fox42kptm.com Open in urlscan Pro
143.204.207.93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fox42kptm.com/
Effective URL:
https://fox42kptm.com/
Submission Tags: tranco_l324
Submission: On November 25 via api (November 25th 2021, 3:33:24 am UTC) from DE — Scanned from DE

Summary HTTP 485 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 80 IPs in 8 countries across 98 domains to perform 485 HTTP transactions. The main IP is 143.204.207.93, located in United States and belongs to AMAZON-02, US. The main domain is fox42kptm.com.
TLS certificate: Issued by Amazon on March 16th 2021. Valid for: a year.

This is the only time fox42kptm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23 61	143.204.207.93 143.204.207.93	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
6	13.35.253.115 13.35.253.115	16509 (AMAZON-02) (AMAZON-02)
5	143.204.207.16 143.204.207.16	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6810:51a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	65.9.71.6 65.9.71.6	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1 3	13.35.253.42 13.35.253.42	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::2014	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
5	13.32.21.201 13.32.21.201	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
22	13.32.19.67 13.32.19.67	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
7	65.9.71.35 65.9.71.35	16509 (AMAZON-02) (AMAZON-02)
19	143.204.207.43 143.204.207.43	16509 (AMAZON-02) (AMAZON-02)
26	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	65.9.71.113 65.9.71.113	16509 (AMAZON-02) (AMAZON-02)
11	18.194.235.83 18.194.235.83	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	3.65.202.227 3.65.202.227	16509 (AMAZON-02) (AMAZON-02)
1	34.255.50.161 34.255.50.161	16509 (AMAZON-02) (AMAZON-02)
10	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
1 4	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
10	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2602:803:c004... 2602:803:c004:200::143	26667 (RUBICONPR...) (RUBICONPROJECT)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.208.254.20 34.208.254.20	16509 (AMAZON-02) (AMAZON-02)
24	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
63	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	20.40.202.0 20.40.202.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.195.72.147 34.195.72.147	14618 (AMAZON-AES) (AMAZON-AES)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	52.90.100.71 52.90.100.71	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:6c0... 2a02:26f0:6c00:298::3350	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a04:4e42::626 2a04:4e42::626	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 1	154.59.122.74 154.59.122.74	174 (COGENT-174) (COGENT-174)
51	13.32.19.18 13.32.19.18	16509 (AMAZON-02) (AMAZON-02)
1 1	18.211.53.36 18.211.53.36	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.68.170.46 34.68.170.46	15169 (GOOGLE) (GOOGLE)
5 9	3.222.114.14 3.222.114.14	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	2600:9000:205... 2600:9000:2057:dc00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	192.138.218.136 192.138.218.136	14332 (SHOPZILLA) (SHOPZILLA)
1 1	209.234.224.18 209.234.224.18	395162 (MOD-PTC) (MOD-PTC)
1 1	35.231.202.250 35.231.202.250	15169 (GOOGLE) (GOOGLE)
1 1	46.137.100.162 46.137.100.162	16509 (AMAZON-02) (AMAZON-02)
1 1	52.19.97.175 52.19.97.175	16509 (AMAZON-02) (AMAZON-02)
2 2	35.171.131.228 35.171.131.228	14618 (AMAZON-AES) (AMAZON-AES)
3 3	52.21.112.210 52.21.112.210	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.172.42.207 35.172.42.207	14618 (AMAZON-AES) (AMAZON-AES)
3 3	34.238.25.142 34.238.25.142	14618 (AMAZON-AES) (AMAZON-AES)
1 1	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
1 1	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
1 1	34.241.248.46 34.241.248.46	16509 (AMAZON-02) (AMAZON-02)
1 1	209.240.97.247 209.240.97.247	40244 (TURNKEY-I...) (TURNKEY-INTERNET)
1 1	44.193.87.60 44.193.87.60	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.215.193.43 18.215.193.43	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.211.124.118 52.211.124.118	16509 (AMAZON-02) (AMAZON-02)
1 1	52.211.195.119 52.211.195.119	16509 (AMAZON-02) (AMAZON-02)
1 1	13.35.253.97 13.35.253.97	16509 (AMAZON-02) (AMAZON-02)
1 1	3.212.101.34 3.212.101.34	14618 (AMAZON-AES) (AMAZON-AES)
1 1	143.204.207.123 143.204.207.123	16509 (AMAZON-02) (AMAZON-02)
1 1	18.212.101.179 18.212.101.179	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:765... 2600:1f18:765:4800:7681:18d0:4c60:ba77	14618 (AMAZON-AES) (AMAZON-AES)
1 1	170.76.128.226 170.76.128.226	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	35.155.159.56 35.155.159.56	16509 (AMAZON-02) (AMAZON-02)
1 1	52.27.164.51 52.27.164.51	16509 (AMAZON-02) (AMAZON-02)
1 5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	74.121.140.207 74.121.140.207	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	18.209.200.15 18.209.200.15	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.36.113.45 104.36.113.45	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
2 2	2606:4700:10:... 2606:4700:10::ac43:8f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	18.185.171.80 18.185.171.80	16509 (AMAZON-02) (AMAZON-02)
1 1	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
1 1	178.162.133.148 178.162.133.148	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1	152.199.22.243 152.199.22.243	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
2 9	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.19.104 13.32.19.104	16509 (AMAZON-02) (AMAZON-02)
1 1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
3	64.19.224.207 64.19.224.207	14332 (SHOPZILLA) (SHOPZILLA)
3 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 2	2a05:d018:d29... 2a05:d018:d29:3605:6798:75ff:a274:9693	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 2	209.54.180.3 209.54.180.3	16509 (AMAZON-02) (AMAZON-02)
1 1	52.71.142.200 52.71.142.200	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.197.87.177 18.197.87.177	16509 (AMAZON-02) (AMAZON-02)
1	52.202.47.217 52.202.47.217	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:205... 2600:9000:2057:5600:10:8317:ee40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:24:... 2a05:d018:24:b002:bc48:7748:582:a849	16509 (AMAZON-02) (AMAZON-02)
1	64.19.224.205 64.19.224.205	14332 (SHOPZILLA) (SHOPZILLA)
11	2606:2800:133... 2606:2800:133:202d:cd5:25f1:103b:1d26	15133 (EDGECAST) (EDGECAST)
485	80

61 143.204.207.93 (United States) 23 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-93.fra53.r.cloudfront.net

fox42kptm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.35.253.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-115.fra6.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.207.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-16.fra53.r.cloudfront.net

sinclairstoryline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:51a5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 65.9.71.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-6.fra56.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.253.42 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-42.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

paywall-prod.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.21.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-201.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 13.32.19.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-19-67.fra56.r.cloudfront.net

3gz8cg829c.execute-api.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.71.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-35.fra56.r.cloudfront.net

livevideