.52.2.19 30282 (AS-INAPCD...)
2 35.186.253.211 15169 (GOOGLE)
4 4 18.194.10.133 16509 (AMAZON-02)
5 5 3.126.56.137 ()
6 52.223.40.198 16509 (AMAZON-02)
2 2620:1ec:21::14 ()
3 4 2a05:d018:d29... 16509 (AMAZON-02)
3 5 3.72.114.165 ()
4 7 209.54.177.54 ()
3 92.122.147.28 16625 (AKAMAI-AS)
1 104.36.113.23 ()
1 3 69.173.144.138 ()
4 4 69.173.144.165 ()
2 35.244.174.68 ()
1 2a00:1288:80:... ()
3 4 37.157.6.242 ()
2 2 151.101.130.49 ()
1 11 185.64.190.80 ()
2 2 185.29.132.245 ()
1 178.250.0.163 ()
1 72.251.232.228 ()
1 38.91.45.7 ()
1 1 154.59.122.79 ()
2 2 35.157.46.192 ()
1 2 23.75.246.168 ()
1 2 2606:4700:440... ()
1 2 52.206.177.106 ()
1 1 2a04:4e42:400... ()
1 151.101.65.44 ()
1 1 23.88.75.189 ()
2 198.47.127.20 ()
1 169.50.137.182 ()
1 1 2001:678:cb4:... ()
1 1 34.233.85.84 ()
1 2a02:fa8:8806... ()
2 2 54.170.158.38 ()
1 1 34.102.253.54 ()
333 93
Apex Domain
Subdomains
Transfer
34 googlesyndication.com
109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 95
tpc.googlesyndication.com — Cisco Umbrella Rank: 130
391 KB
33 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187
stats.g.doubleclick.net — Cisco Umbrella Rank: 92
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284
247 KB
28 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3462
cds.connatix.com — Cisco Umbrella Rank: 3527
capi.connatix.com — Cisco Umbrella Rank: 3859
lit.connatix.com — Cisco Umbrella Rank: 7741
ins.connatix.com — Cisco Umbrella Rank: 7431
capi-tier-2-us-east-2.connatix.com — Cisco Umbrella Rank: 4708
vid.connatix.com — Cisco Umbrella Rank: 4303
img.connatix.com — Cisco Umbrella Rank: 4210
395 KB
20 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 264
216 KB
17 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 439
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com Failed
image4.pubmatic.com
36 KB
16 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2659
fastlane.rubiconproject.com — Cisco Umbrella Rank: 471
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3605
eus.rubiconproject.com — Cisco Umbrella Rank: 556
pixel.rubiconproject.com
token.rubiconproject.com
131 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 240
acdn.adnxs.com — Cisco Umbrella Rank: 596
secure.adnxs.com
44 KB
14 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 559
eb2.3lift.com — Cisco Umbrella Rank: 414
6 KB
13 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 870
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 485
ads.yahoo.com
6 KB
13 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 288
s.amazon-adsystem.com
45 KB
11 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3242
sync.serverbid.com — Cisco Umbrella Rank: 6484
x.serverbid.com — Cisco Umbrella Rank: 11599
4 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 344
217 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 7
adservice.google.com — Cisco Umbrella Rank: 74
2 KB
9 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1327
widget-pixels.outbrain.com — Cisco Umbrella Rank: 2750
odb.outbrain.com — Cisco Umbrella Rank: 1442
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5708
mv.outbrain.com — Cisco Umbrella Rank: 3326
103 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530
6 KB
7 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 4142
log.outbrainimg.com — Cisco Umbrella Rank: 2136
images.outbrainimg.com — Cisco Umbrella Rank: 1997
14 KB
7 openx.net
ewscripps-d.openx.net — Cisco Umbrella Rank: 44185
u.openx.net — Cisco Umbrella Rank: 756
us-u.openx.net — Cisco Umbrella Rank: 399
rtb.openx.net — Cisco Umbrella Rank: 1524
1 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 338
2 KB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 497
p.typekit.net — Cisco Umbrella Rank: 633
69 KB
6 brightspotcdn.com
ewscripps.brightspotcdn.com — Cisco Umbrella Rank: 29424
316 KB
6 fox13now.com
www.fox13now.com — Cisco Umbrella Rank: 233619
333 KB
5 bidswitch.net
x.bidswitch.net
2 KB
5 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1459
usersync.gumgum.com
13 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
21 KB
4 adform.net
c1.adform.net
2 KB
4 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 435
1 KB
4 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 407
742 KB
4 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1489
ssc-cms.33across.com
686 B
3 cheqzone.com
ob.cheqzone.com — Cisco Umbrella Rank: 7839
obs.cheqzone.com — Cisco Umbrella Rank: 5035
20 KB
3 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2139
pubmatic-match.dotomi.com
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 141
2 KB
3 ewscloud.com
api.ewscloud.com — Cisco Umbrella Rank: 41050
static.ewscloud.com — Cisco Umbrella Rank: 55865
7 KB
3 analyticssystems.net
analyticssystems.net — Cisco Umbrella Rank: 9246
2 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 882
132 KB
3 cloudfront.net
d3plfjw9uod7ab.cloudfront.net
79 KB
2 avct.cloud
ads.avct.cloud
894 B
2 taboola.com
trc.taboola.com
match.taboola.com
530 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com
575 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 owneriq.net
px.owneriq.net
476 B
2 w55c.net
pm.w55c.net
1 KB
2 mathtag.com
sync.mathtag.com
1 KB
2 everesttech.net
sync-tm.everesttech.net
743 B
2 rlcdn.com
id.rlcdn.com
idsync.rlcdn.com
45 B
2 zemanta.com
b1sync.zemanta.com
602 B
2 linkedin.com
px.ads.linkedin.com
1 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 615
554 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1014
952 B
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 933
82 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 646
626 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 175
74 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5483
adservice.google.de — Cisco Umbrella Rank: 7678
1 KB
2 tru.am
tru.am — Cisco Umbrella Rank: 5962
12 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2689
p1.parsely.com — Cisco Umbrella Rank: 2118
24 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
86 KB
2 media.net
hbx.media.net — Cisco Umbrella Rank: 1514
hblg.media.net — Cisco Umbrella Rank: 1491
131 KB
2 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 501
8 KB
1 playground.xyz
ads.playground.xyz
468 B
1 ipredictive.com
sync.ipredictive.com
522 B
1 turn.com
ad.turn.com
518 B
1 simpli.fi
um.simpli.fi
611 B
1 loopme.me
csync.loopme.me
218 B
1 acuityplatform.com
ums.acuityplatform.com
674 B
1 deepintent.com
match.deepintent.com
45 B
1 adgrx.com
cm.adgrx.com
408 B
1 criteo.com
dis.criteo.com
363 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 663
1 KB
1 aswpsdkus.com
aswpsdkus.com — Cisco Umbrella Rank: 5400
38 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
42 KB
1 scrippsdigital.com
assets.scrippsdigital.com — Cisco Umbrella Rank: 42688
4 KB
1 oi.com.br
click.oi.com.br
292 B
0 mxptint.net Failed
pmp.mxptint.net Failed
0 contextweb.com Failed
bh.contextweb.com Failed
333 73
Domain Requested by
20 s0.2mdn.net imasdk.googleapis.com
www.fox13now.com
s0.2mdn.net
16 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.fox13now.com
109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
16 pagead2.googlesyndication.com srcdoc
109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
www.googletagservices.com
14 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
eb2.3lift.com
12 eb2.3lift.com 6 redirects ads.rubiconproject.com
eb2.3lift.com
12 ib.adnxs.com 3 redirects ads.rubiconproject.com
googleads.g.doubleclick.net
acdn.adnxs.com
eb2.3lift.com
11 simage2.pubmatic.com 1 redirects ads.pubmatic.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 securepubads.g.doubleclick.net www.fox13now.com
securepubads.g.doubleclick.net
cd.connatix.com
www.googletagservices.com
9 vid.connatix.com cd.connatix.com
www.fox13now.com
8 www.google.com 2 redirects www.fox13now.com
securepubads.g.doubleclick.net
109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 s.amazon-adsystem.com 4 redirects eb2.3lift.com
6 match.adsrvr.org eb2.3lift.com
sync.serverbid.com
ads.pubmatic.com
6 img.connatix.com www.fox13now.com
6 capi-tier-2-us-east-2.connatix.com cd.connatix.com
6 c.amazon-adsystem.com www.fox13now.com
c.amazon-adsystem.com
6 ewscripps.brightspotcdn.com www.fox13now.com
6 www.fox13now.com www.fox13now.com
ewscripps.brightspotcdn.com
5 x.bidswitch.net 3 redirects eb2.3lift.com
5 ups.analytics.yahoo.com 5 redirects
5 x.serverbid.com sync.serverbid.com
ads.pubmatic.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 log.outbrainimg.com widgets.outbrain.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.fox13now.com
5 widgets.outbrain.com www.fox13now.com
widgets.outbrain.com
5 use.typekit.net www.fox13now.com
use.typekit.net
4 c1.adform.net 3 redirects ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
4 pixel.advertising.com 4 redirects
4 googleads.g.doubleclick.net www.fox13now.com
109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
4 prebid-a.rubiconproject.com ads.rubiconproject.com
4 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
4 e.serverbid.com ads.rubiconproject.com
sync.serverbid.com
4 g2.gumgum.com ads.rubiconproject.com
3 pixel.rubiconproject.com 1 redirects
3 ads.pubmatic.com sync.serverbid.com
ads.pubmatic.com
3 c2shb.ssp.yahoo.com ads.rubiconproject.com
3 ssc.33across.com ads.rubiconproject.com
3 stats.g.doubleclick.net www.google-analytics.com
3 sb.scorecardresearch.com 1 redirects www.fox13now.com
3 cds.connatix.com www.fox13now.com
cd.connatix.com
3 analyticssystems.net www.fox13now.com
109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
3 use.fontawesome.com www.fox13now.com
use.fontawesome.com
3 d3plfjw9uod7ab.cloudfront.net www.fox13now.com
securepubads.g.doubleclick.net
109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
2 ads.avct.cloud 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 px.owneriq.net 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 sync.mathtag.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 b1sync.zemanta.com 2 redirects
2 px.ads.linkedin.com eb2.3lift.com
2 rtb.openx.net sync.serverbid.com
2 ap.lijit.com sync.serverbid.com
2 sync.go.sonobi.com sync.serverbid.com
2 ssum-sec.casalemedia.com 2 redirects
2 cs.emxdgt.com sync.serverbid.com
2 ad.360yield.com 2 redirects
2 sync.serverbid.com ads.rubiconproject.com
2 u.openx.net ads.rubiconproject.com
2 eus.rubiconproject.com ads.rubiconproject.com
eus.rubiconproject.com
2 acdn.adnxs.com ads.rubiconproject.com
2 googleads4.g.doubleclick.net www.fox13now.com
2 www.googletagservices.com securepubads.g.doubleclick.net
109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
2 obs.cheqzone.com ob.cheqzone.com
www.fox13now.com
2 109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 fastlane.rubiconproject.com ads.rubiconproject.com
2 tlx.3lift.com ads.rubiconproject.com
2 web.hb.ad.cpe.dotomi.com ads.rubiconproject.com
2 ewscripps-d.openx.net ads.rubiconproject.com
2 tru.am www.googletagmanager.com
tru.am
2 api.ewscloud.com ewscripps.brightspotcdn.com
2 connect.facebook.net www.fox13now.com
connect.facebook.net
2 cdn.cookielaw.org www.fox13now.com
cdn.cookielaw.org
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 sync.ipredictive.com 1 redirects
1 ad.turn.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 idsync.rlcdn.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 ads.yahoo.com
1 id.rlcdn.com
1 image6.pubmatic.com ads.pubmatic.com
1 us-u.openx.net
1 usersync.gumgum.com
1 id5-sync.com
1 ssc-cms.33across.com ads.rubiconproject.com
1 mv.outbrain.com widgets.outbrain.com
1 images.outbrainimg.com www.fox13now.com
1 mcdp-nydc1.outbrain.com widgets.outbrain.com
1 odb.outbrain.com widgets.outbrain.com
1 ob.cheqzone.com widgets.outbrain.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 widget-pixels.outbrain.com www.fox13now.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 ins.connatix.com cd.connatix.com
1 lit.connatix.com cd.connatix.com
1 www.google.de www.fox13now.com
1 capi.connatix.com cd.connatix.com
1 static.ewscloud.com www.fox13now.com
1 hblg.media.net www.fox13now.com
1 p1.parsely.com www.fox13now.com
1 cd.connatix.com 1 redirects
1 cdn.parsely.com www.fox13now.com
1 aswpsdkus.com www.fox13now.com
1 p.typekit.net use.typekit.net
1 ads.rubiconproject.com www.fox13now.com
1 hbx.media.net www.fox13now.com
1 www.googletagmanager.com www.fox13now.com
1 assets.scrippsdigital.com www.fox13now.com
1 click.oi.com.br 1 redirects
0 pmp.mxptint.net Failed ads.pubmatic.com
0 image2.pubmatic.com Failed ads.pubmatic.com
0 bh.contextweb.com Failed ads.pubmatic.com
333 127
Subject Issuer Validity Valid
*.scrippsnationalnews.com
Amazon
2022-02-17 -
2023-03-18
a year crt.sh
ewscripps.brightspotcdn.com
Amazon
2022-04-30 -
2023-05-29
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2022-05-01 -
2023-05-01
a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1
2022-03-07 -
2023-04-07
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-07 -
2022-07-06
a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-03 -
2023-04-04
a year crt.sh
*.scrippsdigital.com
Amazon
2021-08-08 -
2022-09-06
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-04-25 -
2022-07-18
3 months crt.sh
*.analyticssystems.net
E1
2022-04-05 -
2022-07-04
3 months crt.sh
c.amazon-adsystem.com
Amazon
2021-07-06 -
2022-06-27
a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA
2022-02-20 -
2023-02-22
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-17 -
2023-04-04
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-02-22 -
2022-05-23
3 months crt.sh
aswpsdkus.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-20 -
2023-02-20
a year crt.sh
*.parsely.com
Amazon
2021-07-05 -
2022-08-03
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-04-25 -
2022-07-18
3 months crt.sh
*.ewscloud.com
DigiCert TLS RSA SHA256 2020 CA1
2021-08-19 -
2022-09-19
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2
2021-08-20 -
2022-09-21
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2021-07-13 -
2022-06-25
a year crt.sh
ssc.33across.com
GTS CA 1D4
2022-03-22 -
2022-06-20
3 months crt.sh
*.gumgum.com
Amazon
2022-05-06 -
2023-06-04
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-03-08 -
2022-08-31
6 months crt.sh
*.consumableaudio.com
R3
2022-04-27 -
2022-07-26
3 months crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
www.google.com
GTS CA 1C3
2022-04-25 -
2022-07-18
3 months crt.sh
www.google.de
GTS CA 1C3
2022-04-25 -
2022-07-18
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-04-25 -
2022-07-18
3 months crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-11 -
2023-03-15
a year crt.sh
*.google.de
GTS CA 1C3
2022-04-25 -
2022-07-18
3 months crt.sh
*.google.com
GTS CA 1C3
2022-04-25 -
2022-07-18
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-04-25 -
2022-07-18
3 months crt.sh
*.cheqzone.com
Amazon
2022-01-22 -
2023-02-20
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-04-25 -
2022-07-18
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2022-04-25 -
2022-07-18
3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2022-03-11 -
2023-04-11
a year crt.sh
sync.serverbid.com
Amazon
2022-04-04 -
2023-05-03
a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2021-09-23 -
2022-09-30
a year crt.sh
*.id5-sync.com
R3
2022-03-08 -
2022-06-06
3 months crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2
2021-05-18 -
2022-06-19
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2021-12-08 -
2023-01-09
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-03-11 -
2023-04-12
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2022-03-28 -
2022-09-28
6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-05 -
2023-05-04
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-04-11 -
2022-07-07
3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-01 -
2023-03-28
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-05-02 -
2023-06-03
a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018
2021-12-05 -
2022-12-06
a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon
2022-04-13 -
2023-05-12
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2021-10-27 -
2022-11-27
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-01-18 -
2022-07-13
6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2021-08-10 -
2022-09-11
a year crt.sh

This page contains 47 frames:

Primary Page: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Frame ID: 34E1F04B70F5F78969FBC6FE40D3EED1
Requests: 129 HTTP requests in this frame

Frame: https://cds.connatix.com/p/162305/connatix.playspace.dc.js
Frame ID: B1B458FDC73C020F725A05B86B7D23B7
Requests: 14 HTTP requests in this frame

Frame: https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D32955228A066B51F2EAAC09D7F243EC
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Frame ID: D1503EA8FB368D2688B5D0FFFECF4BED
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Frame ID: FBCB26C335BDD1078202BE79050CCCD7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Frame ID: A7D4323159C621929E9E59D1EF2549A3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D203A066BBBC7D696324F2D6976D0E57
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CC6A7796169C76F7EED57D41E2B78F14
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7DD2C698ECB3E6812A182336E5F78670
Requests: 1 HTTP requests in this frame

Frame: https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 494DB85AC11CA06AE5C557B6DB4A38D4
Requests: 18 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Frame ID: 2F3010B6DD0D5DA46A2E15802DDF02B3
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs
Frame ID: D6E80335FFBF11556B8D4A060F10C689
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs
Frame ID: B4E3CE529CCFB90B8B53CDE9D8814DBA
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNQDENrt-aUDGPGagcgBMAE&v=APEucNV4VZzUBHOYxF6JUfVZEtVqZDZ6TzJKmZsdxwdKdqgR2Q8QQ8QRjd6DkPZZLkcSfQz-AeaBYRDXiwjcwXImEF7au4r9mdwd2olJZ6Fk2XTBiEvKaRI1oRRG2KB-7fFHeT55TqB0yVCDsQyw9k9Ouf7GvOX7k76VNlqFIFzI8pbQVjxlJtY
Frame ID: 2EFDC255D648244E7611B8DF53FD6CEE
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E49AC379936F183769AE419B004CD03F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
Frame ID: 9E77879C82EBCD44CEEA35A289AAAA02
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
Frame ID: FBCA5C7058AE1D0359F72393AEB35AEA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 11860DC45526673710E4E9CBAC726729
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8CDF765AA44DD5ACFC99D1A31857CCE7
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3B228E7B4B9CDEDF3B45C4E4EB8C6071
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5F9EE592FE984B1440BB924BDE166356
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0907ABEC0C5DD038B35ACF0673FF03D9
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 02668793F126630B6D31C0B00C933304
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 793A86AB7B55B8DCA25420CBC45D38AC
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 2B16B969211CE495C6054FD385136FDC
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000248.html
Frame ID: 64FE8CD17DACD622961F53C2F5E1223F
Requests: 9 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bgZdFqByur67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: CA6CEA16E9047C8366B6E7180D297EF5
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000248.html
Frame ID: 50A37AE84E6EE25B481744CE0179B17D
Requests: 9 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 7531219D526C5CBF073D85D75FFDB8C4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 9E573CDE2406B29C4DA4D111EF09F016
Requests: 21 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 9455CFE332AAFDFBAA99D34CA4B9C516
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=99A656CC-1F7F-4F79-9517-C94F6D4BB851
Frame ID: 9863EDC8B798646DA625429C68A4539D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoEjewAAALjPygAo&gdpr=0&gdpr_consent=&_test=YoEjewAAALjPygAo
Frame ID: 5C66A5CE5E79967E78F81D93AEF2FEC2
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFkBE7FAkcAAETwuBEz6w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2
Frame ID: A2C20CE3A08468D63A0DE6BB52BF96AB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a27b6281-237b-4100-935a-27e7952621c7&gdpr=0&gdpr_consent=
Frame ID: 2E4402F8A8EB1310A34F771F047BE254
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 0E0E2C7E9A78AA96C677C5FF3F8B84A6
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 92C5D9A080A704FBD864A7154C3180E9
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: C32A401441E0DCFF3D7BA2502AFFA313
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=669527993074
Frame ID: CB4EC140187E56FC169DF91B04C0BFC9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:LfG7DMww1NQgEX5&gdpr=0&gdpr_consent=
Frame ID: DD96E45490D84D3A80C85B260B9D8359
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/noop?ct=image%2Fgif
Frame ID: 23BD031F372209C03DD404663C217483
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 25757039FCCC1B5303DA552979E54452
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=99A656CC-1F7F-4F79-9517-C94F6D4BB851
Frame ID: 09CD9160B74C2B98EA2D9AABFFF5ABDB
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5f1a48e7-50e5-4ea0-9550-18cb1de008e0-tuct97aa8fb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 8D8DCFA2B76177920AF0C5FBA491E09F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 188117FC0D8FB44DAA75F72943FF72CE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=589e7ef3-1f7f-463e-b2ef-54566dd0e2f7
Frame ID: D792D4B805E843EA75FB7D10FF4907FE
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=99A656CC-1F7F-4F79-9517-C94F6D4BB851
Frame ID: D3F654387717757A4507DE576494861E
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Billionaire Utahn to give away 90% of his wealth

Page URL History Show full URLs

  1. http://click.oi.com.br/ls/click?upn=5zCDL-2BIpvU4z1elswBBmmTinI5M7jgVe7J8tz5U5f57bXY9Cj4YlOizeuxQkp... HTTP 302
    https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

333
Requests

85 %
HTTPS

31 %
IPv6

73
Domains

127
Subdomains

93
IPs

8
Countries

4010 kB
Transfer

15841 kB
Size

44
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.oi.com.br/ls/click?upn=5zCDL-2BIpvU4z1elswBBmmTinI5M7jgVe7J8tz5U5f57bXY9Cj4YlOizeuxQkpfcCk-2B7bL-2BOloBfXo1MxwMWa8iId5itQTFAUwr5UtydgB7pjm8hKRtG6aNEUBq9OSdvT8qp0iIzkXGjCFF-2FlazIeoA-3D-3DY1f5_sONDKYTrAWbvqC3h3A3olCLXxVv7XsP-2FaAzZkx17HP-2FGbJa6m-2FDEduhT-2Foe-2Bop91T5KIVlymOnF8nvmcwauxFBS1I8Ta-2F7TXDWKqi-2F5sW4wcM3fAh1OkQIhq6eIvWKJcz41akRuXt1kGSDqW6juU2zh9Zk7UHnE3tubKluN3YNqbCAM6i-2BuxWvf0b44K1d244hF7gOFbBN-2BYa0O6jDPNaVieCmDM57U146CEZACAz2c-3D HTTP 302
    https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/162305/connatix.playspace.dc.js
Request Chain 46
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1652630389485&ns_c=UTF-8&cv=3.5&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c7=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1652630389485&ns_c=UTF-8&cv=3.5&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c7=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&c9=
Request Chain 172
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 173
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 180
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELAjqs8Zv129o0-R-p9gu3o&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELAjqs8Zv129o0-R-p9gu3o&google_cver=1&C=1
Request Chain 181
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoEjd6vzh6RVKy4.UUyYUgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELAjqs8Zv129o0-R-p9gu3o&google_cver=1&google_hm=2
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELLqx0qBathfzMIeaNV7rJk&google_cver=1
Request Chain 183
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI2NzUzMzE3MDkyMTYwNjU3Nw%3D%3D
Request Chain 239
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 240
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 247
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=0b8b891e-60a5-491d-af6e-e6b4c6e5b151
Request Chain 253
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YoEjd6vzh6RVKy4.UUyYUgAA%261170
Request Chain 256
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1267533170921606577
Request Chain 258
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0ffe8ba5-d468-11ec-bf71-06c845b44618 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0ffe8ba5-d468-11ec-bf71-06c845b44618&verify=true HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0ffe8ba5-d468-11ec-bf71-06c845b44618
Request Chain 260
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YoEjd6vzh6RVKy4.UUyYUgAA%261170
Request Chain 263
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1267533170921606577
Request Chain 265
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0ffe8ba5-d468-11ec-bf71-06c845b44618 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0ffe8ba5-d468-11ec-bf71-06c845b44618&verify=true HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0ffe8ba5-d468-11ec-bf71-06c845b44618
Request Chain 267
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM5Mzk5ODgzOTEzMTAxMjI5NTIyNQ%3D%3D
Request Chain 269
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM5Mzk5ODgzOTEzMTAxMjI5NTIyNQ%3D%3D
Request Chain 271
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3110759273412918343456?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-EcxqJK9E2oRRujwj7dY1ukCdfw6B3QyIK4LqE2rJvg--~A&dongle=0883
Request Chain 273
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3110759273412918343456 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3110759273412918343456&dcc=t
Request Chain 274
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 277
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM5Mzk5ODgzOTEzMTAxMjI5NTIyNQ%3D%3D
Request Chain 279
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM5Mzk5ODgzOTEzMTAxMjI5NTIyNQ%3D%3D
Request Chain 281
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4393998839131012295225?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-sIzbY6RE2oQWk1F9ROW5q9WxlKBTRalS.yU5x55BTg--~A&dongle=0883
Request Chain 283
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4393998839131012295225 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4393998839131012295225&dcc=t
Request Chain 284
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 291
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=t4e9KWYuQW28fC6Uz9k9eQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=t4e9KWYuQW28fC6Uz9k9eQ
Request Chain 293
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmVlZDA1YjNiODllZTJmNzk4YTg3MWM2NTY2YTUwMGRmODQzNmMxZQ
Request Chain 295
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJas78yHPPv2uXrzQE5xwKc&google_cver=1
Request Chain 296
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L37HGPUF-1C-DQTF&sigv=1&esig=2~84631071036944204f7df71c1c38bb03df54ceeb
Request Chain 297
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/jcqma7i54aEssD-uL4YuNMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2550802030167613819
Request Chain 298
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM3SEdQVUYtMUMtRFFURg==
Request Chain 299
  • https://c1.adform.net/serving/cookie/match?party=14&cid=99A656CC-1F7F-4F79-9517-C94F6D4BB851 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=99A656CC-1F7F-4F79-9517-C94F6D4BB851
Request Chain 300
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YoEjewAAALjPygAo HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoEjewAAALjPygAo&gdpr=0&gdpr_consent=&_test=YoEjewAAALjPygAo
Request Chain 301
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGa0JFN0ZBa2NBQUVUd3VCRXo2dw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFkBE7FAkcAAETwuBEz6w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2
Request Chain 302
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a27b6281-237b-4100-935a-27e7952621c7&gdpr=0&gdpr_consent=
Request Chain 306
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=669527993074
Request Chain 307
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:LfG7DMww1NQgEX5&gdpr=0&gdpr_consent=
Request Chain 308
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 309
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 310
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=d49a2141-a36c-4e91-acf7-5957644f1c01&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=99A656CC-1F7F-4F79-9517-C94F6D4BB851
Request Chain 311
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5f1a48e7-50e5-4ea0-9550-18cb1de008e0-tuct97aa8fb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 312
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 313
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=589e7ef3-1f7f-463e-b2ef-54566dd0e2f7
Request Chain 315
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=maZWzB9_T3mVF8lPbUu4UQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 317
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=da4c6281-237b-4a00-8f5f-3f24c4fb1b6d
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTlBNjU2Q0MtMUY3Ri00Rjc5LTk1MTctQzk0RjZENEJCODUx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECa2CE3Vi-gzuzdqBsFtOAE&google_cver=1
Request Chain 321
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7020248366188956654&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 324
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=99A656CC-1F7F-4F79-9517-C94F6D4BB851&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9vHfxDFE2uXqLGHqzmmzSwqVTy_LOCI-~A&gdpr=0&gdpr_consent=
Request Chain 325
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=109d3c51-d468-11ec-8a25-c312b08c9a12&gdpr=0&gdpr_consent=
Request Chain 326
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1267533170921606577&gdpr=0&gdpr_consent=
Request Chain 327
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=bfdf2c44-69da-4c58-b5d6-f345ce28e58c-6281237b-5858&gdpr=0&gdpr_consent=
Request Chain 329
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6AIAROwDDxfzVF5G6VEVFr8AXEDzBQFG7QlpXl4c
Request Chain 330
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8657693796598662599
Request Chain 331
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=3bb1cd4d-3181-4e2c-abee-2aeebbc4176f&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8c4a3daa-4627-4414-b264-608d9ca1b9b4&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 333
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1267533170921606577

333 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request billionaire-utahn-to-give-away-90-of-his-wealth
www.fox13now.com/news/local-news/
Redirect Chain
  • http://click.oi.com.br/ls/click?upn=5zCDL-2BIpvU4z1elswBBmmTinI5M7jgVe7J8tz5U5f57bXY9Cj4YlOizeuxQkpfcCk-2B7bL-2BOloBfXo1MxwMWa8iId5itQTFAUwr5UtydgB7pjm8hKRtG6aNEUBq9OSdvT8qp0iIzkXGjCFF-2FlazIeoA-3D...
  • https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
242 KB
66 KB
Document
General
Full URL
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-104.dus51.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
1b100b2e9f3016d39e6f5fc04026380518f730433d1261e6dbb8f6f673c27cb1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=240
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Sun, 15 May 2022 15:59:48 GMT
Server
N/A
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
X-Amz-Cf-Id
p4TCw2Si3psJ249xo1caXQvUhzsGw59kV-aOw5tyPACsvznIUXVfsg==
X-Amz-Cf-Pop
DUS51-P2
X-Cache
Miss from cloudfront
X-Content-Type-Options
nosniff
X-Powered-By
Brightspot

Redirect headers

Connection
keep-alive
Content-Length
111
Content-Type
text/html; charset=utf-8
Date
Sun, 15 May 2022 15:59:48 GMT
Location
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Server
nginx
X-Robots-Tag
noindex, nofollow
All.min.400ae66ae5954cba88bc75403510e15b.gz.css
ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/
116 KB
22 KB
Stylesheet
General
Full URL
https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.400ae66ae5954cba88bc75403510e15b.gz.css
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-103.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2bcbc2fead65db06dc805d3ec92e0f95cc32e4d82c1d7f9e2d4bd5ffc7b35984

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 05:55:06 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 07 Apr 2022 18:35:00 GMT
Server
AmazonS3
Age
2714684
ETag
"f3fd787dc8639d9cb2a7d176b5c65497"
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
21563
X-Amz-Cf-Id
m_4ea4Jbck0bnpfvSLvU-XhlbD3yMuEcdeiWlOugYWe_EXCia4OwBg==
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/
116 KB
29 KB
Script
General
Full URL
https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1da4e7292411fa7401ad333d28c2e5bd20dbe89f3ba0428d57d44c48879293f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
B3kn63TQS6kT.ZlvMtLEVysJoRuRl8uN
content-encoding
br
last-modified
Sat, 30 Apr 2022 03:09:32 GMT
server
AmazonS3
age
1942
etag
W/"d8a90e7fca1529654d71205b6c387460"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control
max-age=3600, public
date
Sun, 15 May 2022 15:27:30 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
mf1aLOeGqO2dNBqG3eIj0DTKNQSz3athNL7fgeGd-ZgWkCOKpf5eyQ==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
20 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03aa6fcac2902227e1b66a01b87824692f708bbf9bfe441784f8ed22d677f6de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
+q2Bd0SvXowDeesSOf+0yw==
age
798
vary
Accept-Encoding
content-length
6782
x-ms-lease-status
unlocked
last-modified
Fri, 13 May 2022 12:13:28 GMT
server
cloudflare
etag
0x8DA34D9FD30D37D
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
461614fa-001e-005d-4ad7-6628e2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
70bd153b8a059177-FRA
tsu4adm.css
use.typekit.net/
21 KB
2 KB
Stylesheet
General
Full URL
https://use.typekit.net/tsu4adm.css
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
44184c16fd72e51859e402906cfc8eb5cc13161916b42cf46e416bc9e3fe9850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Sun, 15 May 2022 15:59:49 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1740
all.css
use.fontawesome.com/releases/v5.1.0/css/
45 KB
10 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer
https://www.fox13now.com/
Origin
https://www.fox13now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9536103
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
2ZZ5QRVPN82S48DS
x-amz-id-2
SHbbRQINSQhizx8nCWslOzY/Rk44DavKUIStg5oCEF6ioO3YiZAmDht9DOdtnveA12vyRmNSN5w=
last-modified
Wed, 30 Jun 2021 15:30:31 GMT
server
cloudflare
etag
W/"826c57385f3d35cfed5478ba7b1f5c03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bqmm%2FjYy%2FMmfyKMEIki05LmrbjRP8o917gXXQ03UTQzZp5QYJmQWeT8Yl9GuRprOjWnXFlVYgKrMOoxouDBYqhR6hX0x9D8d1LrmHwA9I5ueyT66QiYvxeyvko1wRdrprMQCKZ3UCbPOduYj1Gwmeofz"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
70bd153b8f789019-FRA
/
ewscripps.brightspotcdn.com/dims4/default/eead90a/2147483647/strip/true/crop/600x274+0+0/resize/400x183!/quality/90/
23 KB
24 KB
Image
General
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/eead90a/2147483647/strip/true/crop/600x274+0+0/resize/400x183!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F00%2F9e%2F66505c3f463b98e45a6637d3fcea%2Fkstu-main-logo.png
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-103.fra6.r.cloudfront.net
Software
Apache /
Resource Hash
d46651a0642c39afc570af89ad0b4373250d4002c05e92282aab4b289c4771d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 25 Mar 2022 01:16:59 GMT
Via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
4459369
ETag
5530a8138966797a635819cda27dfa7c
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA6-C1
X-Robots-Tag
nofollow
Content-Length
23926
X-Amz-Cf-Id
I8vmh7nRT4Lo5poUo4LwNX-EOpn6CzEJTSOM7_4KN6_opZ3_fI8NYg==
Expires
Sat, 25 Mar 2023 01:16:59 GMT
Blank.gif
www.fox13now.com/styleguide/assets/
57 B
475 B
Image
General
Full URL
https://www.fox13now.com/styleguide/assets/Blank.gif
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-104.dus51.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Thu, 29 Jul 2021 11:57:42 GMT
Via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache-Coyote/1.1
Age
25070527
X-Cache
Hit from cloudfront
Content-Type
image/gif;charset=UTF-8
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
DUS51-P2
Content-Length
57
X-Amz-Cf-Id
fsBY8iIpijmn7DZtUlK0-nT1BC4A43xyDo6n14oKPvY4fJ006okuJQ==
outbrain.js
widgets.outbrain.com/
199 KB
69 KB
Script
General
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-173.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4de7f60ac8c0a270dc1c92ce185b282876b71084b66db80629924a85109a0a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
last-modified
Sun, 15 May 2022 14:00:37 GMT
etag
"16-OcK16QcJrC9WEI2OC6AY9CqBfgo"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
bdfea85524426b316f46147eb7a1ed5f
timing-allow-origin
*, *
logo-scripps.png
assets.scrippsdigital.com/cms/images/
3 KB
4 KB
Image
General
Full URL
https://assets.scrippsdigital.com/cms/images/logo-scripps.png
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-34.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
8lNexGmb6tKD4SPVOeXslwnzBtFWYJoV
Via
1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Oct 2017 14:04:11 GMT
Server
AmazonS3
Age
40197
ETag
"f46791d665054bf21da09492d448e1d2"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Date
Sun, 15 May 2022 04:50:53 GMT
x-amz-replication-status
COMPLETED
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
3532
X-Amz-Cf-Id
wn6hc3HAoKm6fsMQunZ5TqgUtPJlQUMDlUsiGkDp8kiIkPVGjGfrbw==
All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/
428 KB
99 KB
Script
General
Full URL
https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-103.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0f18a3c3952280b727ecdf5f62fb2b4754367e287f06e9b3b586f2c07146754

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Thu, 07 Apr 2022 18:35:01 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 07 Apr 2022 18:35:00 GMT
Server
AmazonS3
Age
3273889
ETag
"1b54b00f494965bf27395d87a776043c"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
101167
X-Amz-Cf-Id
Xk5joun9Ki9TxjMQPq_9Em4EZUmw60zOgOoE9fak-WF1gMtAbLxgSw==
gtm.js
www.googletagmanager.com/
135 KB
42 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5QBX3CF
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac0cf789c9ea8519baaa607912223bebeafae9e6c04cf5ffa7a27af4bf6dee15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42486
x-xss-protection
0
last-modified
Sun, 15 May 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 15 May 2022 15:59:49 GMT
6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/client/impression/
0
613 B
Image
General
Full URL
https://analyticssystems.net/api/v2/client/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=970066
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FT14Gh1dUdBe6dSeYh0AJtdT2hCsfZy5si2C%2F5lVgOsnf1wgz4TJ9ulEfpKWToF6wJIX63KoequT%2F0mm0zkqkp4KUN41oWaPuNlPw4m7iCcqz2Mslo4Wq01WUbQX8zmjpOBF3ka3b%2Bfq6Ye2UcLg7sBw6g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70bd153c7f93914d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Fu9SlUCsCshWfMwA3ffS
000000.json
cdn.cookielaw.org/consent/000000/
215 B
654 B
XHR
General
Full URL
https://cdn.cookielaw.org/consent/000000/000000.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c913bc9da51659b12b21981ceaf5f76a8338c68d01edff6828a305559f94d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
29
vary
Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
e548f3eb-d01e-00dc-0d74-688ab5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
70bd153c0bb0691b-FRA
expires
Sun, 15 May 2022 19:59:49 GMT
apstag.js
c.amazon-adsystem.com/aax2/
135 KB
37 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
21
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0E8KWZK207REFAJP6DH2
date
Sun, 15 May 2022 15:59:28 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
fv80gHIbrDlOhQiJzQO2i5I_-oLn3n5t9IpP9OTSzuB3zxrdTPe8Ww==
bidexchange.js
hbx.media.net/
599 KB
131 KB
Script
General
Full URL
https://hbx.media.net/bidexchange.js?cid=8CU6Q6626&version=5.1&dn=www.fox13now.com
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e4b6226e8a1a47ef7e1f8879acb9597b408a8d7c49d0ed1478b36da15d147235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Sun, 15 May 2022 15:59:49 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
timing-allow-origin
*
expires
Sun, 15 May 2022 16:29:49 GMT
5776_Scripps_Local_Stations.js
ads.rubiconproject.com/prebid/
592 KB
115 KB
Script
General
Full URL
https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ca4fd5efb0d1a70284709d6dde51a8477a28115b5c8a453aafcaf394bd1b5fbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 21:09:15 GMT
server
Apache
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=11549
access-control-allow-credentials
true
accept-ranges
bytes
content-length
117459
expires
Sun, 15 May 2022 19:12:18 GMT
p.css
p.typekit.net/
5 B
182 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=tsu4adm&ht=tk&f=137.138.139.140.169.170.171.172.175.176.141.142.143.144.147.148.151.152.153.154.155.156.157.160.161.162.165.166.167.168&a=15199297&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c24c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3dd67f9206d27db683c4bada205cadd16cf642d9a1e2d909937a5d30908eecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
mhn1+TFMS0xW6hPXXXhjWg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
hTY1JgjUifcuOlt/H1Zm8urfrWR8nMO91aEe3oRZJ7X94FWZeyLBpTFShMsrGcffttj96mNh+ZcMUwJ+LM9wsg==
x-fb-trip-id
2050670934
x-fb-content-md5
7e093272b76b59811b0d038e3741cc32
x-frame-options
DENY
date
Sun, 15 May 2022 15:59:49 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"edf23284b6a4399d6cdff71a0877a1c0"
timing-allow-origin
*
expires
Sun, 15 May 2022 16:11:13 GMT
ua-sdk.min.js
aswpsdkus.com/notify/v1/
212 KB
38 KB
Script
General
Full URL
https://aswpsdkus.com/notify/v1/ua-sdk.min.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.208.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
151.208.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5343d295e7697987c6607001f3bb6d9bf54cfc6db5a77dce8b27dc5e9870066e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:18 GMT
content-encoding
gzip
age
31
x-guploader-uploadid
ADPycdt5nW9X0li91hCZh6VMKWFvW5dly8QnXzhtxOcrvX2tAAK8PR1mW9MHdEuOFQDgbrxNz76CnRno03CSUEwzgxSJBA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38303
last-modified
Thu, 31 Mar 2022 16:15:43 GMT
server
UploadServer
etag
"6d60fd0a8328ab90723334e067d116d8"
x-goog-hash
crc32c=HIlLng==, md5=bWD9CoMoq5ByMzTgZ9EW2A==
x-goog-generation
1648743343088826
cache-control
public,max-age=300,no-transform
x-goog-stored-content-length
38303
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 15 May 2022 16:04:18 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/
58 KB
59 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin
https://www.fox13now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9536103
cf-ray
70bd153c48cb9019-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59572
x-amz-id-2
2QlaGPMq/gvDCKcJFw44FiSlS/4P+q/GGuM4XjDC9R8VFdD3t5qX3nsOPJYWC4vFYDbhconZP1I=
last-modified
Wed, 30 Jun 2021 15:30:49 GMT
server
cloudflare
etag
"18d2347ab2a9f40ca2247cdb03303d84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGqxinabzMkfLJyr%2FRpeb5do%2Bx2MIu756zc1Lo1GkclaI%2F3AZmF%2F0juyl7FEZnJrR2bTlMcuk%2Baz6NqAC%2B70u%2FDR56CMMq7xqPVbhAoVF5%2FN%2B0CUSAcYUEnfMCqfeWFQgyYMtTbrlYVRJPqRTCconaEW"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
2ZZC70Y57CQQS9TV
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/
16 KB
16 KB
Font
General
Full URL
https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.fox13now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
server
nginx
etag
"ef52ad3657e4d4a42c21db6c00d5c7ccc649bc94"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16560
l
use.typekit.net/af/8738d8/00000000000000007735e611/30/
16 KB
17 KB
Font
General
Full URL
https://use.typekit.net/af/8738d8/00000000000000007735e611/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n8&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.fox13now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
server
nginx
etag
"a5565f97e4389f39e94f7880b2c8088023e4d88a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16880
fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/
62 KB
63 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin
https://www.fox13now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9535526
cf-ray
70bd153c7dc8913c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63376
x-amz-id-2
jwAGm2/lnVCxo1ShYFIt85htKKTPxKtu88JLYxBlWezXLi87t4+Tp2FxKHWhXp0tYkPW67B9VX8=
last-modified
Wed, 30 Jun 2021 15:30:49 GMT
server
cloudflare
etag
"f319eac1c755f9929fd856720ce1695e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9n8r8ojD2xw4e6UborAN2rnqybPw6ztdZYsSDQjTSkADzRAckrHqR0lKUM5Y%2Bsjwz%2BcEc4L6XyK2mReI4rqe65UXVciUlbPidzx9aUqUM8arXJtCw9FeIp60mFmXuBBHi2KkpWtqgTIRXxIwHs0tpDi"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
DAT744GCN42DT6PF
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
l
use.typekit.net/af/3322cc/00000000000000007735e616/30/
17 KB
17 KB
Font
General
Full URL
https://use.typekit.net/af/3322cc/00000000000000007735e616/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fdcb74f626ef8f1059c0e3bd503017b8fdda4a54afcc26a4da734f5fd5c7a87a

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.fox13now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
server
nginx
etag
"71f986ad2b4d0b6a0e5a056380e0c8c577137ae8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17212
l
use.typekit.net/af/2555e1/00000000000000007735e603/30/
16 KB
17 KB
Font
General
Full URL
https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.fox13now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
server
nginx
etag
"96c7595dad6bb306bf9cc4c7a3b3d28654c7d636"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16832
p.js
cdn.parsely.com/keys/fox13now.com/
66 KB
23 KB
Script
General
Full URL
https://cdn.parsely.com/keys/fox13now.com/p.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-61-60.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
1e07e272734d4232d604835b00dfb9847c36a95e2fb6a01458590618e2bbcc77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
public
date
Sun, 15 May 2022 04:55:59 GMT
content-encoding
gzip
last-modified
Mon, 22 Feb 2021 19:24:27 GMT
server
nginx
age
39829
etag
W/"603404eb-10711"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
Ml2Vwo10QD3wq63BqSDvHfI1VYMOJTe04ia7DHLb-xEPcOZrxIMSOw==
expires
Mon, 16 May 2022 04:55:59 GMT
connatix.playspace.dc.js
cds.connatix.com/p/162305/ Frame B1B4
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/162305/connatix.playspace.dc.js
870 KB
203 KB
Script
General
Full URL
https://cds.connatix.com/p/162305/connatix.playspace.dc.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
32fd2eb35bfc922743b09440aa77ce35f75392da85de95884c3ab1d0b7aff530

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
br
last-modified
Fri, 13 May 2022 12:35:19 GMT
age
185032
etag
"27b6355aaf14e0f5091058861807a88d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
207385

Redirect headers

location
https://cds.connatix.com/p/162305/connatix.playspace.dc.js
date
Sun, 15 May 2022 15:59:49 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
/
ewscripps.brightspotcdn.com/dims4/default/02cc935/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/
124 KB
125 KB
Image
General
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/02cc935/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F4e%2F44%2F8b76c25f473093b130f7f52df25a%2Fjeff-t.%20Green.jpg
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-103.fra6.r.cloudfront.net
Software
Apache /
Resource Hash
bd6cafb0d9f0509d461f9b8845027ecb7f5385ee273346f5f44efd2b328afdb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 14 May 2022 22:00:23 GMT
Via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
64766
ETag
8abdd9b88cc8d2da8c2022d32c3e8063
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA6-C1
X-Robots-Tag
nofollow
Content-Length
127179
X-Amz-Cf-Id
yD78bJCpLPSSCT3EwlO-L0esZEkL_T975JEwDH0NLWJ_uasUv1ZQ8Q==
Expires
Sun, 14 May 2023 22:00:23 GMT
/
ewscripps.brightspotcdn.com/dims4/default/cabd33d/2147483647/strip/true/crop/720x720+280+0/resize/300x300!/quality/90/
16 KB
17 KB
Image
General
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/cabd33d/2147483647/strip/true/crop/720x720+280+0/resize/300x300!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Ff9%2Fc8%2Fbe6d1e8f4eb2a9ab227d4653983e%2Fjeff-tavss-headshot.jpg
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-103.fra6.r.cloudfront.net
Software
Apache /
Resource Hash
a78eee44a33280cae70b7fade38a0ea36d2d3c34252c8fffe9e5d91aaf463a0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 00:23:10 GMT
Via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
7745799
ETag
432c028acf64b6afb081594ce3fc408d
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA6-C1
X-Robots-Tag
nofollow
Content-Length
16702
X-Amz-Cf-Id
Y_ZHDf8FoUqpV-KmvxWA3NByjR83DvE0znkYvOqLrw_zefMNIuSLtw==
Expires
Wed, 15 Feb 2023 00:23:10 GMT
/
ewscripps.brightspotcdn.com/dims4/default/05aa02d/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/quality/90/
29 KB
29 KB
Image
General
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/05aa02d/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F0b%2F0c%2F0184c2f44e4783b067c6ee93fcc0%2Ffox13webad.jpg
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-103.fra6.r.cloudfront.net
Software
Apache /
Resource Hash
2ea4d73c56a292df467ee9e88a8cc18a2374049abe26e079b40770ea5b776339

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 09:38:37 GMT
Via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
14883672
ETag
38d2580b68aa743689213ed46fa15537
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA6-C1
X-Robots-Tag
nofollow
Content-Length
29430
X-Amz-Cf-Id
7ccoXmGqJeRgssFZEjDLSDOQVrgquIAFpBSXsOSHf4yMwFbdMI7iNw==
Expires
Thu, 24 Nov 2022 09:38:37 GMT
sdk.js
connect.facebook.net/en_US/
291 KB
83 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=cd87571614ffa5cd6148697a31d656eb
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
61f2dff6326983554bf831cb7bb066abf6d93e4f214b7ef10650befbd2eedbde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.fox13now.com/
Origin
https://www.fox13now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
bUgQmrfsk+rQJqeYoSj1TA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85255
x-fb-rlafr
0
x-fb-debug
z0qjrcTkkR3SbroYDbYN8pWit2rIL94AgUm2szwAZVV86x5i58jEqp/EqrYp2sT6bVasbAX8/rXPR/czU9kphw==
x-fb-content-md5
60f31e27abbb04c6e6ce95110a964aac
x-frame-options
DENY
date
Sun, 15 May 2022 15:59:49 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"61523510a971968036a3c8b12d11ec4d"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 15 May 2023 15:23:36 GMT
config
c.amazon-adsystem.com/cdn/prod/
0
311 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3295&u=https%3A%2F%2Fwww.fox13now.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:51:54 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
server
Server
age
474
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.fox13now.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
EyY_YOJnI-UVChzMp6UadyGpItWmgWOGGjhlwx2_eVzziR5JW2T1ZA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
48904
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Sun, 15 May 2022 02:24:46 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
fZKMuYiLiR8Ru4H_jvzGWGusPXzuzetESQvIxEBNHj283YmK40kLFA==
/
p1.parsely.com/plogger/
43 B
257 B
Image
General
Full URL
https://p1.parsely.com/plogger/?rand=1652630389332&plid=6084429&idsite=fox13now.com&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&sref=&sts=1652630389328&slts=0&title=Billionaire+Utahn+to+give+away+90%25+of+his+wealth&date=Sun+May+15+2022+15%3A59%3A49+GMT%2B0000+(GMT)&action=pageview&pvid=4158837&u=pid%3Da039c70ce39c9008ea4b7924b284397d
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-161-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 15:59:49 GMT
Cache-Control
no-cache
Last-Modified
Sunday, 15-May-2022 15:59:49 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
log
hblg.media.net/
35 B
196 B
Image
General
Full URL
https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&adt=desktop&cid=8CU6Q6626&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=fox13now.com&servname=ssp-serving-79d8bc9577-zkqwf&svr=051211_370_051211_335_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001652630389409023283072005446&sspAbBucket=CONTROL&lw=0&dapp=green&itypeid=1&sd=1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=700&gtd=&inid=&ngfundl=1000&rdl=700&a=0&r=209&lper=1&requrl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&kwrf=
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.22.32.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-22-32-24.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:49 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 15 May 2022 15:59:49 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
81 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
9a1177b69f70c78d0d073f90942215ec3a56f2b0dccc88b7966e75a6808d501e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28329
x-xss-protection
0
server
sffe
etag
"1215 / 417 of 1000 / last-modified: 1652479640"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 15 May 2022 15:59:49 GMT
/
api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/ Frame
0
0
Preflight
General
Full URL
https://api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/?type=web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-96.fra6.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://www.fox13now.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sun, 15 May 2022 15:59:49 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-apigw-id
SLJ6bHrbIAMFgig=
x-amz-cf-id
_47MzsqNocx_A_TsGml77bNvcWViwOLK7mqFpxVYutcrU1hHFb06xg==
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
281e83ab-dfb3-45e3-88ff-f963f1fcb966
x-amzn-trace-id
Root=1-62812375-7bec18652d3e30ed758bec9b
x-cache
Miss from cloudfront
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QBX3CF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1499
date
Sun, 15 May 2022 15:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 15 May 2022 17:34:50 GMT
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-38.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:49:18 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
47432
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
YpSLF_5mpbCdNchp9QHzaamZgXKAhm5kbRScj2dkFRVuuBs_noE0zA==
scripps.js
tru.am/scripts/custom/
737 B
1 KB
Script
General
Full URL
https://tru.am/scripts/custom/scripps.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QBX3CF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f027d6553533e963630b1d0992d5ca83562645cbb955de496b40c41eddd1978e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash
crc32c=sr7fhA==, md5=s01bXr0Uhj5Os3tr1X6KBQ==
date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1551758
x-guploader-uploadid
ADPycduhFbIhDuZtW8qt1oHeheC1bhrx2XryEQ_FtZalRmvRDDOvFv4-wbEeLCg68adGbOFjueIYKoVN5SzhboCp_3U
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 24 Feb 2022 16:52:24 GMT
server
cloudflare
etag
W/"b34d5b5ebd14863e4eb37b6bd57e8a05"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JjSWtcyso%2F0VcHeLZba3fw%2FXy9GK3ctGCa%2BnsQH0S%2FaGCyh6DMoE1ozw7tHQ1V24HoOT6%2BbfRvF6Kk42xa1%2FWExjEE3heYZ8LAtfzPvL3CcLxePX5iA4GVCqUP6%2FDA3uPL7tvg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1645721544432200
content-type
application/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
737
cf-ray
70bd153e3ba29130-FRA
expires
Thu, 27 Apr 2023 16:55:05 GMT
weather
www.fox13now.com/
73 KB
73 KB
Fetch
General
Full URL
https://www.fox13now.com/weather?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-104.dus51.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
221d14845641381b6f445b272348090e20c0c80e1ea4812c927576f7c49b3ecf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 15:56:33 GMT
Via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Server
N/A
Age
195
X-Powered-By
Brightspot
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-P2
X-Robots-Tag
nofollow
X-Amz-Cf-Id
1a5AAp2cLgFdAnv8WC6xODXpBN4ZW_96KOmlBGm_kLsHFIeLWa3D_w==
Connection
keep-alive
breaking-news-alerts
www.fox13now.com/
68 KB
68 KB
Fetch
General
Full URL
https://www.fox13now.com/breaking-news-alerts?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-104.dus51.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
65b64c49a86c754ec08d9c80c41cd0ce46edd45294ef43939ab8fdffa71652ea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 15:59:45 GMT
Via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Server
N/A
Age
4
X-Powered-By
Brightspot
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-P2
X-Robots-Tag
nofollow
X-Amz-Cf-Id
9XqXKB6bZoe_xoLhEidS_kG08Bw50lGt81FcqrvHUHvaPhDi30tNUg==
Connection
keep-alive
alerts
www.fox13now.com/weather/
63 KB
64 KB
Fetch
General
Full URL
https://www.fox13now.com/weather/alerts?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-104.dus51.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
d2002ce95d4f15bbf5aed7e2e5f049dc89fa99c9b7cca65a3a798937d284f7b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 15:56:35 GMT
Via
1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Server
N/A
Age
194
X-Powered-By
Brightspot
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-P2
X-Robots-Tag
nofollow
X-Amz-Cf-Id
Q1MGqE1vah6VWRRWtzX-N8U-at36auWY0C6BCbyZZTKhLlIvCLxnrQ==
Connection
keep-alive
school-closings-delays
www.fox13now.com/weather/
61 KB
61 KB
Fetch
General
Full URL
https://www.fox13now.com/weather/school-closings-delays?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-104.dus51.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
f095e9c4a8303e2660456b4124313560ffd05695ad601c84107146c500d27f71
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 15:59:45 GMT
Via
1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Server
N/A
Age
4
X-Powered-By
Brightspot
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Cache
Error from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-P2
X-Robots-Tag
nofollow
X-Amz-Cf-Id
sOLNOGtCOoJC966-78ReNm02lBIUwct93XUMWzJp6qC80h-DgbocUg==
Connection
keep-alive
/
api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/
4 KB
5 KB
Fetch
General
Full URL
https://api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/?type=web
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-96.fra6.r.cloudfront.net
Software
/
Resource Hash
99fd2c59c2769a1e1463c2876f6024e0e0f3d2133d08d0a880a29d041919031f

Request headers

Authorization
Token bc22df1e0efb4dcb53f2438a4b71da118f05788c
Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:50 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
039b09f2-eb20-4991-98e4-7bf94382d311
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62812376-70c67533738940d4066bdeed
x-amz-apigw-id
SLJ6eFZWIAMFxUQ=
content-length
4369
x-amz-cf-id
ZqnciENlSSGuIb0S1B_mOuKLWQLUdbzmI23zUgl03BIXuUAerHR2qA==
clear.png
static.ewscloud.com/weathercenter/prod/static/weathericons/daytime/
2 KB
3 KB
Image
General
Full URL
https://static.ewscloud.com/weathercenter/prod/static/weathericons/daytime/clear.png
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:5a00:10:618e:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
136da57ff927092cc8dd8aa976c27fb4ccb7336781a8d1335e6ed91bd61e50e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
VfuLoi_uZFM.HEMhxGOEjwgP_umC3RsV
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
last-modified
Wed, 02 Mar 2022 05:52:22 GMT
server
AmazonS3
age
197
etag
"2f1a98dbc07325a50205519845c81a5d"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=86400
date
Sun, 15 May 2022 15:59:49 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
2411
x-amz-cf-id
R_-3Umup5rZ4NS0r_Q9C14aRqorxzWz3txKYlsxxQH9-4CRy_ih4Uw==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1652630389485&ns_c=UTF-8&cv=3.5&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c7=https%3A%2F%2Fwww.fox13now.com%2Fne...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1652630389485&ns_c=UTF-8&cv=3.5&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c7=https%3A%2F%2Fwww.fox13now.com%2Fn...
0
190 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1652630389485&ns_c=UTF-8&cv=3.5&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c7=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&c9=
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Server
99.86.7.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-38.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
4TIi9kLyX8H6m2zJbrlpuPuwke0DAJfkdLkjK_kYnapJbPWwEtRAKg==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=6036471&ns__t=1652630389485&ns_c=UTF-8&cv=3.5&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c7=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&c9=
date
Sun, 15 May 2022 15:59:49 GMT
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
Yu0Qj9TXsKTyl_UEQy9dDg7NLOTGBJgp4uElrITeL402khzhsug4Ew==
x-cache
Miss from cloudfront
pubads_impl_2022051001.js
securepubads.g.doubleclick.net/gpt/
364 KB
124 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
cb190163a0d4795999f1905b65b3d026f9308acdffce1cbeabbb96dc26c4816c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:58:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126527
x-xss-protection
0
last-modified
Tue, 10 May 2022 08:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 15 May 2023 15:58:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
149 B
130 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.fox13now.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
7874d00455ccd7f48aa776ddde34ec8ad3ff795b9977268c284be2d796644f83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105
x-xss-protection
0
expires
Sun, 15 May 2022 15:59:49 GMT
ta-pagesocial-sdk.js
tru.am/scripts/
27 KB
11 KB
Script
General
Full URL
https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by
Host: tru.am
URL: https://tru.am/scripts/custom/scripps.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dbc3f1a033b6733e96a5af1bc89d6f8ab68a5d533dcad72d56bd019e3b5b6b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash
crc32c=189alg==, md5=Aq8QqpKO913oQSpg0Lh6TA==
date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1499464
x-guploader-uploadid
ADPycdsTCVGYbVxFEgH7EpCmP3cjnl8vBM7tUfBXP_-AlYYhp0JrkufFdeEIgsVjNrUpWBLmHxGUfRZOZRJD2JNRrrE
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 11 Nov 2020 17:32:38 GMT
server
cloudflare
etag
W/"02af10aa928ef75de8412a60d0b87a4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgvlY1c4FkIpi3ytCvelBaEn2c5oxqzGg%2BJuMvVtUpFGwlWqdgv62h44GSAGvfBEGL36yO0IcuAl8emcSJZnygrV6w1qj46NoOK1RTHccVM4cv%2BWCL3eZ%2FXUUF0K5bJ7Z0Livg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1605115958819708
content-type
text/javascript
cache-control
public, max-age=2678400
x-goog-stored-content-length
27827
cf-ray
70bd153e8b309bfa-FRA
expires
Thu, 28 Apr 2022 07:45:14 GMT
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
884 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3156
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 15 May 2022 16:07:13 GMT
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/162305/ Frame B1B4
0
47 KB
Other
General
Full URL
https://cds.connatix.com/p/162305/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
br
last-modified
Fri, 13 May 2022 12:35:20 GMT
age
184985
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
connatix.playspace.css
cds.connatix.com/p/162305/
99 KB
13 KB
Stylesheet
General
Full URL
https://cds.connatix.com/p/162305/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
874cc1315f35963fb2488576f0c83489e22edfe22f6ce355e7e87e65063bbf7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
br
last-modified
Fri, 13 May 2022 12:35:19 GMT
age
184986
etag
"132acf023a5a30ef72888d6e359a6663"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
13634
collect
stats.g.doubleclick.net/j/
4 B
444 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-27022641-1&cid=280048504.1652630390&jid=2139511408&gjid=347244252&_gid=1279557486.1652630390&_u=aGBAiEAjBAAAAE~&z=1942064945
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 15 May 2022 15:59:49 GMT
content-type
text/plain
access-control-allow-origin
https://www.fox13now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-29479748-9&cid=280048504.1652630390&jid=2002999826&gjid=972418951&_gid=1279557486.1652630390&_u=aGDAiEAjBAAAAE~&z=157030800
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 15 May 2022 15:59:49 GMT
content-type
text/plain
access-control-allow-origin
https://www.fox13now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
68 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-40066851-1&cid=280048504.1652630390&jid=1678256735&gjid=1663538868&_gid=1279557486.1652630390&_u=aGDAiEAjBAAAAE~&z=1916248809
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 15 May 2022 15:59:49 GMT
content-type
text/plain
access-control-allow-origin
https://www.fox13now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=84596148&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ul=en-us&de=UTF-8&dt=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEAjB~&jid=2139511408&gjid=347244252&cid=280048504.1652630390&tid=UA-27022641-1&_gid=1279557486.1652630390&gtm=2wg5b05QBX3CF&cd20=20211016&cd21=Jeff%20Tavss&cd22=&cd23=Local%20News&cd24=Homepage%20Showcase%2CLocal%20News%2CInstagram&cd25=false&cd26=&cd30=&cd31=true&z=768941851
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 00:49:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54628
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=84596148&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ul=en-us&de=UTF-8&dt=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjBAAAAE~&jid=2002999826&gjid=972418951&cid=280048504.1652630390&tid=UA-29479748-9&_gid=1279557486.1652630390&gtm=2wg5b05QBX3CF&cd20=20211016&cd21=Jeff%20Tavss&cd22=&cd23=Local%20News&cd24=Homepage%20Showcase%2CLocal%20News%2CInstagram&cd25=false&cd26=&cd30=&cd31=true&z=115717847
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 00:49:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54628
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=84596148&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ul=en-us&de=UTF-8&dt=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjBAAAAE~&jid=1678256735&gjid=1663538868&cid=280048504.1652630390&tid=UA-40066851-1&_gid=1279557486.1652630390&gtm=2wg5b05QBX3CF&cd20=20211016&cd21=Jeff%20Tavss&cd22=&cd23=Local%20News&cd24=Homepage%20Showcase%2CLocal%20News%2CInstagram&cd25=false&cd26=&cd30=&cd31=true&z=358391988
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 00:49:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54628
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
story
capi.connatix.com/core/ Frame B1B4
10 KB
6 KB
XHR
General
Full URL
https://capi.connatix.com/core/story?v=162305
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d75131cd61d14c4a14d83ca198bde1e64c81921f73f187ee4b705eb37962f29

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.fox13now.com
access-control-max-age
86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5681
bid
c.amazon-adsystem.com/e/dtb/
64 B
535 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&pid=k2PFgtAvOr3Az&cb=0&ws=1600x1200&v=7.75.0&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INVIEW%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22MAD_RIGHT_RAIL%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
EAGEKT3XYRWPV7ZAVQBQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
Sd1erJCnmznmbygY3CLNCpyH5HpY3Ju3wMAT1P5ftRFeHemOQ1SQeA==
arj
ewscripps-d.openx.net/w/1.0/
73 B
381 B
XHR
General
Full URL
https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8216ff09-aa58-4663-b57c-fc75c9f3ca55%2C8c1f4083-9651-43b5-95b9-2103c138a439&nocache=1652630389636&aus=728x90%7C300x600%2C300x250&divids=MAD_INVIEW%2CMAD_RIGHT_RAIL&aucs=%252F6088%252Fssp.kstu%252Finview-bottom%2C%252F6088%252Fssp.kstu%252Fnews%252Flocal_news%252Fdetail&auid=544041562%2C544041559
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
ed20c8dbf8897c2e6f737f7ec114a1c29fded0bf3d3012d226834f221060105a

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.fox13now.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/
298 B
484 B
XHR
General
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
3fa868c9b67a1f4d1c34c8a4cd80693914bd8bba4472652b9fd9437d11e6bf56

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:49 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.fox13now.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
298
expires
0
hb
ssc.33across.com/api/v1/
87 B
344 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=bpL-ZIByur67OuaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
fba79d7734dd17a3e66a9e6e0f34af78f8b93678f6bfd8dc0e18a6c3f15dc118

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/
87 B
171 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=bmBWNoByur67OuaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
fba79d7734dd17a3e66a9e6e0f34af78f8b93678f6bfd8dc0e18a6c3f15dc118

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
imp
g2.gumgum.com/hbid/
11 KB
5 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1652630389641&to=0&aun=MAD_INVIEW&gpid=%2F6088%2Fssp.kstu%2Finview-bottom&t=ryx2glbx&pi=3&maxw=728&maxh=90&si=113233&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.11.0%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=10240
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ffb3195dcec8363f39d7e9d4361c3c6e2ac4ab12139687bf2b03b82b21d8b655

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fox13now.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
3 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1652630389642&to=0&aun=MAD_RIGHT_RAIL&gpid=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&t=ryx2glbx&pi=3&maxw=300&maxh=600&si=113232&bf=300x600%2C300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.11.0%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=10240
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9b12b33650d28400688a87ab2ab4cb9d72f6b28b9fc13cd3ddb31d9b994d6fbe

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fox13now.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
ib.adnxs.com/ut/v3/
250 B
944 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3e9d886959d9c9062219fe80728e62cdaa35db9e4901d3a70eb755609e413cb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:49 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e18519bc-57de-4697-9972-c27d7879961b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.fox13now.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
294 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698600179795af3a05c97ef2b009d&pos=8a9695310179795afced5c9919250098&cmd=bid&secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
3e81ddeee38da2219c0cca90cf69088fe8be1dbf0c780feb1df01989881771c1

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
92 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698600179795af3a05c97ef2b009d&pos=8a9691c501797961dc1a6230492e002e&cmd=bid&secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
76f23c786a128ad44635f025a64bbb4d1fa38fc99fc0f8a5fbe5a09775094c86

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
content-length
62
v2
e.serverbid.com/api/
13 B
199 B
XHR
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
39
auction
tlx.3lift.com/header/
19 B
509 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.11.0&referrer=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tmax=2000
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.60.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-60-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:49 GMT
accept-ch
sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.fox13now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
436 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=1954138%3B1954136&size_id=2%3B15&alt_size_ids=%3B10&rf=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tg_i.aupname=%2F6088%2Fssp.kstu%26mad_inview%3B%2F6088%2Fssp.kstu%26mad_right_rail&tg_i.pbadslot=%2F6088%2Fssp.kstu%2Finview-bottom%3B%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&tk_flint=dmpbjs_v6.11.0&x_source.tid=8216ff09-aa58-4663-b57c-fc75c9f3ca55%3B8c1f4083-9651-43b5-95b9-2103c138a439&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.6493232443449735
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e83999b91ab2f18cf00561782d61ce635400f79dc71585417ececfbf5ec1c95d

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:49 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.fox13now.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
436
Expires
Wed, 17 Sep 1975 21:32:10 GMT
ga-audiences
www.google.com/ads/
42 B
502 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27022641-1&cid=280048504.1652630390&jid=2139511408&_u=aGBAiEAjBAAAAE~&z=219589589
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
502 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27022641-1&cid=280048504.1652630390&jid=2139511408&_u=aGBAiEAjBAAAAE~&z=219589589
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/
64 B
534 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&pid=k2PFgtAvOr3Az&cb=1&ws=1600x1200&v=7.75.0&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INLINE%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22MAD_HEADER%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22994x30%22%2C%2210x1%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
H4ER88MSX2M82FB0CQ25
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
eRFZz3i5DI6XwEixOApVN_3fFylSK2h16P9NM8bX4xUDRMKC6yMzfw==
imp
g2.gumgum.com/hbid/
3 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1652630389682&to=0&aun=MAD_INLINE&gpid=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&pubId=13797&pi=3&maxw=300&maxh=250&si=217149&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.11.0%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=10240
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f86369564f3dd622099f3fb1c399a1e73527ff30c23d32807680f1c4937e69ad

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fox13now.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
11 KB
5 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1652630389682&to=0&aun=MAD_HEADER&gpid=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&t=ryx2glbx&pi=3&maxw=970&maxh=250&si=113230&bf=970x250%2C728x90%2C970x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.11.0%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=10240
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3c147f44ad5be7a0ab5df52a3fcf74c6a56df0424413f9dbd9e64787e60a5585

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fox13now.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
v2
e.serverbid.com/api/
13 B
388 B
XHR
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
39
prebid
ib.adnxs.com/ut/v3/
144 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fac4db290bd4a244da8f987f3b01c1a4297a991129fb636fb287d4451de2e654
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:49 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
85a942f6-460a-42ed-90ac-f7db935bf791
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.fox13now.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
449 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=2090360%3B1954132&size_id=15%3B2&alt_size_ids=%3B55%2C57&rf=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tg_i.aupname=%2F6088%2Fssp.kstu%26mad_inline%3B%2F6088%2Fssp.kstu%26mad_header&tg_i.pbadslot=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&tk_flint=dmpbjs_v6.11.0&x_source.tid=fb95210b-3baa-44ba-9274-cd2eee0c61a3%3B5ea4b6a5-90fc-4d81-a0ea-d49c3a5ea33d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.9454134493861197
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
382a1c74c0b77632727bcbfa9021365bbb86eb7c5caa84ce6b85db72031ebef6

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:49 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.fox13now.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
449
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
ewscripps-d.openx.net/w/1.0/
72 B
148 B
XHR
General
Full URL
https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5ea4b6a5-90fc-4d81-a0ea-d49c3a5ea33d&nocache=1652630389685&aus=970x250%2C728x90%2C970x90&divids=MAD_HEADER&aucs=%252F6088%252Fssp.kstu%252Fnews%252Flocal_news%252Fdetail&auid=544041554
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
9713537847d72d9dd53f7f47490d5c96f43ad62618b2ba36fb8b69b22254c14f

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.fox13now.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/
300 B
487 B
XHR
General
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
90900178b1000786c1f87ecd2c55c5ef77f3abb9c5ad951d29f74672ab85e811

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:49 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.fox13now.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
300
expires
0
auction
tlx.3lift.com/header/
19 B
508 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.11.0&referrer=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tmax=2000
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.60.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-60-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:49 GMT
accept-ch
sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.fox13now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb
ssc.33across.com/api/v1/
87 B
171 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=bgZdFqByur67OuaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d38f7d1a964cad9b93298482dceb8af5ec95c74f313ee399537f8bfdac66edd3

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bidRequest
c2shb.ssp.yahoo.com/
62 B
92 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691c501797961dc1a628788a90038&pos=8a9691c501797961dc1a6291573e005c&cmd=bid&secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
8356971b46497613ae77fb651fba39c49255fb61b3ddee283cfd5bcea4b15fa2

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
content-length
62
blockedDomains_7.bin
lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/ Frame B1B4
104 B
339 B
XHR
General
Full URL
https://lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/blockedDomains_7.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7b491b7e75f58ce5c0d60bcdf9f0da01d082df493a739458ca0d733795877ebb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 14:04:38 GMT
age
957218
etag
"07bbfe91d7886a5178aa8cbc65cdd250"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
101
insights.bin
ins.connatix.com/df1f7fdf76884268b7ec61841c4afa1f/ Frame B1B4
144 B
354 B
XHR
General
Full URL
https://ins.connatix.com/df1f7fdf76884268b7ec61841c4afa1f/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1f9c5c64d175a8bc389afa09401c72262f33961d56241d00902c2a397eac4e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
last-modified
Sat, 30 Apr 2022 20:36:34 GMT
age
1279009
etag
"5d0f23b2700a2d2ff3e3f3fc4cba4e1f"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
116
sr
capi-tier-2-us-east-2.connatix.com/tr/ Frame B1B4
0
317 B
XHR
General
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/sr?v=162305
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.214.100 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-214-100.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sun, 15 May 2022 15:59:50 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
gpt.js
securepubads.g.doubleclick.net/tag/js/
81 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
b83737c56d4fa9a8b770ad7099dd0dd2365c707c21a725dcba0918be0f7ce3ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28344
x-xss-protection
0
server
sffe
etag
"1215 / 253 of 1000 / last-modified: 1652479668"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 15 May 2022 15:59:49 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B1B4
377 KB
127 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c92ee2460b4063f46ccd0ad0e0a68d212c6b756c4a0ef3a7fdf0afe0989781b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128852
x-xss-protection
0
expires
Sun, 15 May 2022 15:59:49 GMT
c22745b4-d67e-4e2c-8e2b-2ccafe5a32b5.bin
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ Frame B1B4
7 KB
1 KB
XHR
General
Full URL
https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/c22745b4-d67e-4e2c-8e2b-2ccafe5a32b5.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1530d5b99d4da69fa495df23ad8d94bafbc5fb2ff7d74ce2870d274f001de470

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
last-modified
Sun, 15 May 2022 14:31:49 GMT
age
5122
etag
"92e230721c07d313877271d7931c5ed6"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
1365
ao
capi-tier-2-us-east-2.connatix.com/tr/ Frame B1B4
0
317 B
XHR
General
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/ao?v=162305
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.214.100 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-214-100.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi-tier-2-us-east-2.connatix.com/rtb/ Frame B1B4
322 B
567 B
XHR
General
Full URL
https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=162305
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.214.100 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-214-100.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
26be7d94a59f0fb2668c7a36dd3dbdc6965cda87eed9bbb92b0c3ef2c883a7af

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sun, 15 May 2022 15:59:50 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
269
bid
c.amazon-adsystem.com/e/dtb/
23 B
493 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&pid=k2PFgtAvOr3Az&cb=2&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22id%22%3A%22Connatix_Instream_Video%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
RA18PYKGAM03X45XGY01
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
BUFxv0UwcXRr2Y0O3UE-DrlIFP9vFDcNuDYLCMgMDQupj0O0S8n7VA==
ps
capi-tier-2-us-east-2.connatix.com/tr/ Frame B1B4
0
317 B
XHR
General
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/ps?v=162305
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.214.100 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-214-100.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sun, 15 May 2022 15:59:50 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
251ebd3d-cdc7-4fa9-b073-73c6651e9219.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/
22 KB
21 KB
Image
General
Full URL
https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/251ebd3d-cdc7-4fa9-b073-73c6651e9219.jpg?crop=600:410,smart&width=600&height=410&format=jpeg&quality=60&fit=crop
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
917f608bb0b9f6f3c4040000d4943c68ec57d1ed3067ee14636b1084252fb495

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
br
age
5205
etag
"nXMZnYGXul3aMveNL2bFWWnc1alZrDlkdaQgaAYzpzw"
access-control-max-age
86400
fastly-io-info
ifsz=71820 idim=1280x720 ifmt=jpeg ofsz=22530 odim=600x410 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
21458
251ebd3d-cdc7-4fa9-b073-73c6651e9219.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/
18 KB
17 KB
Image
General
Full URL
https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/251ebd3d-cdc7-4fa9-b073-73c6651e9219.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4e346d7dc2c3dea74203d2456dbdfd86229dc00796de8a123461b382c955001

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
br
age
5205
etag
"fIYF5gZwMNRVZZQ18oxjKVF8HoZHqvAD8ssfI2GqT2Y"
access-control-max-age
86400
fastly-io-info
ifsz=71820 idim=1280x720 ifmt=jpeg ofsz=18351 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
17454
3f8354e2-01e5-4e2c-a37f-a317004eb86c.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/
20 KB
19 KB
Image
General
Full URL
https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/3f8354e2-01e5-4e2c-a37f-a317004eb86c.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
be582aa00fd052e82206382c4908181cf57cc419766b8c766b8ca9cb6731f20d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
br
age
5205
etag
"sdG60hnDPzNq1UfZ2MUJXVoyg1/jsqO/iQHuBRS803U"
access-control-max-age
86400
fastly-io-info
ifsz=55990 idim=1280x720 ifmt=jpeg ofsz=20605 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
19765
00954078-27cb-44ad-9769-00e1060a607c.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/
22 KB
21 KB
Image
General
Full URL
https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/00954078-27cb-44ad-9769-00e1060a607c.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
12cfe490da51dd8b7607fa9cecc5101cf56b5ca79a2302acebfc1f56084af689

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
br
age
5205
etag
"EJLFN7AgPxUctHCiRM/sYz072IOAGBbE2YVsAiqpJdM"
access-control-max-age
86400
fastly-io-info
ifsz=73047 idim=1280x720 ifmt=jpeg ofsz=22396 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
20999
c38fceee-f2d8-4633-b32c-6b7f2f063aa4.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/
33 KB
33 KB
Image
General
Full URL
https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/c38fceee-f2d8-4633-b32c-6b7f2f063aa4.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a49ae0a9df930e22204ab10f73eb78d06dddcd77917571c409a0170a7e810bfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
br
age
5204
etag
"6nWg2M+2hakBMg0zqTzS3Mnz9fy08+YW8dqfiZnJrSE"
access-control-max-age
86400
fastly-io-info
ifsz=92862 idim=1280x720 ifmt=jpeg ofsz=34124 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
33668
03768576-a7ff-446f-958f-d91e26c14358.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/
11 KB
10 KB
Image
General
Full URL
https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/03768576-a7ff-446f-958f-d91e26c14358.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b1546e4d6ceb0fae4140862ca3b5deaae2c19bd6a7cb8ee8c2ed3d55e113933d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
br
age
5204
etag
"b6au5J7avInB5r82CmjO3+CSzHnbxhMMpuKAKr/3clA"
access-control-max-age
86400
fastly-io-info
ifsz=72752 idim=1645x922 ifmt=jpeg ofsz=10808 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
10281
1c55b494-2c1c-4197-aea8-a5d7b2497df6_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/
214 KB
0
Media
General
Full URL
https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/1c55b494-2c1c-4197-aea8-a5d7b2497df6_360_h264.mp4
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.fox13now.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
last-modified
Sun, 15 May 2022 14:29:34 GMT
age
5204
etag
"da5294825641e1c48c5a0b9df2a2cc66"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1050474/1050475
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1050475
97194780-21a9-41f8-adbd-4c5d935a0959_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/
899 KB
0
Media
General
Full URL
https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/97194780-21a9-41f8-adbd-4c5d935a0959_360_h264.mp4
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.fox13now.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
last-modified
Sun, 15 May 2022 14:31:49 GMT
age
5204
etag
"29ebca9c5a482a55861501f400361726"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-920101/920102
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
920102
1c247876-472c-42e3-8fca-c0273f405b16_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/
336 KB
0
Media
General
Full URL
https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/1c247876-472c-42e3-8fca-c0273f405b16_360_h264.mp4
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.fox13now.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
last-modified
Sun, 15 May 2022 14:28:34 GMT
age
5204
etag
"192ba3db94e2bf0c448692820c423bba"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1135644/1135645
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1135645
8575ba56-1343-402a-8fb7-ff4f974a9bca_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/
120 KB
0
Media
General
Full URL
https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/8575ba56-1343-402a-8fb7-ff4f974a9bca_360_h264.mp4
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.fox13now.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
last-modified
Sun, 15 May 2022 14:28:48 GMT
age
5204
etag
"c2b074f0003883fd431ca5755ce418de"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1029637/1029638
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1029638
12fdcbed-fed4-4197-bc81-aa2271198f18_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/
818 KB
0
Media
General
Full URL
https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/12fdcbed-fed4-4197-bc81-aa2271198f18_360_h264.mp4
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.fox13now.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 15 May 2022 15:59:50 GMT
last-modified
Sun, 15 May 2022 14:29:50 GMT
age
5205
etag
"1bed6dc6bacba98ddff33b47322fc212"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1015054/1015055
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1015055
d3d3LmZveDEzbm93LmNvbQ==
tcheck.outbrainimg.com/tcheck/check/
15 B
462 B
XHR
General
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LmZveDEzbm93LmNvbQ==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.122.144.70 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-144-70.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 15:59:50 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=36844
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
3a703f509d9d2606b9fc73bc456cf91c
Content-Length
15
Expires
Mon, 16 May 2022 02:13:54 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/
43 B
341 B
Image
General
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:50 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Tue, 14 Jun 2022 15:59:50 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.fox13now.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 15:59:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.fox13now.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 15:59:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
86 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1908772069530867&correlator=3079534142928880&output=ldjh&gdfp_req=1&vrg=2022051001&ptt=17&impl=fifs&iu_parts=6088%2Cssp.kstu%2Cnews%2Clocal_news%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%2C970x250%7C728x90%7C970x90%7C994x30%7C10x1&ifi=1&adks=1130257580%2C1666007649&sfv=1-0-38&ecs=20220515&fsapi=false&prev_scp=categories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26temp%3D60-69%26amznbid%3D2%26amznp%3D2%7Ccategories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26temp%3D60-69%26amznbid%3D2%26amznp%3D2%26hb_format_gumgum%3Dbanner%26hb_size_gumgum%3D970x250%26hb_pb_gumgum%3D0.02%26hb_adid_gumgum%3D5061a50ca619a0e%26hb_bidder_gumgum%3Dgumgum%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.02%26hb_adid%3D5061a50ca619a0e%26hb_bidder%3Dgumgum&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1652630390015&lmt=1652630390&dlt=1652630389001&idt=605&biw=1600&bih=1200&adxs=325%2C-12245933&adys=2082%2C-12245933&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&frm=20&vis=1&scr_x=0&scr_y=0&psz=610x30%7C1500x0&msz=610x30%7C970x0&fws=4%2C132&ohw=1070%2C1600&ga_vid=280048504.1652630390&ga_sid=1652630390&ga_hid=84596148&ga_fc=true&btvi=1%7C-1&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
404e732b040dfeb17cf519e4c1b704426796e76e881e6ea9abdae2f7fd3f109b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13488
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.fox13now.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D329
6 KB
4 KB
Document
General
Full URL
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 15:59:50 GMT
expires
Mon, 15 May 2023 15:59:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
43 KB
18 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1908772069530867&correlator=257410721448007&output=ldjh&gdfp_req=1&vrg=2022051001&ptt=17&impl=fifs&iu_parts=6088%2Cssp.kstu%2Cinview-bottom%2Cnews%2Clocal_news%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2F5&prev_iu_szs=728x90%2C300x600%7C300x250&ifi=3&adks=173361388%2C3237403784&sfv=1-0-38&ecs=20220515&fsapi=false&prev_scp=categories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26temp%3D60-69%26amznbid%3D2%26amznp%3D2%26hb_format_gumgum%3Dbanner%26hb_size_gumgum%3D728x90%26hb_pb_gumgum%3D0.02%26hb_adid_gumgum%3D493a1c6a249d49a%26hb_bidder_gumgum%3Dgumgum%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D493a1c6a249d49a%26hb_bidder%3Dgumgum%7Ccategories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26temp%3D60-69%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1652630390065&lmt=1652630390&dlt=1652630389001&idt=605&biw=1600&bih=1200&adxs=-12245933%2C975&adys=-12245933%2C897&ucis=3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0%7C300x30&msz=1600x-1%7C300x30&fws=644%2C4&ohw=1600%2C1070&ga_vid=280048504.1652630390&ga_sid=1652630390&ga_hid=84596148&ga_fc=true&btvi=-1%7C0&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b287a98203b186279a39aa3837b97c33c27a1eb54109f5d675173a25bf1989f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18014
x-xss-protection
0
google-lineitem-id
-1,5808548132
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138366867669
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.fox13now.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.516.0_en.html
imasdk.googleapis.com/js/core/ Frame D150
634 KB
205 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
066fc3ce045361bba8240f583393178cdedced02f8d4bb917c2d3f0520032564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122625
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210041
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 14 May 2022 05:56:05 GMT
expires
Sun, 14 May 2023 05:56:05 GMT
last-modified
Tue, 10 May 2022 20:24:29 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame B1B4
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 15 May 2022 15:59:50 GMT
bridge3.516.0_en.html
imasdk.googleapis.com/js/core/ Frame FBCB
634 KB
205 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
066fc3ce045361bba8240f583393178cdedced02f8d4bb917c2d3f0520032564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122625
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210041
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 14 May 2022 05:56:05 GMT
expires
Sun, 14 May 2023 05:56:05 GMT
last-modified
Tue, 10 May 2022 20:24:29 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.516.0_en.html
imasdk.googleapis.com/js/core/ Frame A7D4
634 KB
205 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
066fc3ce045361bba8240f583393178cdedced02f8d4bb917c2d3f0520032564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122625
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210041
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 14 May 2022 05:56:05 GMT
expires
Sun, 14 May 2023 05:56:05 GMT
last-modified
Tue, 10 May 2022 20:24:29 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
placement_invocation
ob.cheqzone.com/
48 KB
18 KB
Script
General
Full URL
https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-44.dus51.r.cloudfront.net
Software
Caddy /
Resource Hash
55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:48:08 GMT
content-encoding
gzip
server
Caddy
age
702
etag
"bf83-flSXooGsmrmYNlxSK09toJAtNHc"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 2667cbb82aabb944a65b99430aa06d1a.cloudfront.net (CloudFront)
cache-control
max-age=43200
x-amz-cf-pop
DUS51-P2
content-length
18458
x-amz-cf-id
IQkOoVQ6LIJKRCvrMFuer6zm0nCERxwwbYUMVGIvaXF_DC0qJj7Y6w==
expires
Mon, 16 May 2022 03:48:08 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D203
37 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 15 May 2022 16:17:36 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CC6A
37 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 15 May 2022 16:17:36 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7DD2
37 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 15 May 2022 16:17:36 GMT
8575ba56-1343-402a-8fb7-ff4f974a9bca_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/
910 KB
0
Media
General
Full URL
https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/8575ba56-1343-402a-8fb7-ff4f974a9bca_360_h264.mp4
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.fox13now.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=98304-

Response headers

date
Sun, 15 May 2022 15:59:50 GMT
last-modified
Sun, 15 May 2022 14:28:48 GMT
age
5204
etag
"c2b074f0003883fd431ca5755ce418de"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 98304-1029637/1029638
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
931334
1c55b494-2c1c-4197-aea8-a5d7b2497df6_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/
834 KB
0
Media
General
Full URL
https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/1c55b494-2c1c-4197-aea8-a5d7b2497df6_360_h264.mp4
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.fox13now.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=196608-

Response headers

date
Sun, 15 May 2022 15:59:50 GMT
last-modified
Sun, 15 May 2022 14:29:34 GMT
age
5204
etag
"da5294825641e1c48c5a0b9df2a2cc66"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 196608-1050474/1050475
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
853867
show_pla
obs.cheqzone.com/
3 KB
2 KB
Script
General
Full URL
https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=64680669280206195150050542001251039292687121121011190018615123898652&nc=0&tsf=0&tsfmi=&pv=0&cb=1652630390471&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=1738489652&at=&bid=e30%3D&di=W1siZWYiLDM5OTFdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImdvb2dsZSBpbmMu%0D%0AIChnb29nbGUpXCIsXCJyXCI6XCJhbmdsZSAoZ29vZ2xlLCB2dWxrYW4gMS4yLjAgKHN3aWZ0c2hh%0D%0AZGVyIGRldmljZSAoc3ViemVybykgKDB4MDAwMGMwZGUpKSwgc3dpZnRzaGFkZXIgZHJpdmVyKVwi%0D%0ALFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJv%0D%0AbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixc%0D%0AImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6NyxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQg%0D%0Ad2ViZ2xcIixcInNlZlwiOjEwNTE2OTQwODksXCJzZWNcIjpcIlwifSJdLFstMSwiLSJdLFstMiwi%0D%0ANSxlWUc5WDEvWDF0WmxTMjJkNTF4OFlOWTlNeEpRRU1DZFVCSEpMODZMMjNBQ0dVaEJJd0lTU0VF%0D%0AQWNJSmZSZUFnUUlFRm9JbmRDeHdRWGpobzI3MTk2bU1qT3Yvcjg3MHV4cUZ4Il0sWy0zLCJbXCJp%0D%0AbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2llaGphaVwi%0D%0ALFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndc%0D%0AIjpbXCIwXCIsXCJjaHJvbWVcIixcImNvcmVcIixcIl9fY29yZS1qc19zaGFyZWRfX1wiLFwiZ2xv%0D%0AYmFsXCIsXCJTeXN0ZW1cIixcImFzYXBcIixcIk9ic2VydmFibGVcIixcInNldEltbWVkaWF0ZVwi%0D%0ALFwiY2xlYXJJbW1lZGlhdGVcIixcInJlZ2VuZXJhdG9yUnVudGltZVwiLFwiX2JhYmVsUG9seWZp%0D%0AbGxcIixcIlNjcmlwcHNBZExpYlwiLFwiZGF5c1NpbmNlUHVibGlzaGVkXCIsXCJkYXRlUHVibGlz%0D%0AaGVkXCIsXCJwdWJsaXNoZWRUaW1lXCIsXCJtb2RpZmllZFRpbWVcIixcImdldENvb2tpZVwiLFwi%0D%0AZ3RtT2JqXCIsXCJjYWxsTGV0dGVyc1wiLFwianNUYWdzXCIsXCJqc1B1Ymxpc2hEYXRlXCIsXCJq%0D%0Ac1VwZGF0ZURhdGVcIixcImpzSXNCcmVha2luZ1wiLFwianNJc0FsZXJ0XCIsXCJqc0F1dGhvcnNc%0D%0AIixcImpzSGFzVmlkZW9cIixcImpzU2VjdGlvblwiLFwianNQYWdlVHlwZVwiLFwianNEaXNhYmxl%0D%0AUHJlcm9sbEFkc1wiLFwianNEaXNhYmxlRGlzcGxheUFkc1wiLFwianNEaXNhYmxlSW5saW5lVmlk%0D%0AZW9BZHNcIixcImpzRm5hbWVcIixcImRhdGFMYXllclwiLFwieDAwXzB4MWY4NlwiLFwieDAwXzB4%0D%0AN2U4YVwiLFwiX1NjYW5uZXJcIixcIm9uUmVhZHlcIixcIk9uZVRydXN0U3R1YlwiLFwiT3B0YW5v%0D%0AbldyYXBwZXJcIixcImRkbHNcIixcImFkc09uUGFnZVwiLFwiSVNfQ01TXCIsXCJfZGlzYWJsZVwi%0D%0ALFwiQWREZWJ1Z2dlclwiLFwiU2NyaXBwc1V0aWxzXCIsXCJTdGlja3lSaWdodFJhaWxcIixcInNV%0D%0Ac2VySHViXCIsXCJBZFRhcmdldGluZ1BhcmFtc1wiLFwiRHluYW1pY1RhcmdldGluZ1BhcmFtc1wi%0D%0AXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCIt%0D%0AIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcIm9nOnRpdGxlXCIs%0D%0AXCJvZzpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjp0aXRs%0D%0AZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcImRlc2NyaXB0aW9uXCIsXCJwYXJzZWx5LXRpdGxlXCJd%0D%0AfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwie1wib1wiOjAuMDA0MDk4MzYwNjU1NzM3%0D%0ANzA1fSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwxXSJdLFst%0D%0AMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwx%0D%0AMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIjI4MDA0ODUwNC4xNjUy%0D%0ANjMwMzkwIl0sWy0yMSwiZVc2STZlZDMiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJd%0D%0ALFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjo0NzQwMDAwMCxcInVqaHNcIjoz%0D%0AOTYwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDEwLDAsXCI0Z1wiLG51bGxd%0D%0AIl0sWy0yOCwiZW4tVVMiXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIsMCwyLDAs%0D%0AMCwyLDIsMiwyLDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiMiJd%0D%0ALFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2NTI2MzAzOTA0NjQsMF0iXSxbLTM2LCJbXCI0%0D%0ALzNcIixcIjQvM1wiXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgsImksLTEsLTEsNTMxLDAs%0D%0AMSwwLDEyMSwyNywyMzksMjEwLDAsMTA5MS42LDEwOTEuNiwyMzczLDIzNzQiXSxbLTM5LCJbXCIy%0D%0AMDAzMDEwN1wiLDAsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGws%0D%0AdHJ1ZSw4LGZhbHNlLG51bGwsMF0iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3%0D%0ANjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0s%0D%0AWy00NSwiLSJdLFstNDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93bixlbi1VUyxsYXRuLGdyZWdvcnki%0D%0AXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWyJibmNoIiw0NF1d&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A325%2C%22y%22%3A3161%2C%22w%22%3A610%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=egPU49pZ0g&sdd=%7B%7D&pto=2382
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
ddd21d3dfac557595e1417e8fcaa529bd5dee3f175978f681e56acc3c1e1afe7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:50 GMT
content-encoding
gzip
cache-control
no-cache, no-store, must-revalidate
content-type
text/javascript
content-length
1579
expires
Fri, 01 Jan 1990 00:00:00 GMT
g
capi-tier-2-us-east-2.connatix.com/rtb/ Frame B1B4
0
317 B
XHR
General
Full URL
https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=162305
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.214.100 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-214-100.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sun, 15 May 2022 15:59:49 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
container.html
109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 494D
6 KB
3 KB
Document
General
Full URL
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 15:59:50 GMT
expires
Mon, 15 May 2023 15:59:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
event
prebid-a.rubiconproject.com/ Frame
0
0
Preflight
General
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.243.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-243-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.fox13now.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 15 May 2022 15:59:50 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 2F30
102 KB
25 KB
Script
General
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
894bd4636346f9710907258043cf9936f4fcb1cf7d36bde7c1100351aae5ba96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
bG0a1Iic1cNEQ0vVtF.bEEpn65ckOQQM
content-encoding
br
last-modified
Sat, 30 Apr 2022 14:34:00 GMT
server
AmazonS3
age
4298
etag
W/"4e703f7c81ff1913b8ac915fa4da2a5d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sun, 15 May 2022 14:51:33 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
KksqrmmQnRX4GMlGaDAKBuaMB0JA6VlckXJvI6TT46aaOmypW9Nsfw==
15486753121950169319
tpc.googlesyndication.com/simgad/ Frame 2F30
64 KB
64 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15486753121950169319
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d536966adfb264a5bf8db50aa3cdad7b8ee1abab313d1a6dfaa6bcdf7461a3d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 13:01:23 GMT
x-content-type-options
nosniff
age
183507
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65157
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 16:37:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 13 May 2023 13:01:23 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 2F30
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:58:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 15:58:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2F30
121 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 15 May 2022 15:59:50 GMT
l
www.google.com/ads/measurement/ Frame 2F30
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQBj4RZ3eFZUWsMs0lG4wGAwc5k0rQohHKdKQw30Kf5Jke-M4CE_IviauaE4N2zDmfT3lZdtAOfy4RMt2P2-Q-GN0PPVw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

event
prebid-a.rubiconproject.com/
61 B
236 B
XHR
General
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.243.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-243-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 15 May 2022 15:59:50 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012204292129000/ Frame D6E8
220 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
255102
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61295
x-xss-protection
0
server
sffe
date
Thu, 12 May 2022 17:08:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c00c4adb72e5cb7f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 12 May 2023 17:08:08 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame D6E8
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
403121
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5188
x-xss-protection
0
server
sffe
date
Wed, 11 May 2022 00:01:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"176361d496ccc411"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 May 2023 00:01:09 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame D6E8
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
403148
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28840
x-xss-protection
0
server
sffe
date
Wed, 11 May 2022 00:00:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4b15b3c971f95798"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 May 2023 00:00:42 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame D6E8
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
403121
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1906
x-xss-protection
0
server
sffe
date
Wed, 11 May 2022 00:01:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a2652581fdabc981"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 May 2023 00:01:09 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame D6E8
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
403129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12953
x-xss-protection
0
server
sffe
date
Wed, 11 May 2022 00:01:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8a2450dae6a66803"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 May 2023 00:01:01 GMT
truncated
/ Frame D6E8
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fc4c9567d3fe87fd40b4fcd6eb74404f7ecdbb343f3dc76c8b8732fba4cecb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012204292129000/ Frame B4E3
220 KB
60 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
255102
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61295
x-xss-protection
0
server
sffe
date
Thu, 12 May 2022 17:08:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c00c4adb72e5cb7f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 12 May 2023 17:08:08 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame B4E3
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
403121
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5188
x-xss-protection
0
server
sffe
date
Wed, 11 May 2022 00:01:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"176361d496ccc411"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 May 2023 00:01:09 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame B4E3
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
403148
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28840
x-xss-protection
0
server
sffe
date
Wed, 11 May 2022 00:00:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4b15b3c971f95798"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 May 2023 00:00:42 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame B4E3
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
403121
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1906
x-xss-protection
0
server
sffe
date
Wed, 11 May 2022 00:01:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a2652581fdabc981"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 May 2023 00:01:09 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame B4E3
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
403129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12953
x-xss-protection
0
server
sffe
date
Wed, 11 May 2022 00:01:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8a2450dae6a66803"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 May 2023 00:01:01 GMT
event
prebid-a.rubiconproject.com/ Frame
0
0
Preflight
General
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.243.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-243-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.fox13now.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 15 May 2022 15:59:50 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
11025864208755404204
tpc.googlesyndication.com/simgad/ Frame D6E8
53 KB
53 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/11025864208755404204?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlUPT5r_DNcQcaY4tFQpSDUcOpavQ
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3220c748282ef40c7b77f9572f8ae21bdeeec23fe01aec838cec5e6ac3db21ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 06:27:28 GMT
x-content-type-options
nosniff
age
552742
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54049
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 11:58:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 09 May 2023 06:27:28 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D6E8
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 14 May 2022 18:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
75602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 15 May 2022 18:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D6E8
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
36976
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 16 May 2022 05:43:34 GMT
l
www.google.com/ads/measurement/ Frame D6E8
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPoUCcp07O3DHo4sF9gUPK_pFXNsOIDaSMgfPPmweGboAStGjHVpl0LwYOL0DyHPZOlu4KaqpxvsoLcjKaEbsz78RREg
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame D6E8
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CbOLzdiOBYrmEBqSblQel-5ToAbWL_7RpsfWYjoQQ29keEAEg5pSFGGCVgoCAsAegAZyv-6gCyAEC4AIAqAMByAMIqgSmAk_Q78Ajgs3kF7TpTZICB7MT4hihsv3wstjzquJ7JTF2OEXQ8rephxmgKs00crU2DtZZIXQSd-lT2MhUzr_cWRaByQSoEMPk3GzxNuXf8e3J1jcFrWewFOnE0jp8waNue7q-_ELgfVZJx7H-NSe4S_rpYibfbseXfpb-KDVA9oXydGRBBUxzqZFtR0HdW7xAtvWGfTk4kO6ZfoqZO3QFTN8lsiOPypepCWM_EBFKITkUmjRtopzkeBJtfEjMQV8cbMesy8pBsuhjJyZVkfn_lT4g7qNd7Ia1KY8-vZaRj38_SCCApeod1sy6q0nJOkx2lWXzVcOETLPQZqxqMgQtWVm6WFK0xYKt1s3LoPDAlqPNZVZOoGhwD6Igw1Me5MjAnq4tP4PSNsAEoae5ue8D4AQBkgUECAQYAZIFBAgFGASgBgKAB8zQhNcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQjIg10ggJCIjhgBAQARgdgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTg0MTQ2MjcyODAwNTQ1OTMYrYsR&sigh=U1UJ_Glfc5Q&uach_m=[UACH]
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

18086092315239826260
tpc.googlesyndication.com/simgad/ Frame B4E3
105 KB
105 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/18086092315239826260?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmNWDhIs_Ny9Sy3ZWLq1AFX0tdLhA
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9687916c1e580471dbf4482ffc7372479b31d3318244e0efed29a0e01ec3f059
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 08:55:59 GMT
x-content-type-options
nosniff
age
371031
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107686
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 12:44:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 11 May 2023 08:55:59 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B4E3
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 14 May 2022 18:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
75602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 15 May 2022 18:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B4E3
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
36976
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 16 May 2022 05:43:34 GMT
l
www.google.com/ads/measurement/ Frame B4E3
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSOYeZ44bpjL9_wSUyr6DP1evhxnvzSsJkUJSoZhFUqs65NDGzbk-h4ovvVTiEWfOmzredPwdkITjeZfrSH7IAkhtEJag
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame B4E3
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdZQadiOBYrqEBqSblQel-5ToAbWL_7RpideYjoQQzNr2mP4OEAEg5pSFGGCVgoCAsAegAZyv-6gCyAEC4AIAqAMByAMIqgSmAk_Q-TgSB22exhkJMRdZB6sxvKW9cbFtHkwmdf4ZHIUKRiin8O_LHUhfvOMtT4NMIptGbOSiaIJ6_7OzUsVt4-GHHtKIEgIsk-L3xVqSINqom-8Sk_eS0uiy5E-aQ8aYuGnaoFW41GNqHVGB-mT1uiOZV3o8ivK0WwW0VxSrWI3R28qMktRgSzjjwzLoeTkt5A3KQZIuPYYBPvj1BYkfvr0K_H6qTj1BFHe0YUixNUbI-gU5Rsr0vyulm5q6J5OY-Q2lZeHNli6ZrjxLjPtkjtj5gkuh32VU_yQ6gjRHkg5KV54HqQwqhBK5SuB-WXSotivY_3AmsYMm4b2HjQOe1qi-Klzke7zs1CRLxrcmud_aaEnNxDFLKmwGS0qYZe14QvqbWyPKrMAE6aO5ue8D4AQBkgUECAQYAZIFBAgFGASgBgKAB8zQhNcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ-tI-0ggJCIjhgBAQARgdgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTg0MTQ2MjcyODAwNTQ1OTMYrYsR&sigh=nOoCBrLKWkw&uach_m=[UACH]
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

event
prebid-a.rubiconproject.com/
61 B
236 B
XHR
General
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.243.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-243-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 15 May 2022 15:59:50 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
truncated
/ Frame B4E3
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72d83e7e6c6cc22f5b65099641a1da64534246a14f4e8d6f1fed6a2b592439c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
12fdcbed-fed4-4197-bc81-aa2271198f18_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/
912 KB
0
Media
General
Full URL
https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/12fdcbed-fed4-4197-bc81-aa2271198f18_360_h264.mp4
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.fox13now.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=32768-

Response headers

date
Sun, 15 May 2022 15:59:50 GMT
last-modified
Sun, 15 May 2022 14:29:50 GMT
age
5206
etag
"1bed6dc6bacba98ddff33b47322fc212"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 32768-1015054/1015055
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
982287
dwce_cheq_events
log.outbrainimg.com/loggerServices/
4 B
325 B
XHR
General
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1652630390761&sessionId=2746df53-9101-2405-44cb-0abeb0554a15&url=www.fox13now.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:51 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
b9805cba635998515b3d8efc132dd87d
Content-Length
4
Expires
0
get
odb.outbrain.com/utils/
27 KB
7 KB
Script
General
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&idx=0&rand=3738&key=NANOWDGT01&widgetJSId=AR_11&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=2746df53-9101-2405-44cb-0abeb0554a15&fdu=www.fox13now.com&px=325&py=3733&vpd=2533&cw=610&activeTab=true&darkMode=false&settings=true&recs=true&version=2000725&sig=eW6I6ed3&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40418835c48e3f20e3124849f8958fa46cf7d6c28c93c18c51a01179a1971c92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:51 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1652630391.811917,VS0,VE322
accept-ranges
bytes
x-served-by
cache-lga21945-LGA, cache-hhn4023-HHN
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
8195eb78d38a79164abeca4c5737c8ef
content-encoding
gzip
content-length
6737
expires
Thu, 01 Jan 1970 00:00:00 GMT
6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame 2F30
0
586 B
Image
General
Full URL
https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=189641
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sy90b90i8OPszlrRkiGHtFejUrwgn7zCfn%2BDdqYa%2BpsQHTdph9QUZ1RLa7HMlTSNIWdzixJSdtLrT1N%2BGpThTrmJrM8eFO90sbYuvgK1Bc48dzihI5AjBNfcTv0cRUEM2oNLdvoPNaHhEkobz1AQZsLdgw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70bd15468db09073-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Fu9SlaCvZgBFuTUB1pUx
view
securepubads.g.doubleclick.net/pcs/ Frame 2F30
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssio65KdBGuhH6lTLkBvcP14dJzWULbQd0QwC5G2VgfoxtRyHn8SVzXK_JrmcBKpZhD2tAN5e4DSgbqtWuPquRYp12cTtnjmsZyw6dieMMITOGRZaVqJehfLNP0LAWo_jK_0A7nhy0PSL32hNU1_6y1frRC9BymIUkl1aGNZVkZhEPSbBUKFmAwREfhkAZVL8QfNKP86QXZLtjkzZtG67jstHTg4IF_Usn5R3Z6DIYoXDUF8Ef_x9o7lQN4iHCQnXArXqMMFJw7YOLubfFdFKrYyICblYMLE1QCSnyyR10_XyN9s7x8WiMjKj720DQjkyKNqn-jYVyngw&sai=AMfl-YTVA3WPjN4y6KTkYt8mhX3_7gFQNv6p2H4eEt_ILp0ZPsBKYWKbcYamP-bpCLmkNV3-F4V30PXnus12oTe4YnRHINEbyd0VjHoTn1NaETWQocDNApZ2meQPCrWrVbO2&sig=Cg0ArKJSzAwnZWYS6tPpEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 15:59:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
887dab1e-e26e-4caa-a23a-a5606220cba5
https://www.fox13now.com/ Frame 2F30
785 B
0
Other
General
Full URL
blob:https://www.fox13now.com/887dab1e-e26e-4caa-a23a-a5606220cba5
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 494D
102 KB
25 KB
Script
General
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: 109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
URL: https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
894bd4636346f9710907258043cf9936f4fcb1cf7d36bde7c1100351aae5ba96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
bG0a1Iic1cNEQ0vVtF.bEEpn65ckOQQM
content-encoding
br
last-modified
Sat, 30 Apr 2022 14:34:00 GMT
server
AmazonS3
age
4298
etag
W/"4e703f7c81ff1913b8ac915fa4da2a5d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sun, 15 May 2022 14:51:33 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
FYnA2FfpKdrsfw5xISqlnSdmTX7QnMfeitB96ZO2ryXY0CPEKk0BzQ==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 494D
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AXUAbeHfzQa2N0oKpqAADBJXYfIMaMudwrPf10ZEiObJVRrKaSaCh9qQlGa8ZxPmV_dHCxh7PJ_JlpLpN3FznTOWdptvjKPto1_FCr57Q_YoEZqT0
Requested by
Host: 109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
URL: https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 494D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: 109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
URL: https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:58:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 15:58:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 494D
121 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
URL: https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 15 May 2022 15:59:50 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 494D
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
URL: https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:58:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 15:58:41 GMT
l
www.google.com/ads/measurement/ Frame 494D
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR855-2tj-wWk8WQ1T9bWRBW74-uWba1HGPiFPi0A4nYpRVMT3EbfNlG_X7pK0VV_jo90epDVKbkOTTNSf_pSjuPt20Qw
Requested by
Host: 109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
URL: https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

view
securepubads.g.doubleclick.net/pcs/ Frame 2F30
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwWyNhr7RLg0m_c_Uc6S-jRupWz9B_f7bvLCkx4DtJbiurZkqdPBEx8c_Djn77kibeJlI9QBQFD9uwvC9jSgyftXEhgbN-Hf-wipPeEExjxtuM09FW9fCX5BvzwmSU1uZgGHxhIhNxUfcJbfgCT9BS5s8-YSE5t6DwbHs9U5Zy3M4P4ocoUNQWrBV6S3dqJqHieXIGV7z4HjUe5xmRpsYw82PCEcmUSklZAZatMaxpHy1jxoNcuf6r08JS2x9xE-qo-m-C6MzFPpXsy068FuC29GbNt2sFroBcmlhqEiLPdZGlnG6N9xwxudE9sx9btze-zhxpJS6lt7aB&sai=AMfl-YTun9aZQYJJ_EuFwcQXZVxSMxuwvEZQhtt4l89quH15TimCT4Lt6bZGZehXoQR3zJ9p09OohLOl7LfO9MRalxibBkkMep6vQ9FvlLXimJpEJqE_ubhVcIGsErctBkV3&sig=Cg0ArKJSzK3X78f1FV16EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 15:59:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 15 May 2022 15:59:50 GMT
truncated
/ Frame 2F30
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04067d3025765c8caa03901e83bd3e5a854d583482aa91cc869101a8b01dfe63

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame D6E8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

date
Sun, 15 May 2022 15:59:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame B4E3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

date
Sun, 15 May 2022 15:59:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame 494D
0
552 B
Image
General
Full URL
https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=976812
Requested by
Host: 109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
URL: https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuhIX24NddWkr8k1Xg%2FmR1ZtiGl9vvFX7O1FrGjLpEg4AsPLHaRRaYHEEkTzAuOMXEvbu6%2Bq58BZ8tvbxF%2FrLvyuZQdc%2Fzaokg0yedrNfPmoO2WeRAVUzUkuQNcSXFkpQIMBiO2w7c3HGj2tuczZNPjrmw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70bd15475fa09073-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Fu9Slaj5YO4IF4gAsphi
faa13e04-9215-4d98-b43a-0f7fd1a893b4
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/ Frame 494D
785 B
0
Other
General
Full URL
blob:https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/faa13e04-9215-4d98-b43a-0f7fd1a893b4
Requested by
Host: 109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
URL: https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2EFD
624 B
733 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNQDENrt-aUDGPGagcgBMAE&v=APEucNV4VZzUBHOYxF6JUfVZEtVqZDZ6TzJKmZsdxwdKdqgR2Q8QQ8QRjd6DkPZZLkcSfQz-AeaBYRDXiwjcwXImEF7au4r9mdwd2olJZ6Fk2XTBiEvKaRI1oRRG2KB-7fFHeT55TqB0yVCDsQyw9k9Ouf7GvOX7k76VNlqFIFzI8pbQVjxlJtY
Requested by
Host: 109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
URL: https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 15:59:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 494D
78 KB
32 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Azg7UfmC3pvPySO-Jeb5pRPfHRFfmhlGK3ebF9nCECeYAspSWcg_zUBCfCTEo2cRsbhjKruPl_7qApauf0QUhVvOONal3nACB64k71MJUAOHK5clfPFechb9sBhcDGF6B1FFjscX6VRJO_qtAyxfUXtDvlrQ&dbm_d=AKAmf-BF6GuTmc3R0qt4gRUhXXx61D5FZwcie-1Vz1jSxD-2zGDQTBDQjD56R3zgKnhoW__lEBHBi9s1ofUULpShwC-zVdxmtYTpvaMzDOGuaHE_8zoXp93Wcq3MzmYkDEU-DsskB9Sbfo1dg2aTtTGR-QsvnSm5EgUebbLZ_RugBmzXbT-ICLyozsJyjR5cgX47GETLpFRILs76ldwzTa3ZabOiM5sRvb5MXRjKqcKY8jtG6UxNP6U5KZ6p26fr_ypKtyb8i1jcW739rQ7yjns-7Tuzrk2mGoT56rA5QYh186hwxfN89I-XhGMpfkc8eaAgcaLE0AI6LT8LlSgymiEuS8_x9RR8tbXx-8mGxmyv0-gNlweukc1ZlWJfx7BYhV54KjyE6TJN3kdEu75R8F1ciRNh_0slLg6D7Q0bTxX_bsi9PfPu8hVd_4bx-06gQsn89VKzmRpmfWfCghCbbgsVakQv0CzXSCrpsAd3DnPcDKEBHnL3IhQtOkTH0OXqJ51mGRFdPnzmPG2NMrvSLyfPLYqq1jpwivn_y0u2QfGfOQqGBr9XXZ0PejV618t6jnQRnh9eEGLk6wd97CY5QNbhR7xxUZNstZuQMMozUXylYMvG-CYzEra0VgnqjxyWGXcGTGAvPg3NK8882zTPGCTbQsb3NKXIlJrJib-U7KEth3IH2Z8thkAshU44NOJs53D6DGzfg6LFbmpfxHqYZwEGHP03k0VU6LcErGGvan83MVPanJO9WjR-53VJO_9Ow1ZPo9sxZ-LUl7d3l7KgC-u61CPfQRlWZ7PBV5xdReYn_WtFhPi7_07-YOKMTWa2wa4yd5ZtlOQrFptjnNDd6QusLvJHVa5Y69KA58YNgSdnx4WG8V0jLuivxwg2sDWFhdAm0bAhjSI7FjbWr-pn5FKiJ1gDphjeygY7v8RzRAUm7gq3uUfw1asHhDqhi0t-CWf8mOX-GYnXRvh509gWTRGShRDNN7DQopQIGDa0vDHVjgAXgWFjXpg4H7W-F_DFS8wl7VGlHkLMed_Cnk35RWZ5O4knd0UnRUm2le6ppWGDytCLXbGrhbtpDLz7JXkpQ3PKJ-Y4UW4HIxmoXbqcezu32IcQTvYZBrwZww46Ik8-iNnPPrIpUjyzVQzPuHvrnqihvNoGK8QdYx78B4e0kib4rlvnQ19VrNQG--XP_Xa4FS8RK9w-kXXwPrurN23mVTuArnBuYMADyp_7BbI7JQKhR1VZ9NjVn6YsegOVRJCnC-hmJPnlKJ-UYaaPuyN3VbiqPO0S23M6sciZceZOGc1elORSlQn-QsuSDtAIjXueshuiffjVDJlA4soWV7a7TK9gYNfplWWzJqPzuHhUtSRVOg8KWc_x_ZdxYEzgV0EsuLeK4TI8tW4fl81LalGqfRNUk9-bgDtBjMa_a6pY9BAkJxu1SomRAg-_8QvlSo-I3gEYiQuG3Pc8mgzXyNu_9fqn2R41gDNUfFQh-Eh3meZQaZVkBGCPAUjZYhkyPYStwRi19oNaQYc_ld25kbK-RS_z5v58HySnep0g1MH3MFbFzfHZ6fewU69QJ9P5sn65j3Vj5AyXqsD0OjcFvnvX9eR-ooPrUfDwRvqF-eXhC-cDlgx2B9-blDCHjStrihsHoUBnokDhW2UgSwF2lwMn_GW-mLqdgJ1xAGiL-Zwo2wjD0YT2AyoOBpiXO_36goKQGcUwSzE8-sIYq_f-XAwX8IHaMivGGASnc6GuNuaEYQucBpSkLsyVPfBshHcb7nI78U_fijJ2BCak-XxY6foFN1tUEZV0CGY9xCo6W8GM5-IGfwJUv52jXJEHEVPzKbh0da7aHfYWXzzwMjR2aOo6om17xFpRbgS5DzkBbQrac5s9PwGp4DTk2JjrFvtxD5GSFIDFrn8k4XV97ZATiZ5U2sIjuUtpWOYSfPBgKUwWjefBUyYJkG5kNt53l8AV_29G_Mx21IysTNtHTDIozEfB5L-kj9KtAxmHMuA6w5iM0yignIHnjh1GBDy0k-tMPlTIYJJ1lkXQE6WQGyRPd9s7MkcoLm0xloc-bknyd0WlxRMI5NRLoRbCr36dcsJI500Heb5QQa9bFyBdiyTMzwPw5sZYYhjF46pIC2N-HE3WDL9gyWb_R8O523fzRO2CGuGOnbGv70Qm-gkxWWTwC-3k4jhJwBxPP5-P0g8kiryn780LWbAKm-HVSRSLV-CRUuSPP3wjtCpPZ9WW6dTrO1RChQRXDmPjzAXcbNQiXG47LoX4BnchmXecz_7fAZ4zdrlJnE5pHG-lsSKkUNSSIzRzeb0jpvxVgSH09ep1bTXDkX0wTZrG1t4PCQKnohhVmvjrNpOZaFbJaoRkFtI0JpTgXVmtYaRhZDt4KEtomQde3dWD2FztcaPm-6HI2yvXBeixqc0vtMd_yXGwuzM8Y7pHvGrN7JFIu2r-0T4KAJbiPpeygpf7mPg0WgmnbkHPR0U7fenlKAqnz_ahoku1KoIQAJOOsEDWk2TRlWzpFrl58VHuGld5L42uAZQO82TR8txEP_JVmRE0Ma94BpupidvXgILNTmPCyb6SaLUoocWxa9RHFLJwlNjupZSOuARFHqUFbemrGaW9On8LFGzjdUyPKEscySSJafHHxLRKUMaukStJcKaL1w-0q3TV7v-YgcLxde-Mym0MiUPbmc4aItvSVVF9-GBQxEo9G2BBwx-0hSu5hc9D67LJZQChFlxC4nRB_4wy5yERmSp5rfPsrALHtZjmsItF3kHCXx84YzRm802KD4k78QILznqrKnBbKWamiuxeBy3BelMIsfiTHstEAlAoT33ULFt2OKGPhLFq_dnfSeb1jSNSfG81N-ki4RIUOkbUzVVz3sftuqUpNfA4FDrggli7TpSkQ8lvevpxk_OTPPzRb0jOGMhMHaqAx8oKSzJWYRvCKt_C7uHhTFcqliq703xrY6yJQPBVKYTHNYTgQv4GXsK48AA-4BkHHne0tfVsXUGilsPZ5y8xwzg2M8ZENyU2DlW3AUgDvgrjsCPf5FywzFrj-QxMMHeyX17IG2ZyRpC83-qgtLBXMxugPPH5-MzJMSLwDAyMELd27LjDSrUT1cfer6PJeLLnGfm2jo47kETg12b0jK3T300FkO0GKQc2R_Ya821ALrSHKyzyd62WfXuLFtx-WklEe733j1AKe2awKgk&cid=CAASKORoeBHsQ6KdwTsMXe2_ltfiqVuGLIb9IHM1RTvJs5LLtJotGIfS6Jw&rfl=1%2Chttps%253A%252F%252Fwww.fox13now.com%252F%240
Requested by
Host: 109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
URL: https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f0bb40de4e93b11b647d7aaea090323fa01f38ca39c1ccabf15c2b8b077b2a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32849
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/
4 B
325 B
XHR
General
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1652630390968&sessionId=2746df53-9101-2405-44cb-0abeb0554a15&url=www.fox13now.com&cheqSource=1&cheqEvent=2&responseTime=823
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:51 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
cef49b2cbd756482cc459aa472ed5772
Content-Length
4
Expires
0
imp.gif
obs.cheqzone.com/tracker/
43 B
102 B
Image
General
Full URL
https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136fecc136ea44839d9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714693d05735f578fce1d7b1474fbd498fbd38e820db6197578d002aff7f56f01e45577ecb5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1908f77f6ba195157ae8dceb17de50ae04eb9b1dc148d5cc79d62427d4cc66ca6f82d0baa189bcb01f23f029b2eaf97d523dbfd56294bc4bb5171750d25c0883d782888fbc9227c32c90c6f5ae53df5f5b1aa35e6490c3c11d7382be24f105e3c618c424a92a451e03976dee59dc9cf92de3d538915ca9cfcbcb69ce010478e84b585773532d96a06ea109d5c18869a99970ecdd22d783eaf03283b7f24e2b7e83e7504fd6bb0a5112f3a3f522f562c4f718b0fd79eb3af52cc414855dcaa13cda4571f9f6cb2522783552764f0405b6f3d839c008b6595c017ca9f710818a120fe2aa9de6ae66a9eef8ff86f1b3f2494920f8428eaa5a6f805f781dd762416c6af67fb36b1ac4efdd7e8966d73996ad2ccfd5118b281d2b3276090180d2b6c9367a49885d1487d9dda7a2890647d8e5ff0ec98a2d3f818c452e63bdd39c033da564c54d951aae&cb=1652630390968&cri=egPU49pZ0g
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:51 GMT
cache-control
no-cache, no-store, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 2EFD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELAjqs8Zv129o0-R-p9gu3o&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELAjqs8Zv129o0-R-p9gu3o&google_cver=1&C=1
43 B
1014 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELAjqs8Zv129o0-R-p9gu3o&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNQDENrt-aUDGPGagcgBMAE&v=APEucNV4VZzUBHOYxF6JUfVZEtVqZDZ6TzJKmZsdxwdKdqgR2Q8QQ8QRjd6DkPZZLkcSfQz-AeaBYRDXiwjcwXImEF7au4r9mdwd2olJZ6Fk2XTBiEvKaRI1oRRG2KB-7fFHeT55TqB0yVCDsQyw9k9Ouf7GvOX7k76VNlqFIFzI8pbQVjxlJtY
Protocol
HTTP/1.1
Server
92.122.147.230 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-147-230.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 15 May 2022 15:59:51 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELAjqs8Zv129o0-R-p9gu3o&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Sun, 15 May 2022 15:59:51 GMT
rum
dsum-sec.casalemedia.com/ Frame 2EFD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoEjd6vzh6RVKy4.UUyYUgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELAjqs8Zv129o0-R-p9gu3o&google_cver=1&google_hm=2
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELAjqs8Zv129o0-R-p9gu3o&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNQDENrt-aUDGPGagcgBMAE&v=APEucNV4VZzUBHOYxF6JUfVZEtVqZDZ6TzJKmZsdxwdKdqgR2Q8QQ8QRjd6DkPZZLkcSfQz-AeaBYRDXiwjcwXImEF7au4r9mdwd2olJZ6Fk2XTBiEvKaRI1oRRG2KB-7fFHeT55TqB0yVCDsQyw9k9Ouf7GvOX7k76VNlqFIFzI8pbQVjxlJtY
Protocol
HTTP/1.1
Server
92.122.147.230 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-147-230.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 15 May 2022 15:59:51 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELAjqs8Zv129o0-R-p9gu3o&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2EFD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELLqx0qBathfzMIeaNV7rJk&google_cver=1
43 B
1018 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELLqx0qBathfzMIeaNV7rJk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNQDENrt-aUDGPGagcgBMAE&v=APEucNV4VZzUBHOYxF6JUfVZEtVqZDZ6TzJKmZsdxwdKdqgR2Q8QQ8QRjd6DkPZZLkcSfQz-AeaBYRDXiwjcwXImEF7au4r9mdwd2olJZ6Fk2XTBiEvKaRI1oRRG2KB-7fFHeT55TqB0yVCDsQyw9k9Ouf7GvOX7k76VNlqFIFzI8pbQVjxlJtY
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:51 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b021e097-2352-40a1-b70f-68a027fb7b26
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELLqx0qBathfzMIeaNV7rJk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2EFD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI2NzUzMzE3MDkyMTYwNjU3Nw%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI2NzUzMzE3MDkyMTYwNjU3Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNQDENrt-aUDGPGagcgBMAE&v=APEucNV4VZzUBHOYxF6JUfVZEtVqZDZ6TzJKmZsdxwdKdqgR2Q8QQ8QRjd6DkPZZLkcSfQz-AeaBYRDXiwjcwXImEF7au4r9mdwd2olJZ6Fk2XTBiEvKaRI1oRRG2KB-7fFHeT55TqB0yVCDsQyw9k9Ouf7GvOX7k76VNlqFIFzI8pbQVjxlJtY
Protocol
H2
Server
142.251.36.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:51 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
291b8ea5-4c26-483b-8f5b-3a99227920bb
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI2NzUzMzE3MDkyMTYwNjU3Nw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 494D
170 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/
Origin
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 12:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11354
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 May 2022 12:50:37 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame 494D
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Azg7UfmC3pvPySO-Jeb5pRPfHRFfmhlGK3ebF9nCECeYAspSWcg_zUBCfCTEo2cRsbhjKruPl_7qApauf0QUhVvOONal3nACB64k71MJUAOHK5clfPFechb9sBhcDGF6B1FFjscX6VRJO_qtAyxfUXtDvlrQ&dbm_d=AKAmf-BF6GuTmc3R0qt4gRUhXXx61D5FZwcie-1Vz1jSxD-2zGDQTBDQjD56R3zgKnhoW__lEBHBi9s1ofUULpShwC-zVdxmtYTpvaMzDOGuaHE_8zoXp93Wcq3MzmYkDEU-DsskB9Sbfo1dg2aTtTGR-QsvnSm5EgUebbLZ_RugBmzXbT-ICLyozsJyjR5cgX47GETLpFRILs76ldwzTa3ZabOiM5sRvb5MXRjKqcKY8jtG6UxNP6U5KZ6p26fr_ypKtyb8i1jcW739rQ7yjns-7Tuzrk2mGoT56rA5QYh186hwxfN89I-XhGMpfkc8eaAgcaLE0AI6LT8LlSgymiEuS8_x9RR8tbXx-8mGxmyv0-gNlweukc1ZlWJfx7BYhV54KjyE6TJN3kdEu75R8F1ciRNh_0slLg6D7Q0bTxX_bsi9PfPu8hVd_4bx-06gQsn89VKzmRpmfWfCghCbbgsVakQv0CzXSCrpsAd3DnPcDKEBHnL3IhQtOkTH0OXqJ51mGRFdPnzmPG2NMrvSLyfPLYqq1jpwivn_y0u2QfGfOQqGBr9XXZ0PejV618t6jnQRnh9eEGLk6wd97CY5QNbhR7xxUZNstZuQMMozUXylYMvG-CYzEra0VgnqjxyWGXcGTGAvPg3NK8882zTPGCTbQsb3NKXIlJrJib-U7KEth3IH2Z8thkAshU44NOJs53D6DGzfg6LFbmpfxHqYZwEGHP03k0VU6LcErGGvan83MVPanJO9WjR-53VJO_9Ow1ZPo9sxZ-LUl7d3l7KgC-u61CPfQRlWZ7PBV5xdReYn_WtFhPi7_07-YOKMTWa2wa4yd5ZtlOQrFptjnNDd6QusLvJHVa5Y69KA58YNgSdnx4WG8V0jLuivxwg2sDWFhdAm0bAhjSI7FjbWr-pn5FKiJ1gDphjeygY7v8RzRAUm7gq3uUfw1asHhDqhi0t-CWf8mOX-GYnXRvh509gWTRGShRDNN7DQopQIGDa0vDHVjgAXgWFjXpg4H7W-F_DFS8wl7VGlHkLMed_Cnk35RWZ5O4knd0UnRUm2le6ppWGDytCLXbGrhbtpDLz7JXkpQ3PKJ-Y4UW4HIxmoXbqcezu32IcQTvYZBrwZww46Ik8-iNnPPrIpUjyzVQzPuHvrnqihvNoGK8QdYx78B4e0kib4rlvnQ19VrNQG--XP_Xa4FS8RK9w-kXXwPrurN23mVTuArnBuYMADyp_7BbI7JQKhR1VZ9NjVn6YsegOVRJCnC-hmJPnlKJ-UYaaPuyN3VbiqPO0S23M6sciZceZOGc1elORSlQn-QsuSDtAIjXueshuiffjVDJlA4soWV7a7TK9gYNfplWWzJqPzuHhUtSRVOg8KWc_x_ZdxYEzgV0EsuLeK4TI8tW4fl81LalGqfRNUk9-bgDtBjMa_a6pY9BAkJxu1SomRAg-_8QvlSo-I3gEYiQuG3Pc8mgzXyNu_9fqn2R41gDNUfFQh-Eh3meZQaZVkBGCPAUjZYhkyPYStwRi19oNaQYc_ld25kbK-RS_z5v58HySnep0g1MH3MFbFzfHZ6fewU69QJ9P5sn65j3Vj5AyXqsD0OjcFvnvX9eR-ooPrUfDwRvqF-eXhC-cDlgx2B9-blDCHjStrihsHoUBnokDhW2UgSwF2lwMn_GW-mLqdgJ1xAGiL-Zwo2wjD0YT2AyoOBpiXO_36goKQGcUwSzE8-sIYq_f-XAwX8IHaMivGGASnc6GuNuaEYQucBpSkLsyVPfBshHcb7nI78U_fijJ2BCak-XxY6foFN1tUEZV0CGY9xCo6W8GM5-IGfwJUv52jXJEHEVPzKbh0da7aHfYWXzzwMjR2aOo6om17xFpRbgS5DzkBbQrac5s9PwGp4DTk2JjrFvtxD5GSFIDFrn8k4XV97ZATiZ5U2sIjuUtpWOYSfPBgKUwWjefBUyYJkG5kNt53l8AV_29G_Mx21IysTNtHTDIozEfB5L-kj9KtAxmHMuA6w5iM0yignIHnjh1GBDy0k-tMPlTIYJJ1lkXQE6WQGyRPd9s7MkcoLm0xloc-bknyd0WlxRMI5NRLoRbCr36dcsJI500Heb5QQa9bFyBdiyTMzwPw5sZYYhjF46pIC2N-HE3WDL9gyWb_R8O523fzRO2CGuGOnbGv70Qm-gkxWWTwC-3k4jhJwBxPP5-P0g8kiryn780LWbAKm-HVSRSLV-CRUuSPP3wjtCpPZ9WW6dTrO1RChQRXDmPjzAXcbNQiXG47LoX4BnchmXecz_7fAZ4zdrlJnE5pHG-lsSKkUNSSIzRzeb0jpvxVgSH09ep1bTXDkX0wTZrG1t4PCQKnohhVmvjrNpOZaFbJaoRkFtI0JpTgXVmtYaRhZDt4KEtomQde3dWD2FztcaPm-6HI2yvXBeixqc0vtMd_yXGwuzM8Y7pHvGrN7JFIu2r-0T4KAJbiPpeygpf7mPg0WgmnbkHPR0U7fenlKAqnz_ahoku1KoIQAJOOsEDWk2TRlWzpFrl58VHuGld5L42uAZQO82TR8txEP_JVmRE0Ma94BpupidvXgILNTmPCyb6SaLUoocWxa9RHFLJwlNjupZSOuARFHqUFbemrGaW9On8LFGzjdUyPKEscySSJafHHxLRKUMaukStJcKaL1w-0q3TV7v-YgcLxde-Mym0MiUPbmc4aItvSVVF9-GBQxEo9G2BBwx-0hSu5hc9D67LJZQChFlxC4nRB_4wy5yERmSp5rfPsrALHtZjmsItF3kHCXx84YzRm802KD4k78QILznqrKnBbKWamiuxeBy3BelMIsfiTHstEAlAoT33ULFt2OKGPhLFq_dnfSeb1jSNSfG81N-ki4RIUOkbUzVVz3sftuqUpNfA4FDrggli7TpSkQ8lvevpxk_OTPPzRb0jOGMhMHaqAx8oKSzJWYRvCKt_C7uHhTFcqliq703xrY6yJQPBVKYTHNYTgQv4GXsK48AA-4BkHHne0tfVsXUGilsPZ5y8xwzg2M8ZENyU2DlW3AUgDvgrjsCPf5FywzFrj-QxMMHeyX17IG2ZyRpC83-qgtLBXMxugPPH5-MzJMSLwDAyMELd27LjDSrUT1cfer6PJeLLnGfm2jo47kETg12b0jK3T300FkO0GKQc2R_Ya821ALrSHKyzyd62WfXuLFtx-WklEe733j1AKe2awKgk&cid=CAASKORoeBHsQ6KdwTsMXe2_ltfiqVuGLIb9IHM1RTvJs5LLtJotGIfS6Jw&rfl=1%2Chttps%253A%252F%252Fwww.fox13now.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:56:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
214
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 15:56:17 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 494D
25 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Azg7UfmC3pvPySO-Jeb5pRPfHRFfmhlGK3ebF9nCECeYAspSWcg_zUBCfCTEo2cRsbhjKruPl_7qApauf0QUhVvOONal3nACB64k71MJUAOHK5clfPFechb9sBhcDGF6B1FFjscX6VRJO_qtAyxfUXtDvlrQ&dbm_d=AKAmf-BF6GuTmc3R0qt4gRUhXXx61D5FZwcie-1Vz1jSxD-2zGDQTBDQjD56R3zgKnhoW__lEBHBi9s1ofUULpShwC-zVdxmtYTpvaMzDOGuaHE_8zoXp93Wcq3MzmYkDEU-DsskB9Sbfo1dg2aTtTGR-QsvnSm5EgUebbLZ_RugBmzXbT-ICLyozsJyjR5cgX47GETLpFRILs76ldwzTa3ZabOiM5sRvb5MXRjKqcKY8jtG6UxNP6U5KZ6p26fr_ypKtyb8i1jcW739rQ7yjns-7Tuzrk2mGoT56rA5QYh186hwxfN89I-XhGMpfkc8eaAgcaLE0AI6LT8LlSgymiEuS8_x9RR8tbXx-8mGxmyv0-gNlweukc1ZlWJfx7BYhV54KjyE6TJN3kdEu75R8F1ciRNh_0slLg6D7Q0bTxX_bsi9PfPu8hVd_4bx-06gQsn89VKzmRpmfWfCghCbbgsVakQv0CzXSCrpsAd3DnPcDKEBHnL3IhQtOkTH0OXqJ51mGRFdPnzmPG2NMrvSLyfPLYqq1jpwivn_y0u2QfGfOQqGBr9XXZ0PejV618t6jnQRnh9eEGLk6wd97CY5QNbhR7xxUZNstZuQMMozUXylYMvG-CYzEra0VgnqjxyWGXcGTGAvPg3NK8882zTPGCTbQsb3NKXIlJrJib-U7KEth3IH2Z8thkAshU44NOJs53D6DGzfg6LFbmpfxHqYZwEGHP03k0VU6LcErGGvan83MVPanJO9WjR-53VJO_9Ow1ZPo9sxZ-LUl7d3l7KgC-u61CPfQRlWZ7PBV5xdReYn_WtFhPi7_07-YOKMTWa2wa4yd5ZtlOQrFptjnNDd6QusLvJHVa5Y69KA58YNgSdnx4WG8V0jLuivxwg2sDWFhdAm0bAhjSI7FjbWr-pn5FKiJ1gDphjeygY7v8RzRAUm7gq3uUfw1asHhDqhi0t-CWf8mOX-GYnXRvh509gWTRGShRDNN7DQopQIGDa0vDHVjgAXgWFjXpg4H7W-F_DFS8wl7VGlHkLMed_Cnk35RWZ5O4knd0UnRUm2le6ppWGDytCLXbGrhbtpDLz7JXkpQ3PKJ-Y4UW4HIxmoXbqcezu32IcQTvYZBrwZww46Ik8-iNnPPrIpUjyzVQzPuHvrnqihvNoGK8QdYx78B4e0kib4rlvnQ19VrNQG--XP_Xa4FS8RK9w-kXXwPrurN23mVTuArnBuYMADyp_7BbI7JQKhR1VZ9NjVn6YsegOVRJCnC-hmJPnlKJ-UYaaPuyN3VbiqPO0S23M6sciZceZOGc1elORSlQn-QsuSDtAIjXueshuiffjVDJlA4soWV7a7TK9gYNfplWWzJqPzuHhUtSRVOg8KWc_x_ZdxYEzgV0EsuLeK4TI8tW4fl81LalGqfRNUk9-bgDtBjMa_a6pY9BAkJxu1SomRAg-_8QvlSo-I3gEYiQuG3Pc8mgzXyNu_9fqn2R41gDNUfFQh-Eh3meZQaZVkBGCPAUjZYhkyPYStwRi19oNaQYc_ld25kbK-RS_z5v58HySnep0g1MH3MFbFzfHZ6fewU69QJ9P5sn65j3Vj5AyXqsD0OjcFvnvX9eR-ooPrUfDwRvqF-eXhC-cDlgx2B9-blDCHjStrihsHoUBnokDhW2UgSwF2lwMn_GW-mLqdgJ1xAGiL-Zwo2wjD0YT2AyoOBpiXO_36goKQGcUwSzE8-sIYq_f-XAwX8IHaMivGGASnc6GuNuaEYQucBpSkLsyVPfBshHcb7nI78U_fijJ2BCak-XxY6foFN1tUEZV0CGY9xCo6W8GM5-IGfwJUv52jXJEHEVPzKbh0da7aHfYWXzzwMjR2aOo6om17xFpRbgS5DzkBbQrac5s9PwGp4DTk2JjrFvtxD5GSFIDFrn8k4XV97ZATiZ5U2sIjuUtpWOYSfPBgKUwWjefBUyYJkG5kNt53l8AV_29G_Mx21IysTNtHTDIozEfB5L-kj9KtAxmHMuA6w5iM0yignIHnjh1GBDy0k-tMPlTIYJJ1lkXQE6WQGyRPd9s7MkcoLm0xloc-bknyd0WlxRMI5NRLoRbCr36dcsJI500Heb5QQa9bFyBdiyTMzwPw5sZYYhjF46pIC2N-HE3WDL9gyWb_R8O523fzRO2CGuGOnbGv70Qm-gkxWWTwC-3k4jhJwBxPP5-P0g8kiryn780LWbAKm-HVSRSLV-CRUuSPP3wjtCpPZ9WW6dTrO1RChQRXDmPjzAXcbNQiXG47LoX4BnchmXecz_7fAZ4zdrlJnE5pHG-lsSKkUNSSIzRzeb0jpvxVgSH09ep1bTXDkX0wTZrG1t4PCQKnohhVmvjrNpOZaFbJaoRkFtI0JpTgXVmtYaRhZDt4KEtomQde3dWD2FztcaPm-6HI2yvXBeixqc0vtMd_yXGwuzM8Y7pHvGrN7JFIu2r-0T4KAJbiPpeygpf7mPg0WgmnbkHPR0U7fenlKAqnz_ahoku1KoIQAJOOsEDWk2TRlWzpFrl58VHuGld5L42uAZQO82TR8txEP_JVmRE0Ma94BpupidvXgILNTmPCyb6SaLUoocWxa9RHFLJwlNjupZSOuARFHqUFbemrGaW9On8LFGzjdUyPKEscySSJafHHxLRKUMaukStJcKaL1w-0q3TV7v-YgcLxde-Mym0MiUPbmc4aItvSVVF9-GBQxEo9G2BBwx-0hSu5hc9D67LJZQChFlxC4nRB_4wy5yERmSp5rfPsrALHtZjmsItF3kHCXx84YzRm802KD4k78QILznqrKnBbKWamiuxeBy3BelMIsfiTHstEAlAoT33ULFt2OKGPhLFq_dnfSeb1jSNSfG81N-ki4RIUOkbUzVVz3sftuqUpNfA4FDrggli7TpSkQ8lvevpxk_OTPPzRb0jOGMhMHaqAx8oKSzJWYRvCKt_C7uHhTFcqliq703xrY6yJQPBVKYTHNYTgQv4GXsK48AA-4BkHHne0tfVsXUGilsPZ5y8xwzg2M8ZENyU2DlW3AUgDvgrjsCPf5FywzFrj-QxMMHeyX17IG2ZyRpC83-qgtLBXMxugPPH5-MzJMSLwDAyMELd27LjDSrUT1cfer6PJeLLnGfm2jo47kETg12b0jK3T300FkO0GKQc2R_Ya821ALrSHKyzyd62WfXuLFtx-WklEe733j1AKe2awKgk&cid=CAASKORoeBHsQ6KdwTsMXe2_ltfiqVuGLIb9IHM1RTvJs5LLtJotGIfS6Jw&rfl=1%2Chttps%253A%252F%252Fwww.fox13now.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9773
x-xss-protection
0
server
cafe
etag
14407402762925951128
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 15:57:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 494D
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
URL: https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 08:35:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
458686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 May 2023 08:35:05 GMT
truncated
/ Frame 494D
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89c903ce71d7487d59e2ee1a56a417c2a6a5cbb65e10a9096c5c428ead63d1b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E49A
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
207448
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 May 2022 06:22:23 GMT
expires
Sat, 13 May 2023 06:22:23 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/ Frame 9E77
7 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca49717cb72121b3500b440360c753b145e21bc9ad362a6089782cda537690a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1793
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 15:59:51 GMT
expires
Mon, 15 May 2023 15:59:51 GMT
last-modified
Tue, 05 Apr 2022 12:06:24 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 494D
0
622 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5rLxHKPFqB40GnfPbMjBCJUjX2gtxopAY_w70IwtUn4l0gotG6hncamwic7-P8oLNR83EF3rBoyXyEJCBlEpxHjKt3kqEV8zL5nTVwdKXA-iZU-M1-QD9Uc2PK4lE7Iq7TMbVL9sb5tBgoRIlYNWunV1-5kALVTHHjMWBw8v_Rh9DOOoGl8_XPZ24ICO6qWkBI4VPe-D5kITFIHcW_D9olXe_RenH8zqfGHKvl_JnpbOfwlqFtU0GelcT7cIiQ0hDiP-zDMc0Nowrn9dS9kYXC9NL0ud09WmqpFDR3themwAZlE8RvsJOnyTpDVNrODQr2Sed0KvY26OXrMSPWY-v7sX8R1SW01rAEj-98hRQOBDvzuH5M_wUm_ndqbsJdpH6rtsfHTSvoQD09EZFKMm1e4s4pFRtdQUS7LIb9ZzVq1t9QacaDF--vlkLX790nyXIz2B9JK8hk4vKMXyz_zMiqNw0b9F333r1kZp7CZrpenMVSvaC6Is81MQlcal4NTYdFRyGKYSOhLQrcG8Rd_Q9st_HV8-0TIPbIZh4y0W7NCa8SVs9w1AAivjLUXGdVov4mpl4Hns_8_DiwzzTj8DDoTFRR_2H0CCizgoo1D_K94i1zG5C_4OanWtiIQ7rMQ0XRCZPzMKt86cTUQwkt_35Jp5EywsX5n5Xvlw0PGvZFZMyW8w-z2VoEvSUvVop-b5lC1cPc4LI6jjMTlfewVyUSpOb8d-io55Fl9VhhzqgV701cBQ8UlJxaezOfygFN05XgOkaezEHQemFRyqO0iau2WGHyTzuwgIiDSmwCFTTr51gyhSTxvs4dmst49tpxcWd-MaDJqGgDfo1NMVD2zx8BwtVBTBKmSVLjh6h7zEHsPleutewYrwXCwjRB3Hkj3D_G3fETbCDL4cdLTSKlvlUSpFv1XhI_jAFGmLljtPsbYWCNAiIOXRoNlqxYMzGErGUKA0VwWEFKywZOgp9nQ3IZJVATCzQWv5tR4WPpTm3lHghsf3eZ5tJWJgt_70Ry1v6NkZlg2_BurPN-ZVYDsiqvT2zHhEAYON1d_oKuhH6TI4KUHXPef1OFBsYTrPn_lsfvujmBtDvdbqGu1GwufIyDmSyjwX8sk9S4Rgsdy0eCCBGf4VBFPfuj-KMuTRf8JbrNE0jKtTv&sai=AMfl-YQ6fJ1dUqn5vmRZM0324hEdBWQQdLIu2R-x_HjcR7ABPBndYuiC6q-mObEqpLOtWDsJKLdx3vpf3zfOZhrB-Pu9VEYpocukc7bdCwlNIpP1F9r3V99MY1DcnxkhuTEiJOIQqS54JvC3TYhiTRMFPexYchkcIhO-W6Ej_13utQSmI2RFf7FpIfhUmiyKAquDIYfQx7i4GyN-hFRY-pYDTNFRghNTIxt1bA&sig=Cg0ArKJSzAZeXx2v0hM3EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=58&cbvp=1&cstd=53&cisv=r20220511.74605&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 15 May 2022 15:59:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
pagead2.googlesyndication.com/bg/ Frame E49A
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
44316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 03:41:15 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 9E77
118 KB
40 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 14 May 2022 18:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75902
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 15 May 2022 18:54:49 GMT
tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 9E77
109 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37530
x-xss-protection
0
last-modified
Tue, 06 Sep 2016 20:51:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 15 May 2022 15:59:51 GMT
image.jpg
s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/ Frame 9E77
41 KB
41 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/image.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a0844466956091b6689c292fcd04af53f3bfeece35bc197b24f9ae572e6ef27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 09:25:47 GMT
x-content-type-options
nosniff
age
542044
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41812
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:06:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 May 2023 09:25:47 GMT
black.png
s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/ Frame 9E77
2 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/black.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8499833f859a8abea5a07b48ff12bccc3fa12aeea6949b769f5e4c95f5fff85a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 09:26:11 GMT
x-content-type-options
nosniff
age
542020
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1736
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:06:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 May 2023 09:26:11 GMT
logo1.png
s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/ Frame 9E77
2 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/logo1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
099a877ae5285f0197b67b14f38ec53b153a20c740a30cbb1146a2b8e87ceddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 09:24:51 GMT
x-content-type-options
nosniff
age
542100
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1833
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:06:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 May 2023 09:24:51 GMT
logo2.png
s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/ Frame 9E77
2 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/logo2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90fd3d350f8f9fd8a51e64a13c702678ab96742277beeaec325bc23b0bec1ff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 09:24:51 GMT
x-content-type-options
nosniff
age
542100
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2355
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:06:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 May 2023 09:24:51 GMT
copy1a.png
s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/ Frame 9E77
1 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/copy1a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4b6f0ec4e747d335396cdeff1c745c012636761c12570b1bf3472f40db79716
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 09:26:11 GMT
x-content-type-options
nosniff
age
542020
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1262
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:06:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 May 2023 09:26:11 GMT
copy2a.png
s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/ Frame 9E77
1 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/copy2a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9535fd966582f8131f69778520d8df62d721d6cbf04d4474b433160613770569
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 09:26:11 GMT
x-content-type-options
nosniff
age
542020
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1428
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:06:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 May 2023 09:26:11 GMT
copy2b.png
s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/ Frame 9E77
1 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/copy2b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
479e5e70c4c9e1f6464209ae55d58e5f3d1a8e9b329b6b5982665e4fdef53512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 09:26:11 GMT
x-content-type-options
nosniff
age
542020
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1444
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:06:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 May 2023 09:26:11 GMT
copy3a.png
s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/ Frame 9E77
2 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/copy3a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddef510da5bcfacf7b243bca5547a841dac66e07b38b450af579eb447dff3ded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 09:26:11 GMT
x-content-type-options
nosniff
age
542020
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1577
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:06:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 May 2023 09:26:11 GMT
copy3b.png
s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/ Frame 9E77
1 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/copy3b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75204a2542ecde5f1edefb36cba6c82be3c5176d89fc700cfed51910fb4ea091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 09:26:11 GMT
x-content-type-options
nosniff
age
542020
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1419
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:06:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 May 2023 09:26:11 GMT
copy4a.png
s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/ Frame 9E77
1 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/copy4a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cabe729f0a787ce0da8fd9f7ace46d3db589cc680e36fb60db4df4598dcc1920
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 09:26:11 GMT
x-content-type-options
nosniff
age
542020
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1457
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:06:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 May 2023 09:26:11 GMT
copy4b.png
s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/ Frame 9E77
1 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/copy4b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bc7fb993b68904138450660e0adcc562fdbd38a2a5ae2d09faee577e41e859c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 09:26:11 GMT
x-content-type-options
nosniff
age
542020
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1191
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:06:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 May 2023 09:26:11 GMT
copy5a.png
s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/ Frame 9E77
1011 B
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/copy5a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e90d83afbdc0bc8fae8488a88e6a157b1814b31930af60a521c3eaa52925a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 09:26:11 GMT
x-content-type-options
nosniff
age
542020
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1011
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:06:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 May 2023 09:26:11 GMT
copy5b.png
s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/ Frame 9E77
1 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/copy5b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9496aa4d719ed521bd10b81c278c0d79cc3de22f9f146005454ff39eb0125e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 09:26:11 GMT
x-content-type-options
nosniff
age
542020
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1417
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:06:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 May 2023 09:26:11 GMT
cta.png
s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/ Frame 9E77
1 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c8da4b70d9a8649d20ac7c3fd4b2901a675f6c30d0a239b8c824ca944af6a8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 09:26:11 GMT
x-content-type-options
nosniff
age
542020
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1144
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:06:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 May 2023 09:26:11 GMT
arrow.png
s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/ Frame 9E77
1 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/arrow.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
526b869b2e5b6bcfffe1d93a259a7aa96499d404481ae232554587f46ab8d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12167718033430447018/M2_GEN2_CONNECTED_CITATION_M2_728x90_v1/index.html?e=69&leftOffset=0&topOffset=0&c=Kl8zqBjZDA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 09:26:11 GMT
x-content-type-options
nosniff
age
542020
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1294
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:06:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 May 2023 09:26:11 GMT
ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/
7 KB
7 KB
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:51 GMT
last-modified
Sun, 01 May 2022 07:29:08 GMT
server
AkamaiNetStorage
etag
"f370d19306add072a726e7f4ade8dc57:1651391320.146566"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
7090
expires
Tue, 14 Jun 2022 15:59:51 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/
3 KB
3 KB
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:51 GMT
last-modified
Sun, 01 May 2022 07:29:08 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1651391295.775433"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Tue, 14 Jun 2022 15:59:51 GMT
l
mcdp-nydc1.outbrain.com/
2 B
292 B
Fetch
General
Full URL
https://mcdp-nydc1.outbrain.com/l?token=a8a6b6f9a21c322906f76adb132d97e0_38984_1652630391080&tm=1179&eT=0&widgetWidth=610&widgetHeight=192&widgetX=325&widgetY=3734&wRV=2000725&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=397&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Sun, 15 May 2022 15:59:51 GMT
content-encoding
gzip
X-TraceId
9b6226e68437cef47b53b82b818dd826
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
streamFeed.js
widgets.outbrain.com/nanoWidget/2000725/module/
37 KB
14 KB
Script
General
Full URL
https://widgets.outbrain.com/nanoWidget/2000725/module/streamFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
40f55ed332cbbbe9e498f3b0bc30172d926ded3975c3614957f41d635d77a483

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:51 GMT
content-encoding
gzip
last-modified
Sun, 15 May 2022 14:00:03 GMT
server
AkamaiNetStorage
etag
"90a97aa6575cf4c8fb29f832be444668:1652627112.260902"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13602
expires
Sun, 15 May 2022 19:59:51 GMT
eyJpdSI6IjYzMmUyZDBiMzdlZGRmYTQ0MTc5Yjg1ODU2MGE3ODdiYjVjZDc2ZjhiM2JjMzZlZTlhNzY4MzY2YzkzOTM3MDciLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/
12 KB
12 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjYzMmUyZDBiMzdlZGRmYTQ0MTc5Yjg1ODU2MGE3ODdiYjVjZDc2ZjhiM2JjMzZlZTlhNzY4MzY2YzkzOTM3MDciLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.144.70 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-144-70.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3cdb9b5ad556d5bcb79dc0e6fe8b1c28c604ccf8a991259e4788cea85381868b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:51 GMT
cache-control
max-age=124319
last-modified
Mon, 18 Apr 2022 09:25:45 GMT
x-traceid
bb106edd506af34bba9ee2246d6f4441
timing-allow-origin
*
content-length
11918
content-type
image/webp
get
mv.outbrain.com/Multivac/api/
9 KB
2 KB
Script
General
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&settings=true&recs=true&widgetJSId=AR_11&key=NANOWDGT01&version=2000725&apv=true&sig=eW6I6ed3&format=html&rand=71842&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=YThhNmI2ZjlhMjFjMzIyOTA2Zjc2YWRiMTMyZDk3ZTA=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=no_abtest&clss=iQvHh3bIfrOHLt%2FhiWmst0%2BSni6Qu6n7zV1N6w4HcnHE7t0e5aI9DnXK5iBwHCvCjGbCr49okML%2FgnCj&dpr=1&cw=610&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000725/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
813b2aa9a1bf70847017ee4b408d3274b441cd1e96d5bdd4b7cd0cfdfd73910a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:51 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1652630391.255284,VS0,VE200
accept-ranges
bytes
x-served-by
cache-lga21924-LGA, cache-hhn4023-HHN
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
0c8300b406bbc5dab7d9e6d02ac713b8
content-encoding
gzip
content-length
1624
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9E77
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26169842688eaa7c991ca831ce4a9de996e5367bd5332b198157761b88486ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 15:59:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5651
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 494D
0
63 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5rLxHKPFqB40GnfPbMjBCJUjX2gtxopAY_w70IwtUn4l0gotG6hncamwic7-P8oLNR83EF3rBoyXyEJCBlEpxHjKt3kqEV8zL5nTVwdKXA-iZU-M1-QD9Uc2PK4lE7Iq7TMbVL9sb5tBgoRIlYNWunV1-5kALVTHHjMWBw8v_Rh9DOOoGl8_XPZ24ICO6qWkBI4VPe-D5kITFIHcW_D9olXe_RenH8zqfGHKvl_JnpbOfwlqFtU0GelcT7cIiQ0hDiP-zDMc0Nowrn9dS9kYXC9NL0ud09WmqpFDR3themwAZlE8RvsJOnyTpDVNrODQr2Sed0KvY26OXrMSPWY-v7sX8R1SW01rAEj-98hRQOBDvzuH5M_wUm_ndqbsJdpH6rtsfHTSvoQD09EZFKMm1e4s4pFRtdQUS7LIb9ZzVq1t9QacaDF--vlkLX790nyXIz2B9JK8hk4vKMXyz_zMiqNw0b9F333r1kZp7CZrpenMVSvaC6Is81MQlcal4NTYdFRyGKYSOhLQrcG8Rd_Q9st_HV8-0TIPbIZh4y0W7NCa8SVs9w1AAivjLUXGdVov4mpl4Hns_8_DiwzzTj8DDoTFRR_2H0CCizgoo1D_K94i1zG5C_4OanWtiIQ7rMQ0XRCZPzMKt86cTUQwkt_35Jp5EywsX5n5Xvlw0PGvZFZMyW8w-z2VoEvSUvVop-b5lC1cPc4LI6jjMTlfewVyUSpOb8d-io55Fl9VhhzqgV701cBQ8UlJxaezOfygFN05XgOkaezEHQemFRyqO0iau2WGHyTzuwgIiDSmwCFTTr51gyhSTxvs4dmst49tpxcWd-MaDJqGgDfo1NMVD2zx8BwtVBTBKmSVLjh6h7zEHsPleutewYrwXCwjRB3Hkj3D_G3fETbCDL4cdLTSKlvlUSpFv1XhI_jAFGmLljtPsbYWCNAiIOXRoNlqxYMzGErGUKA0VwWEFKywZOgp9nQ3IZJVATCzQWv5tR4WPpTm3lHghsf3eZ5tJWJgt_70Ry1v6NkZlg2_BurPN-ZVYDsiqvT2zHhEAYON1d_oKuhH6TI4KUHXPef1OFBsYTrPn_lsfvujmBtDvdbqGu1GwufIyDmSyjwX8sk9S4Rgsdy0eCCBGf4VBFPfuj-KMuTRf8JbrNE0jKtTv&sai=AMfl-YQ6fJ1dUqn5vmRZM0324hEdBWQQdLIu2R-x_HjcR7ABPBndYuiC6q-mObEqpLOtWDsJKLdx3vpf3zfOZhrB-Pu9VEYpocukc7bdCwlNIpP1F9r3V99MY1DcnxkhuTEiJOIQqS54JvC3TYhiTRMFPexYchkcIhO-W6Ej_13utQSmI2RFf7FpIfhUmiyKAquDIYfQx7i4GyN-hFRY-pYDTNFRghNTIxt1bA&sig=Cg0ArKJSzAZeXx2v0hM3EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=210&vt=11&dtpt=152&dett=3&cstd=53&cisv=r20220511.74605&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 15:59:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9E77
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 15 May 2022 15:59:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E49A
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOM-xdiOBYvnNO5fe7gP0hZugBgAAAAA4AeAEAg&bg=!kpGlkdXNAAZL3OSAa9w7ACkAdvg8WvO-oNImZQqVyuBLthylDonzpDI92onPLcp9cVhnVIXbrqbpswIAAACGUgAAAAFoAQeZAvcXyoLpKIG_9oFY_-Jo5tJvmJhmkTWxCBDjQaFofCOBpcgN8VhzzAOvRgWCFAxWttUSgbYSk2wjuoqUlAxssgs6cO2hLqz71unKS6i7LIhzksTC6QZGrf67KwJJgc4K-RAfQOv7CKgXvTOIQkcPOCbWaiiKgj2kbnLKOfjf7pNXMMUTq26WDfj5WxytJa_YtJdBM7WwLw2YBmsyE9re6KJBgOfR4GdjjxGwggKm-F9lykrbGh08HfvyVu4oIB92FIAlOAIojIBdNZ5yxRyLYEhXAorBQqINU9beiA-vxX0u3zbDBUycDaVo94AYMEUC0uVMLKT5Tk-FNh8fz3KtUyD8vkXU_OJIjUTVI1IG3OHcEciVA_X5u6Z1cMp4WO8LBWw0dc6nfLDVM9XW60ZxyMMr3J1Bf67LWI3FlF8joqqdyPx_BBSy6vuPV9ZQg6gMR8RYIKXODeHp8UCfxSQ07JeisFy4SzmSP2vSpDRmZBwlZ0c91ep5-oBWpJHKl9aDj9WR6Jgtd8inRMp3kfkfQ_jdpWnE_zKPrf_u1SOO7FxCYjuFBxy4aL0zE2p6Bn3FjGt0C9inB_0JJvL54K5azgXhnMMvRtyrUtdLqh-g2m8-GVnz82vmVFOAdOtlIJw0U80rDJdyc9tXCr3yOkx7sw85CwBhxDDK3qIdnpKVRl5s9nwcMlH1LVD3m8RLkIQia_hzRlR7752VRaOv7hVcoed5ZLD86S9v0yqT1P2gnSH4NsddGLl7SGylIGWhh1BTaq8Pr8evChZld1omKcSXGLKvzDoe2RVj_28ByybIur_LK8SzeIHX8Fzc4_TaD_33ejXa-ITczbWpP1XvSRYWeodxRs21WS9VdSl-sCQUk9FBc3C46ahbqMja51kVAaYwCCdTMtYcFL_jAJt5e_fVG_w2yd0o5X4mSGUIEScwgJX8hFNDGPqsfkRP-iJwJ3lU0ovfiigYS5pxc7TBmeNU9lasxdwHBqiGOYfpwkiY25SsQvHRzXi7mi8
Requested by
Host: 109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
URL: https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
pagead2.googlesyndication.com/bg/ Frame FBCA
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
44316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 03:41:15 GMT
singleAnimationOnFeed.js
widgets.outbrain.com/nanoWidget/2000725/module/
503 B
667 B
Script
General
Full URL
https://widgets.outbrain.com/nanoWidget/2000725/module/singleAnimationOnFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bc1b35ded1c4da3563ec3c91ae1379d89c644131901d074e2c2bf846d331b831

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:51 GMT
content-encoding
gzip
last-modified
Sun, 15 May 2022 14:00:03 GMT
server
AkamaiNetStorage
etag
"9b4a6505fb2046ca00b29659b7cf3d9a:1652627107.066505"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
339
expires
Sun, 15 May 2022 19:59:51 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/
4 B
325 B
Fetch
General
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=3aafa7ed840b0c04a4aea9de0bb00bfd&pvId=a8a6b6f9a21c322906f76adb132d97e0&sid=848723&pid=38984&idx=2&wId=974&pad=0&org=0&tm=1478&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=3946&wRV=2000725&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=228&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:51 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
8aedd0aa7d62fe9287899091080344e1
Content-Length
4
Expires
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/
4 B
325 B
Fetch
General
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=1ae59299b56ac8cc76d2657e2ac4eeca&pvId=a8a6b6f9a21c322906f76adb132d97e0&sid=848723&pid=38984&idx=3&wId=975&pad=0&org=0&tm=1479&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=3946&wRV=2000725&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=228&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:51 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
70fadc72738422cae7bfe9652fc392f2
Content-Length
4
Expires
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/
4 B
325 B
Fetch
General
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=cdcdf7949581dffe990c7fc914970319&pvId=a8a6b6f9a21c322906f76adb132d97e0&sid=848723&pid=38984&idx=4&wId=974&pad=0&org=0&tm=1480&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=3946&wRV=2000725&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=228&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:51 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
e5e71b14e18c3c93b0f784d19b09f695
Content-Length
4
Expires
0
sodar
pagead2.googlesyndication.com/getconfig/
13 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ed2d03a78e3e2eb86fe7b69de416f8ec6010b1a48cf013318022ae0fb997f2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 15:59:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10439
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 15 May 2022 15:59:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1186
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
14918
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 11:51:13 GMT
expires
Mon, 15 May 2023 11:51:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8CDF
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
07600f4c1a6d8215412dd9f98d1b9fa9cbeb689fc4527694cdb7c28ac746d506
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Csix8ivi8xLZHF3vzG2wOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Csix8ivi8xLZHF3vzG2wOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 15:59:51 GMT
expires
Sun, 15 May 2022 15:59:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
pagead2.googlesyndication.com/bg/ Frame 1186
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
44316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 03:41:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8CDF
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051001&jk=1908772069530867&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 1186
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?y589IQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame B4E3
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuY3XGY38KGUOqFAsxW4DbNciRpEvu53LIdH2oqy6jeXceY6PBtbwzU6YzhJYLdjXVei_If6wu0AnsKik-GzZrrD_vuNKxg40ZVO0LUalO_DGJTYZN2xu-5w0oD&sai=AMfl-YQY27B2Fdmu7eEoTWZWGUr0N2mGR0vGw_h2DSTHxkvaDG-TZgvFAgWB9D6PgQhy2JG2Jfm87Q3ITv3PLwt-FWkyZz_sFAeajyMrvAxrYu0wZWp_8urhJks9ay_FmOc&sig=Cg0ArKJSzAzSk_x9XEpNEAE&id=ampim&o=315,224&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=381&tls=1382&g=100&h=100&tt=1382&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=1666007649
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 494D
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfZnnmBEsQ6wwfKrm5RMwz9uP0ihO33ylfc5KoSeyFPz3XPuO_B0T_VvgBuBS9bDNK1EB1rILD21aOtpH3EjJWgyFj2CgiKBa4S05R5ePA9h7cPx-59wsVwKgr&sai=AMfl-YR3ko-cFYhsE0EU_mxSTVp5iaEcXJ-hh2-_tUinF5NXMgUH8MNOj4RwP3BMyA0_g8oSJ7GT1iiflIhMCaNAMAWRjaz1ydN6mHK-Iknyx4cYofzzXXLLqMmPJDQNfxF-&sig=Cg0ArKJSzPLsYVqcySdsEAE&cid=CAASKORoeBHsQ6KdwTsMXe2_ltfiqVuGLIb9IHM1RTvJs5LLtJotGIfS6Jw&id=lidar2&mcvt=1000&p=1106,436,1196,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=173361388&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652630390510&rpt=544&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051001&jk=1908772069530867&bg=!VValVhLNAAZL3OSAa9w7ACkAdvg8Wj0_1EvICo9hDh1Ps6obEEMgVwNTveooptUpJCFXGIMq2F-qnQIAAAA_UgAAAAhoAQeZAphXyrBrr7RK2G5T9vKrzEzFGfT2KMxK-px38WXucmP1XbJbgtUu1iCJ7nvQTkn0T-A8eeaf6b80PfMEvp6RrtUws7aDh8G-luxLyy3RtzJ9UQC4Xgemj7NCGWlXyhZPGdK3lewNhGQvOxIpFb79L2yYly_av3lgn6OKPYh5hyCO520GyJI68Bp8AOsuGcmlYxTL4n18NviZDMToGNY-z6oIzvw3abF9wZ7W-5QrAuJjvJKo-cLlWNziQunq4gx9zjsHgZRGlUCw9uAmB4W5UrqiYsmREAnP9kAmrnFSQXOKwoUSiiEDk64dk6Ud63q7ALIgSl_6HZ_kDkjPbD-egt07SBqR9FLURrmwGYNFJaZxAAY2fnDR4cO53Aw4EPhiIfZp6jvbxNpMCFDw279u_wMHIKZB-smMkkwGgnMsRIK7u2KQPnrwq7IHmXfFUHrLoudeGKvEEgd21T8BG0VbfmsQslkFXAI44rltwias2AHmVaW_OGkNgU0bb7Yq9dGKQ3iFSWTOVhAR4MPy0C2rXjLVac9NZpQiDlfF5jMM_FoKPbQK3QvnBi8I8Yno0X-po1TpNoGU_oO7yahEJuByrZ2XH-ySjK3cljLFubHQBXDt9eyfA5hkt-WDDWFLAOD1lEZcYcoIDviL-myCgxBecYk8A6M9eBdM19MD26AliOZlNNQo20yDfE5dG6OrZStNBYE8rESUAoiDx2sQI63CaeWGcYBRDs5Ry_BZbt8DNnyu28chOFzW6ULHyyNMuNXEEMJsldf8oZshcxAxqkzvSRZ7338Kn-O0fZMC5S0NyTwzfehHy4LVfo8vU7QSZH_9SaMZ80ZfUjkNw1yfnaZv8Hmnzcocxz-5MMyKB4bFENv-B3YptcO5B1rf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

abt
capi-tier-2-us-east-2.connatix.com/tr/ Frame B1B4
0
317 B
XHR
General
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/abt?v=162305
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.214.100 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-214-100.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sun, 15 May 2022 15:59:54 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3B22
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
41603
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 15 May 2022 15:59:55 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 521396
X-Served-By
cache-lga13628-LGA, cache-hhn4057-HHN
X-Timer
S1652630395.037981,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 5F9E
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 15 May 2022 15:59:55 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0907
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
41603
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 15 May 2022 15:59:55 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 541458
X-Served-By
cache-lga13628-LGA, cache-hhn4072-HHN
X-Timer
S1652630395.038027,VS0,VE0
sync
eb2.3lift.com/ Frame 0266
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB
Document
General
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
1d2bcd11fed5d7bb7061d4f3352f91085fdabd2d68281ae40a44761597f83ece

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
456
content-type
text/html; charset=utf-8
date
Sun, 15 May 2022 15:59:55 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 15 May 2022 15:59:55 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
eb2.3lift.com/ Frame 793A
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB
Document
General
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
8b1c8bd41f6f98d9f60bbe7b5bb77ffc4fa0bff81c1ff54fd1efaa53c9ca2b1e

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
456
content-type
text/html; charset=utf-8
date
Sun, 15 May 2022 15:59:55 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 15 May 2022 15:59:55 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame 2B16
0
81 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 15 May 2022 15:59:55 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
2000248.html
sync.serverbid.com/ss/ Frame 64FE
2 KB
942 B
Document
General
Full URL
https://sync.serverbid.com/ss/2000248.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-45.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e50f4d42fb835c45b1f5eacc3df29f9018ccf3036c688715c18fd0f8a1c9f587

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10403
content-encoding
br
content-type
text/html
date
Sun, 15 May 2022 13:07:24 GMT
etag
W/"6d15029cef614a792c830cf19d7bee9b"
last-modified
Fri, 13 May 2022 08:00:05 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-id
EZ2b_zCe8o9Ph94E1gb5Ej2oVCvUr1jMqq8YQM-hSqeV48KrYjnTOg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
/
ssc-cms.33across.com/ps/ Frame CA6C
0
0
Document
General
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bgZdFqByur67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 -, , ASN (),
Reverse DNS
Software
33XP002 /
Resource Hash

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sun, 15 May 2022 15:59:54 GMT
server
33XP002
x-33x-status
2000208
2000248.html
sync.serverbid.com/ss/ Frame 50A3
2 KB
942 B
Document
General
Full URL
https://sync.serverbid.com/ss/2000248.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-45.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e50f4d42fb835c45b1f5eacc3df29f9018ccf3036c688715c18fd0f8a1c9f587

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10403
content-encoding
br
content-type
text/html
date
Sun, 15 May 2022 13:07:24 GMT
etag
W/"6d15029cef614a792c830cf19d7bee9b"
last-modified
Fri, 13 May 2022 08:00:05 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-id
U18eUWvxVZFU12Q6lwGF-XF1s2v8GAvim-js_qDkfet1yB1GZfdbSw==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
pd
u.openx.net/w/1.0/ Frame 7531
0
92 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 15 May 2022 15:59:55 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
9.gif
id5-sync.com/s/441/
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.66 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216537.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:54 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
usersync
usersync.gumgum.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=0b8b891e-60a5-491d-af6e-e6b4c6e5b151
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=0b8b891e-60a5-491d-af6e-e6b4c6e5b151
Protocol
HTTP/1.1
Server
34.247.233.198 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:55 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=0b8b891e-60a5-491d-af6e-e6b4c6e5b151
date
Sun, 15 May 2022 15:59:55 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cm
us-u.openx.net/w/1.0/
43 B
132 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:55 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 5F9E
32 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a5899631c9ce2c29ec51ace230aa60e819c7981c08670acf922a153c00ffa223

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 15:59:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70373
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9499
Expires
Mon, 16 May 2022 11:32:48 GMT
async_usersync
ib.adnxs.com/ Frame 0907
0
745 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:55 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
015bc8d2-cf4b-4253-8b13-4dbd0f56cfc8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3B22
0
745 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:55 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e9c4511f-0a0b-426a-8fff-190de2cd4a66
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
cs.emxdgt.com/ Frame 64FE
0
60 B
Image
General
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:54 GMT
content-length
0
content-type
text/html
usersync
x.serverbid.com/ Frame 64FE
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YoEjd6vzh6RVKy4.UUyYUgAA%261170
35 B
217 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YoEjd6vzh6RVKy4.UUyYUgAA%261170
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:54 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YoEjd6vzh6RVKy4.UUyYUgAA%261170
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
306
Expires
Sun, 15 May 2022 15:59:55 GMT
usa
sync.go.sonobi.com/ Frame 64FE
0
474 B
Image
General
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:55 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
ap.lijit.com/ Frame 64FE
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 15 May 2022 15:59:55 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
usersync
x.serverbid.com/ Frame 64FE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1267533170921606577
35 B
217 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1267533170921606577
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:54 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:55 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
67482d3f-4a43-49dc-85cd-836edcb6f869
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1267533170921606577
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
rtb.openx.net/sync/ Frame 64FE
43 B
136 B
Image
General
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:55 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
kksurmd9b2jhpphjbq5mcnnguevksnte
i.gif
e.serverbid.com/udb/9969/sync/ Frame 64FE
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://pixel.advertising.com/ups/56621/occ?verify=true
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0ffe8ba5-d468-11ec-bf71-06c845b44618
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0ffe8ba5-d468-11ec-bf71-06c845b44618&verify=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0ffe8ba5-d468-11ec-bf71-06c845b44618
35 B
98 B
Image
General
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0ffe8ba5-d468-11ec-bf71-06c845b44618
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:55 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0ffe8ba5-d468-11ec-bf71-06c845b44618
date
Sun, 15 May 2022 15:59:55 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
um
cs.emxdgt.com/ Frame 50A3
0
22 B
Image
General
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:54 GMT
content-length
0
content-type
text/html
usersync
x.serverbid.com/ Frame 50A3
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YoEjd6vzh6RVKy4.UUyYUgAA%261170
35 B
241 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YoEjd6vzh6RVKy4.UUyYUgAA%261170
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:55 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YoEjd6vzh6RVKy4.UUyYUgAA%261170
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
306
Expires
Sun, 15 May 2022 15:59:55 GMT
usa
sync.go.sonobi.com/ Frame 50A3
0
478 B
Image
General
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:55 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
ap.lijit.com/ Frame 50A3
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 15 May 2022 15:59:55 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
usersync
x.serverbid.com/ Frame 50A3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1267533170921606577
35 B
251 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1267533170921606577
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:54 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:55 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7a80b358-fd78-46b5-b28a-0d195f27663d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1267533170921606577
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
rtb.openx.net/sync/ Frame 50A3
43 B
352 B
Image
General
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:54 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
779ancl2b69chhrt463744mlj2573lsd
i.gif
e.serverbid.com/udb/9969/sync/ Frame 50A3
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://pixel.advertising.com/ups/56621/occ?verify=true
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0ffe8ba5-d468-11ec-bf71-06c845b44618
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0ffe8ba5-d468-11ec-bf71-06c845b44618&verify=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0ffe8ba5-d468-11ec-bf71-06c845b44618
35 B
98 B
Image
General
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0ffe8ba5-d468-11ec-bf71-06c845b44618
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:55 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0ffe8ba5-d468-11ec-bf71-06c845b44618
date
Sun, 15 May 2022 15:59:55 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 0266
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 0266
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM5Mzk5ODgzOTEzMTAxMjI5NTIyNQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM5Mzk5ODgzOTEzMTAxMjI5NTIyNQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.36.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM5Mzk5ODgzOTEzMTAxMjI5NTIyNQ%3D%3D
date
Sun, 15 May 2022 15:59:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 0266
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0266
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM5Mzk5ODgzOTEzMTAxMjI5NTIyNQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM5Mzk5ODgzOTEzMTAxMjI5NTIyNQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.36.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM5Mzk5ODgzOTEzMTAxMjI5NTIyNQ%3D%3D
date
Sun, 15 May 2022 15:59:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 0266
0
388 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3110759273412918343456&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:54 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 7B333FDE64B047D2969B62905FE695D1 Ref B: FRAEDGE1315 Ref C: 2022-05-15T15:59:55Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXfDv+mxbohAlLvuah8/Q==
xuid
eb2.3lift.com/ Frame 0266
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3110759273412918343456?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-EcxqJK9E2oRRujwj7dY1ukCdfw6B3QyIK4LqE2rJvg--~A&dongle=0883
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-EcxqJK9E2oRRujwj7dY1ukCdfw6B3QyIK4LqE2rJvg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 15 May 2022 15:59:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-EcxqJK9E2oRRujwj7dY1ukCdfw6B3QyIK4LqE2rJvg--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 0266
43 B
220 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=3110759273412918343456&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.114.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 15:59:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
iu3
s.amazon-adsystem.com/ Frame 0266
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3110759273412918343456
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3110759273412918343456&dcc=t
0
0
Image
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3110759273412918343456&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
209.54.177.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:55 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VA2JK8QR0TNZQRMBDK7M
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3110759273412918343456&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 0266
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
140 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Sun, 15 May 2022 15:59:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 0266
0
0
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=3110759273412918343456
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

generic
match.adsrvr.org/track/cmf/ Frame 793A
70 B
266 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 793A
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM5Mzk5ODgzOTEzMTAxMjI5NTIyNQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM5Mzk5ODgzOTEzMTAxMjI5NTIyNQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.36.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM5Mzk5ODgzOTEzMTAxMjI5NTIyNQ%3D%3D
date
Sun, 15 May 2022 15:59:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 793A
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 793A
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM5Mzk5ODgzOTEzMTAxMjI5NTIyNQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM5Mzk5ODgzOTEzMTAxMjI5NTIyNQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.36.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM5Mzk5ODgzOTEzMTAxMjI5NTIyNQ%3D%3D
date
Sun, 15 May 2022 15:59:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 793A
0
927 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4393998839131012295225&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:54 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B191958080CE4923BFB3C962DB281D94 Ref B: FRAEDGE1315 Ref C: 2022-05-15T15:59:55Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-proto
http/2
content-length
0
x-li-uuid
AAXfDv+mxKMI5jsbwkEeKQ==
xuid
eb2.3lift.com/ Frame 793A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4393998839131012295225?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-sIzbY6RE2oQWk1F9ROW5q9WxlKBTRalS.yU5x55BTg--~A&dongle=0883
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-sIzbY6RE2oQWk1F9ROW5q9WxlKBTRalS.yU5x55BTg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 15 May 2022 15:59:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-sIzbY6RE2oQWk1F9ROW5q9WxlKBTRalS.yU5x55BTg--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 793A
43 B
220 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=4393998839131012295225&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.114.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 15:59:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
iu3
s.amazon-adsystem.com/ Frame 793A
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4393998839131012295225
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4393998839131012295225&dcc=t
0
0
Image
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4393998839131012295225&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
209.54.177.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:55 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WEB6R62JEMTB422WKJ7S
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4393998839131012295225&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 793A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
140 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Sun, 15 May 2022 15:59:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 793A
0
0
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=4393998839131012295225
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9E57
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-147-28.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19051
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 15 May 2022 15:59:55 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 15 May 2022 21:17:26 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame 64FE
63 B
393 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
2f10dda965ae0c2a00815a6dd11c4106fc8ae725e3c64d8da4aac92a4fb3f866

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:55 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Tue, 14 Jun 2022 15:59:55 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9455
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-147-28.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19051
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 15 May 2022 15:59:55 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 15 May 2022 21:17:26 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame 50A3
63 B
392 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
2f10dda965ae0c2a00815a6dd11c4106fc8ae725e3c64d8da4aac92a4fb3f866

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:55 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Tue, 14 Jun 2022 15:59:55 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9E57
6 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=30267326&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e646dac15ee77f01eac22fca2eb6f733ea0b4439d725079e5b289c327f15150

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:54 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ecm3
s.amazon-adsystem.com/ Frame 5F9E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=t4e9KWYuQW28fC6Uz9k9eQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=t4e9KWYuQW28fC6Uz9k9eQ
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=t4e9KWYuQW28fC6Uz9k9eQ
Protocol
HTTP/1.1
Server
209.54.177.54 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:55 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
88GDA9K8HAKT7KP3X1VA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=t4e9KWYuQW28fC6Uz9k9eQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 5F9E
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 5F9E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmVlZDA1YjNiODllZTJmNzk4YTg3MWM2NTY2YTUwMGRmODQzNmMxZQ
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmVlZDA1YjNiODllZTJmNzk4YTg3MWM2NTY2YTUwMGRmODQzNmMxZQ
Protocol
H3
Server
142.251.36.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmVlZDA1YjNiODllZTJmNzk4YTg3MWM2NTY2YTUwMGRmODQzNmMxZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 5F9E
0
0
Image
General
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

tap.php
pixel.rubiconproject.com/ Frame 5F9E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJas78yHPPv2uXrzQE5xwKc&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJas78yHPPv2uXrzQE5xwKc&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJas78yHPPv2uXrzQE5xwKc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 5F9E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L37HGPUF-1C-DQTF&sigv=1&esig=2~84631071036944204f7df71c1c38bb03df54ceeb
0
195 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L37HGPUF-1C-DQTF&sigv=1&esig=2~84631071036944204f7df71c1c38bb03df54ceeb
Protocol
H2
Server
2a00:1288:80:807::2 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:55 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L37HGPUF-1C-DQTF&sigv=1&esig=2~84631071036944204f7df71c1c38bb03df54ceeb
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5F9E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/jcqma7i54aEssD-uL4YuNMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2550802030167613819
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2550802030167613819
Protocol
HTTP/1.1
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

date
Sun, 15 May 2022 15:59:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2550802030167613819
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 5F9E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM3SEdQVUYtMUMtRFFURg==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM3SEdQVUYtMUMtRFFURg==
Protocol
H3
Server
142.251.36.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM3SEdQVUYtMUMtRFFURg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
match
c1.adform.net/serving/cookie/ Frame 9863
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=99A656CC-1F7F-4F79-9517-C94F6D4BB851
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=99A656CC-1F7F-4F79-9517-C94F6D4BB851
35 B
469 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=99A656CC-1F7F-4F79-9517-C94F6D4BB851
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 15 May 2022 15:59:55 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sun, 15 May 2022 15:59:55 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=99A656CC-1F7F-4F79-9517-C94F6D4BB851
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 5C66
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoEjewAAALjPygAo&gdpr=0&gdpr_consent=&_test=YoEjewAAALjPygAo
1 B
221 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoEjewAAALjPygAo&gdpr=0&gdpr_consent=&_test=YoEjewAAALjPygAo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 15 May 2022 15:59:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 15 May 2022 15:59:55 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoEjewAAALjPygAo&gdpr=0&gdpr_consent=&_test=YoEjewAAALjPygAo
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4073-HHN
x-timer
S1652630396.961385,VS0,VE0
rtset
bh.contextweb.com/bh/ Frame A2C2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGa0JFN0ZBa2NBQUVUd3VCRXo2dw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFkBE7FAkcAAETwuBEz6w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
0
0

Pug
simage2.pubmatic.com/AdServer/ Frame 2E44
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a27b6281-237b-4100-935a-27e7952621c7&gdpr=0&gdpr_consent=
42 B
425 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a27b6281-237b-4100-935a-27e7952621c7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 15 May 2022 15:59:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 15 May 2022 15:59:56 GMT
Expires
Sun, 15 May 2022 15:59:55 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4390 fb8620d master zrh-pixel-x28 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a27b6281-237b-4100-935a-27e7952621c7&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame 0E0E
43 B
363 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 15:59:54 GMT
expires
Sun, 15 May 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
510003
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
bridge
cm.adgrx.com/ Frame 92C5
43 B
408 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.232.228 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 15 May 2022 15:59:56 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
sjc-delivery-2
server
Cowboy
141
match.deepintent.com/usersync/ Frame C32A
0
45 B
Document
General
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 15 May 2022 15:59:54 GMT
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame CB4E
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=669527993074
42 B
191 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=669527993074
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 15 May 2022 15:59:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
content-length
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=669527993074
Pug
simage2.pubmatic.com/AdServer/ Frame DD96
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:LfG7DMww1NQgEX5&gdpr=0&gdpr_consent=
42 B
295 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:LfG7DMww1NQgEX5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 15 May 2022 15:59:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 15 May 2022 15:59:55 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:LfG7DMww1NQgEX5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/68b9f5e#68b9f5e54dfc641b3d4f527e43216a87a5c6cf08 i-0eac7293533ef1427@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
noop
px.owneriq.net/ Frame 23BD
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B
Document
General
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.75.246.168 -, , ASN (),
Reverse DNS
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 15 May 2022 15:59:55 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 15 May 2022 15:59:55 GMT
Location
https://px.owneriq.net/noop?ct=image%2Fgif
Server
AkamaiGHost
i.match
s.tribalfusion.com/z/ Frame 2575
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
427 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
70bd15678d879b4f-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 15 May 2022 15:59:56 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
70bd156629ed9b4f-FRA
content-type
text/html
date
Sun, 15 May 2022 15:59:56 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
35896
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 09CD
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=d49a2141-a36c-4e91-acf7-5957644f1c01&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=99A656CC-1F7F-4F79-9517-C94F6D4BB851
42 B
355 B
Document
General
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=99A656CC-1F7F-4F79-9517-C94F6D4BB851
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.177.106 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
42
content-type
image/gif
date
Sun, 15 May 2022 15:59:56 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 15 May 2022 15:59:56 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=99A656CC-1F7F-4F79-9517-C94F6D4BB851
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 8D8D
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5f1a48e7-50e5-4ea0-9550-18cb1de008e0-tuct97aa8fb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
149 B
Document
General
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5f1a48e7-50e5-4ea0-9550-18cb1de008e0-tuct97aa8fb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Sun, 15 May 2022 15:59:55 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4025-HHN
x-timer
S1652630396.917119,VS0,VE12

Redirect headers

accept-ranges
bytes
content-length
0
date
Sun, 15 May 2022 15:59:55 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5f1a48e7-50e5-4ea0-9550-18cb1de008e0-tuct97aa8fb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4031-HHN
x-timer
S1652630396.868043,VS0,VE9
x-vcl-time-ms
9
Pug
simage2.pubmatic.com/AdServer/ Frame 1881
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
226 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 15 May 2022 15:59:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 15 May 2022 15:59:55 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server
_
Pug
image2.pubmatic.com/AdServer/ Frame D792
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=589e7ef3-1f7f-463e-b2ef-54566dd0e2f7
0
0

usersync
x.serverbid.com/ Frame D3F6
0
0
Document
General
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=99A656CC-1F7F-4F79-9517-C94F6D4BB851
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Sun, 15 May 2022 15:59:55 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9E57
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=maZWzB9_T3mVF8lPbUu4UQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-147-28.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:55 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=19051
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sun, 15 May 2022 21:17:26 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
420486.gif
idsync.rlcdn.com/ Frame 9E57
0
45 B
Image
General
Full URL
https://idsync.rlcdn.com/420486.gif?partner_uid=99A656CC-1F7F-4F79-9517-C94F6D4BB851
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:55 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame 9E57
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=da4c6281-237b-4a00-8f5f-3f24c4fb1b6d
0
49 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=da4c6281-237b-4a00-8f5f-3f24c4fb1b6d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 15 May 2022 15:59:56 GMT
Server
MT3 4390 fb8620d master zrh-pixel-x27 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=da4c6281-237b-4a00-8f5f-3f24c4fb1b6d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 15 May 2022 15:59:55 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9E57
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTlBNjU2Q0MtMUY3Ri00Rjc5LTk1MTctQzk0RjZENEJCODUx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0

Pug
image2.pubmatic.com/AdServer/ Frame 9E57
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECa2CE3Vi-gzuzdqBsFtOAE&google_cver=1
0
0

pubmatic
um.simpli.fi/ Frame 9E57
43 B
611 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 14 May 2022 15:59:55 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9E57
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7020248366188956654&gdpr=0&gdpr_consent=&us_privacy=
1 B
154 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7020248366188956654&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7020248366188956654&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 15 May 2022 15:59:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame 9E57
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
99A656CC-1F7F-4F79-9517-C94F6D4BB851
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9E57
43 B
991 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/99A656CC-1F7F-4F79-9517-C94F6D4BB851?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:ff18:9e8e:6010:4f26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 9E57
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=99A656CC-1F7F-4F79-9517-C94F6D4BB851&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9vHfxDFE2uXqLGHqzmmzSwqVTy_LOCI-~A&gdpr=0&gdpr_consent=
0
261 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9vHfxDFE2uXqLGHqzmmzSwqVTy_LOCI-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9vHfxDFE2uXqLGHqzmmzSwqVTy_LOCI-~A&gdpr=0&gdpr_consent=
date
Sun, 15 May 2022 15:59:55 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 9E57
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=109d3c51-d468-11ec-8a25-c312b08c9a12&gdpr=0&gdpr_consent=
1 B
432 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=109d3c51-d468-11ec-8a25-c312b08c9a12&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:56 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug022:0:563
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=109d3c51-d468-11ec-8a25-c312b08c9a12&gdpr=0&gdpr_consent=
Date
Sun, 15 May 2022 15:59:55 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
109d3c52-d468-11ec-8a25-c312b08c9a12
Pug
image2.pubmatic.com/AdServer/ Frame 9E57
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1267533170921606577&gdpr=0&gdpr_consent=
0
0

Pug
image2.pubmatic.com/AdServer/ Frame 9E57
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=bfdf2c44-69da-4c58-b5d6-f345ce28e58c-6281237b-5858&gdpr=0&gdpr_consent=
0
0

current
pubmatic-match.dotomi.com/match/bounce/ Frame 9E57
0
105 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=99A656CC-1F7F-4F79-9517-C94F6D4BB851&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:55 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 9E57
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6AIAROwDDxfzVF5G6VEVFr8AXEDzBQFG7QlpXl4c
0
0

Pug
simage2.pubmatic.com/AdServer/ Frame 9E57
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8657693796598662599
42 B
221 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8657693796598662599
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 15:59:55 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8657693796598662599
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 9E57
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=3bb1cd4d-3181-4e2c-abee-2aeebbc4176f&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8c4a3daa-4627-4414-b264-608d9ca1b9b4&gdpr=&gdpr_consent=&gdpr_pd=
1 B
167 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8c4a3daa-4627-4414-b264-608d9ca1b9b4&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8c4a3daa-4627-4414-b264-608d9ca1b9b4&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 15 May 2022 15:59:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sn.ashx
pmp.mxptint.net/ Frame 9E57
0
0

Pug
simage2.pubmatic.com/AdServer/ Frame 9E57
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1267533170921606577
42 B
96 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1267533170921606577
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 15:59:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:56 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0996ea1c-6a23-4c7b-88d2-247d066b4dea
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1267533170921606577
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0907
0
745 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:56 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f024dbfd-6e66-47d6-b14b-c6a8664daf88
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3B22
0
745 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 15:59:56 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fe96264c-7755-4354-aab7-edaa00929460
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFkBE7FAkcAAETwuBEz6w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=589e7ef3-1f7f-463e-b2ef-54566dd0e2f7
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECa2CE3Vi-gzuzdqBsFtOAE&google_cver=1
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1267533170921606577&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=bfdf2c44-69da-4c58-b5d6-f345ce28e58c-6281237b-5858&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6AIAROwDDxfzVF5G6VEVFr8AXEDzBQFG7QlpXl4c
Domain
pmp.mxptint.net
URL
https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| ScrippsAdLib string| daysSincePublished string| datePublished object| publishedTime object| modifiedTime function| getCookie object| gtmObj string| callLetters string| jsTags string| jsPublishDate string| jsUpdateDate string| jsIsBreaking string| jsIsAlert string| jsAuthors string| jsHasVideo string| jsSection string| jsPageType string| jsDisablePrerollAds string| jsDisableDisplayAds string| jsDisableInlineVideoAds string| jsFname object| dataLayer function| x00_0x1f86 function| x00_0x7e8a object| _Scanner function| onReady object| OneTrustStub function| OptanonWrapper object| ddls object| adsOnPage boolean| IS_CMS object| _disable object| AdDebugger object| ScrippsUtils object| StickyRightRail object| sUserHub object| AdTargetingParams object| DynamicTargetingParams object| ScrippsOutstreamPlayer object| ScrippsAdsLib object| ImageLazyLoad object| googletag object| apstag object| advBidxc object| pbjs object| ScrippsAdUtils function| _getCurrentAdInfo function| fbAsyncInit function| ready function| loadChartbeat object| UA function| cnxps string| contentType undefined| define function| ReconnectingWebSocket object| ScrippsUserHub object| FB boolean| apstagLOADED function| _typeof object| PARSELY object| google_tag_manager function| pbjsChunk object| _pbjsGlobals object| google_tag_data string| GoogleAnalyticsObject function| ga object| _comscore object| HeaderSM string| jsWxTemp string| jsWxCond function| udm_ object| ns_p object| COMSCORE object| ggeac object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData object| cnx_usr_storage undefined| google_measure_js_timing object| _ScrippsAdLib string| jsInitialBreakpoint object| TRUE_ANTHEM object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id number| google_global_correlator object| closure_lm_996852 object| __ctcg_65349_0_exec object| ampInaboxIframes object| ampInaboxPendingMessages object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests function| cnxAddEventListener

44 Cookies

Domain/Path Name / Value
www.fox13now.com/news/local-news Name:
Value: test
.3lift.com/sync Name: sync
Value: CgoIoQEQuLHKw4wwCgoIgQIQuLHKw4wwCgoIkQIQuLHKw4wwCgoI5gEQuLHKw4wwCgoIhwIQuLHKw4wwCgkICRC4scrDjDAKCQg6ELixysOMMAoJCAsQuLHKw4wwCgoIjAIQuLHKw4wwCgkIXxC4scrDjDA=
.fox13now.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth%22%2C%22sref%22:%22%22%2C%22sts%22:1652630389328%2C%22slts%22:0}
.fox13now.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=a039c70ce39c9008ea4b7924b284397d%22%2C%22session_count%22:1%2C%22last_session_ts%22:1652630389328}
www.fox13now.com/ Name: mnet_session_depth
Value: 1%7C1652630389410
.scorecardresearch.com/ Name: UID
Value: 1B4220a79d104d699eea69d1652630389
.fox13now.com/ Name: _ga
Value: GA1.2.280048504.1652630390
.fox13now.com/ Name: _gid
Value: GA1.2.1279557486.1652630390
.fox13now.com/ Name: _dc_gtm_UA-27022641-1
Value: 1
.fox13now.com/ Name: _dc_gtm_UA-29479748-9
Value: 1
.fox13now.com/ Name: _dc_gtm_UA-40066851-1
Value: 1
.adnxs.com/ Name: icu
Value: ChgIxIZ3EAoYASABKAEw9caElAY4AUABSAEQ9caElAYYAA..
.adnxs.com/ Name: uuid2
Value: 1267533170921606577
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdzACEQ3JcDkYSa8DRCNeggG83B83ucS9-_DVnm4qs_Km5CyQkamB3XEgW3ztMwGz4tMq1muh9dtzg
.gumgum.com/ Name: vst
Value: e_cd4db344-eae5-4f1b-990f-643c12d03531
.rubiconproject.com/ Name: khaos
Value: L37HGPUF-1C-DQTF
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3RFbZmAyH3k3jc0/aJelRdbjRFtGIHH0tU9xyqbwjHy8gP2Ersalz8oXd06IBY4Mu3gIe5pGUUWyYbB5SW5XQ3/lc30Coghjc=
.serverbid.com/ Name: CONSUMABLEID
Value: efd69de9074f4168969de9074fa16874
.fox13now.com/ Name: __gads
Value: ID=64abb4dd644e9b3e-22526b3595cd003a:T=1652630390:S=ALNI_MbP7y5U_lttoDD3IyAFudCQCeuruw
.doubleclick.net/ Name: IDE
Value: AHWqTUn3HqjIWBlD34hZ6zrwef4otpf-q0gt8IdujlDgoirvz2yfG-LLhZp8Q5PYJs0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2ImU`wZd9!1yIE`fS1ueD1W-044)d+]UgP?hrM+pek57SbPX3VD@AYEr]Te2g(cDg:qnDP(hw9P-HC_#tu=-*.O>f
.casalemedia.com/ Name: CMPS
Value: 3239
.casalemedia.com/ Name: CMID
Value: YoEjd6vzh6RVKy4.UUyYUgAA
.casalemedia.com/ Name: CMPRO
Value: 1170
.casalemedia.com/ Name: CMRUM3
Value: 2d628123772760CAESELAjqs8Zv129o0-R-p9gu3o
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.3lift.com/ Name: tluid
Value: 4393998839131012295225
.advertising.com/ Name: APID
Value: UP0ffe8ba5-d468-11ec-bf71-06c845b44618
.360yield.com/ Name: tuuid
Value: 0b8b891e-60a5-491d-af6e-e6b4c6e5b151
.360yield.com/ Name: tuuid_lu
Value: 1652630395
.ads.pubmatic.com/ Name: KCCH
Value: YES
.casalemedia.com/ Name: CMST
Value: YoEjd2KBI3sA
.yahoo.com/ Name: A3
Value: d=AQABBHsjgWICEN7E0w-kf6Vzj9jxIpM3IfkFEgEBAQF0gmKLYgAAAAAA_eMAAA&S=AQAAAjdRA_h06t9cHkR0xnR38UE
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2614:u=1:x=1:i=1652630395:t=1652716795:v=2:sig=AQGylieQUfPzEEOL91NCYT5JUxWoKNya"
.linkedin.com/ Name: bcookie
Value: "v=2&36f4d859-d7f1-450f-805f-018a5f4cac4f"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTI2MzAzOTU7MjswMjGusTGmr/jlnaLFkDUgL8IRMEhrmuD2T4Lc0l7fDLDfdw==

8 Console Messages

Source Level URL
Text
network error URL: https://cdn.cookielaw.org/consent/000000/000000.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.fox13now.com/weather/school-closings-delays?_renderer=json
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=3110759273412918343456
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=4393998839131012295225
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/420486.gif?partner_uid=99A656CC-1F7F-4F79-9517-C94F6D4BB851
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

109509e6158feffdbe3d278728aa9ad6.safeframe.googlesyndication.com
a.tribalfusion.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
ads.yahoo.com
adservice.google.com
adservice.google.de
analyticssystems.net
ap.lijit.com
api.ewscloud.com
assets.scrippsdigital.com
aswpsdkus.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
capi-tier-2-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.ampproject.org
cdn.cookielaw.org
cdn.parsely.com
cds.connatix.com
click.oi.com.br
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
cs.emxdgt.com
csync.loopme.me
d3plfjw9uod7ab.cloudfront.net
dis.criteo.com
dsum-sec.casalemedia.com
e.serverbid.com
eb2.3lift.com
eus.rubiconproject.com
ewscripps-d.openx.net
ewscripps.brightspotcdn.com
fastlane.rubiconproject.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hblg.media.net
hbx.media.net
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
lit.connatix.com
log.outbrainimg.com
match.adsrvr.org
match.deepintent.com
match.taboola.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.rubiconproject.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.ewscloud.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.serverbid.com
tcheck.outbrainimg.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
tru.am
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
use.typekit.net
usersync.gumgum.com
vid.connatix.com
web.hb.ad.cpe.dotomi.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.fox13now.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.serverbid.com
bh.contextweb.com
image2.pubmatic.com
pmp.mxptint.net
104.102.29.173
104.36.113.23
104.89.20.125
104.92.74.8
108.157.4.104
108.157.4.44
13.226.132.34
141.95.98.66
142.250.186.66
142.250.74.130
142.251.36.66
151.101.114.132
151.101.130.49
151.101.194.137
151.101.2.137
151.101.65.108
151.101.65.44
151.101.66.137
154.59.122.79
159.89.246.130
167.89.118.52
169.50.137.182
178.162.133.149
178.250.0.163
18.156.195.47
18.157.243.170
18.194.10.133
18.195.155.181
18.216.214.100
185.29.132.245
185.64.190.80
198.47.127.20
2.22.32.24
2001:678:cb4:bbbb::11
209.54.177.54
216.52.2.19
23.35.228.23
23.75.246.168
23.88.75.189
2600:1f18:e8a:cd02:882c:d916:bae1:7722
2600:9000:214f:ce00:13:a391:88c0:21
2600:9000:2315:5a00:10:618e:d880:93a1
2602:803:c004:200::143
2606:4700:20::681a:274
2606:4700:3030::6815:251b
2606:4700:4400::ac40:98f5
2606:4700::6810:9440
2620:1ec:21::14
2a00:1288:80:807::2
2a00:1450:4001:801::2001
2a00:1450:4001:803::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2006
2a00:1450:400c:c00::9b
2a02:26f0:ef::5c7b:c24c
2a02:26f0:f7::5c7b:e024
2a02:fa8:8806:13::1400
2a02:fa8:8806:16::1460
2a03:2880:f02d:100:face:b00c:0:3
2a04:4e42:400::300
2a05:d018:d29:3605:ff18:9e8e:6010:4f26
2a06:98c1:3120::a
3.126.56.137
3.67.60.21
3.72.114.165
34.102.253.54
34.149.20.76
34.194.161.83
34.233.85.84
34.247.233.198
34.98.64.218
35.157.46.192
35.186.253.211
35.227.208.151
35.244.174.68
37.157.6.242
37.252.173.215
38.91.45.7
52.206.177.106
52.223.40.198
54.155.65.255
54.170.158.38
54.229.167.98
64.202.112.191
65.9.61.60
65.9.66.173
67.202.105.22
69.173.144.138
69.173.144.165
72.251.232.228
76.223.111.18
92.122.144.70
92.122.147.230
92.122.147.28
99.86.7.103
99.86.7.38
99.86.7.45
99.86.7.96
03aa6fcac2902227e1b66a01b87824692f708bbf9bfe441784f8ed22d677f6de
04067d3025765c8caa03901e83bd3e5a854d583482aa91cc869101a8b01dfe63
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
066fc3ce045361bba8240f583393178cdedced02f8d4bb917c2d3f0520032564
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07600f4c1a6d8215412dd9f98d1b9fa9cbeb689fc4527694cdb7c28ac746d506
099a877ae5285f0197b67b14f38ec53b153a20c740a30cbb1146a2b8e87ceddb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12cfe490da51dd8b7607fa9cecc5101cf56b5ca79a2302acebfc1f56084af689
136da57ff927092cc8dd8aa976c27fb4ccb7336781a8d1335e6ed91bd61e50e5
151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465
1530d5b99d4da69fa495df23ad8d94bafbc5fb2ff7d74ce2870d274f001de470
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
1b100b2e9f3016d39e6f5fc04026380518f730433d1261e6dbb8f6f673c27cb1
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c913bc9da51659b12b21981ceaf5f76a8338c68d01edff6828a305559f94d13
1d2bcd11fed5d7bb7061d4f3352f91085fdabd2d68281ae40a44761597f83ece
1da4e7292411fa7401ad333d28c2e5bd20dbe89f3ba0428d57d44c48879293f0
1e07e272734d4232d604835b00dfb9847c36a95e2fb6a01458590618e2bbcc77
221d14845641381b6f445b272348090e20c0c80e1ea4812c927576f7c49b3ecf
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
26169842688eaa7c991ca831ce4a9de996e5367bd5332b198157761b88486ae9
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26be7d94a59f0fb2668c7a36dd3dbdc6965cda87eed9bbb92b0c3ef2c883a7af
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2bcbc2fead65db06dc805d3ec92e0f95cc32e4d82c1d7f9e2d4bd5ffc7b35984
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea4d73c56a292df467ee9e88a8cc18a2374049abe26e079b40770ea5b776339
2ed2d03a78e3e2eb86fe7b69de416f8ec6010b1a48cf013318022ae0fb997f2c
2f10dda965ae0c2a00815a6dd11c4106fc8ae725e3c64d8da4aac92a4fb3f866
3220c748282ef40c7b77f9572f8ae21bdeeec23fe01aec838cec5e6ac3db21ad
32fd2eb35bfc922743b09440aa77ce35f75392da85de95884c3ab1d0b7aff530
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
382a1c74c0b77632727bcbfa9021365bbb86eb7c5caa84ce6b85db72031ebef6
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3c147f44ad5be7a0ab5df52a3fcf74c6a56df0424413f9dbd9e64787e60a5585
3cdb9b5ad556d5bcb79dc0e6fe8b1c28c604ccf8a991259e4788cea85381868b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e646dac15ee77f01eac22fca2eb6f733ea0b4439d725079e5b289c327f15150
3e81ddeee38da2219c0cca90cf69088fe8be1dbf0c780feb1df01989881771c1
3e9d886959d9c9062219fe80728e62cdaa35db9e4901d3a70eb755609e413cb7
3fa868c9b67a1f4d1c34c8a4cd80693914bd8bba4472652b9fd9437d11e6bf56
3fc4c9567d3fe87fd40b4fcd6eb74404f7ecdbb343f3dc76c8b8732fba4cecb4
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40418835c48e3f20e3124849f8958fa46cf7d6c28c93c18c51a01179a1971c92
404e732b040dfeb17cf519e4c1b704426796e76e881e6ea9abdae2f7fd3f109b
40f55ed332cbbbe9e498f3b0bc30172d926ded3975c3614957f41d635d77a483
42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581
44184c16fd72e51859e402906cfc8eb5cc13161916b42cf46e416bc9e3fe9850
479e5e70c4c9e1f6464209ae55d58e5f3d1a8e9b329b6b5982665e4fdef53512
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc7fb993b68904138450660e0adcc562fdbd38a2a5ae2d09faee577e41e859c
4de7f60ac8c0a270dc1c92ce185b282876b71084b66db80629924a85109a0a53
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
526b869b2e5b6bcfffe1d93a259a7aa96499d404481ae232554587f46ab8d986
5343d295e7697987c6607001f3bb6d9bf54cfc6db5a77dce8b27dc5e9870066e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30
5c8da4b70d9a8649d20ac7c3fd4b2901a675f6c30d0a239b8c824ca944af6a8e
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7
61f2dff6326983554bf831cb7bb066abf6d93e4f214b7ef10650befbd2eedbde
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
65b64c49a86c754ec08d9c80c41cd0ce46edd45294ef43939ab8fdffa71652ea
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d75131cd61d14c4a14d83ca198bde1e64c81921f73f187ee4b705eb37962f29
72d83e7e6c6cc22f5b65099641a1da64534246a14f4e8d6f1fed6a2b592439c2
742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446
75204a2542ecde5f1edefb36cba6c82be3c5176d89fc700cfed51910fb4ea091
76f23c786a128ad44635f025a64bbb4d1fa38fc99fc0f8a5fbe5a09775094c86
7874d00455ccd7f48aa776ddde34ec8ad3ff795b9977268c284be2d796644f83
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a0844466956091b6689c292fcd04af53f3bfeece35bc197b24f9ae572e6ef27
7b491b7e75f58ce5c0d60bcdf9f0da01d082df493a739458ca0d733795877ebb
7e90d83afbdc0bc8fae8488a88e6a157b1814b31930af60a521c3eaa52925a4b
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
813b2aa9a1bf70847017ee4b408d3274b441cd1e96d5bdd4b7cd0cfdfd73910a
81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8356971b46497613ae77fb651fba39c49255fb61b3ddee283cfd5bcea4b15fa2
8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0
8499833f859a8abea5a07b48ff12bccc3fa12aeea6949b769f5e4c95f5fff85a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
874cc1315f35963fb2488576f0c83489e22edfe22f6ce355e7e87e65063bbf7c
894bd4636346f9710907258043cf9936f4fcb1cf7d36bde7c1100351aae5ba96
89c903ce71d7487d59e2ee1a56a417c2a6a5cbb65e10a9096c5c428ead63d1b3
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b1c8bd41f6f98d9f60bbe7b5bb77ffc4fa0bff81c1ff54fd1efaa53c9ca2b1e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8dbc3f1a033b6733e96a5af1bc89d6f8ab68a5d533dcad72d56bd019e3b5b6b5
90900178b1000786c1f87ecd2c55c5ef77f3abb9c5ad951d29f74672ab85e811
90fd3d350f8f9fd8a51e64a13c702678ab96742277beeaec325bc23b0bec1ff6
917f608bb0b9f6f3c4040000d4943c68ec57d1ed3067ee14636b1084252fb495
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9535fd966582f8131f69778520d8df62d721d6cbf04d4474b433160613770569
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
9687916c1e580471dbf4482ffc7372479b31d3318244e0efed29a0e01ec3f059
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9713537847d72d9dd53f7f47490d5c96f43ad62618b2ba36fb8b69b22254c14f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99fd2c59c2769a1e1463c2876f6024e0e0f3d2133d08d0a880a29d041919031f
9a1177b69f70c78d0d073f90942215ec3a56f2b0dccc88b7966e75a6808d501e
9b12b33650d28400688a87ab2ab4cb9d72f6b28b9fc13cd3ddb31d9b994d6fbe
9f0bb40de4e93b11b647d7aaea090323fa01f38ca39c1ccabf15c2b8b077b2a6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a49ae0a9df930e22204ab10f73eb78d06dddcd77917571c409a0170a7e810bfe
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5899631c9ce2c29ec51ace230aa60e819c7981c08670acf922a153c00ffa223
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78eee44a33280cae70b7fade38a0ea36d2d3c34252c8fffe9e5d91aaf463a0c
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
ac0cf789c9ea8519baaa607912223bebeafae9e6c04cf5ffa7a27af4bf6dee15
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1546e4d6ceb0fae4140862ca3b5deaae2c19bd6a7cb8ee8c2ed3d55e113933d
b287a98203b186279a39aa3837b97c33c27a1eb54109f5d675173a25bf1989f9
b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b83737c56d4fa9a8b770ad7099dd0dd2365c707c21a725dcba0918be0f7ce3ab
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc1b35ded1c4da3563ec3c91ae1379d89c644131901d074e2c2bf846d331b831
bd6cafb0d9f0509d461f9b8845027ecb7f5385ee273346f5f44efd2b328afdb3
be582aa00fd052e82206382c4908181cf57cc419766b8c766b8ca9cb6731f20d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4b6f0ec4e747d335396cdeff1c745c012636761c12570b1bf3472f40db79716
c92ee2460b4063f46ccd0ad0e0a68d212c6b756c4a0ef3a7fdf0afe0989781b1
ca49717cb72121b3500b440360c753b145e21bc9ad362a6089782cda537690a5
ca4fd5efb0d1a70284709d6dde51a8477a28115b5c8a453aafcaf394bd1b5fbf
cabe729f0a787ce0da8fd9f7ace46d3db589cc680e36fb60db4df4598dcc1920
cb190163a0d4795999f1905b65b3d026f9308acdffce1cbeabbb96dc26c4816c
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1f9c5c64d175a8bc389afa09401c72262f33961d56241d00902c2a397eac4e7
d2002ce95d4f15bbf5aed7e2e5f049dc89fa99c9b7cca65a3a798937d284f7b7
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d38f7d1a964cad9b93298482dceb8af5ec95c74f313ee399537f8bfdac66edd3
d46651a0642c39afc570af89ad0b4373250d4002c05e92282aab4b289c4771d8
d4e346d7dc2c3dea74203d2456dbdfd86229dc00796de8a123461b382c955001
d536966adfb264a5bf8db50aa3cdad7b8ee1abab313d1a6dfaa6bcdf7461a3d4
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42
ddd21d3dfac557595e1417e8fcaa529bd5dee3f175978f681e56acc3c1e1afe7
ddef510da5bcfacf7b243bca5547a841dac66e07b38b450af579eb447dff3ded
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dd67f9206d27db683c4bada205cadd16cf642d9a1e2d909937a5d30908eecd
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa
e4b6226e8a1a47ef7e1f8879acb9597b408a8d7c49d0ed1478b36da15d147235
e50f4d42fb835c45b1f5eacc3df29f9018ccf3036c688715c18fd0f8a1c9f587
e83999b91ab2f18cf00561782d61ce635400f79dc71585417ececfbf5ec1c95d
e9496aa4d719ed521bd10b81c278c0d79cc3de22f9f146005454ff39eb0125e9
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed20c8dbf8897c2e6f737f7ec114a1c29fded0bf3d3012d226834f221060105a
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f027d6553533e963630b1d0992d5ca83562645cbb955de496b40c41eddd1978e
f095e9c4a8303e2660456b4124313560ffd05695ad601c84107146c500d27f71
f0f18a3c3952280b727ecdf5f62fb2b4754367e287f06e9b3b586f2c07146754
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
f86369564f3dd622099f3fb1c399a1e73527ff30c23d32807680f1c4937e69ad
fac4db290bd4a244da8f987f3b01c1a4297a991129fb636fb287d4451de2e654
fba79d7734dd17a3e66a9e6e0f34af78f8b93678f6bfd8dc0e18a6c3f15dc118
fdcb74f626ef8f1059c0e3bd503017b8fdda4a54afcc26a4da734f5fd5c7a87a
ffb3195dcec8363f39d7e9d4361c3c6e2ac4ab12139687bf2b03b82b21d8b655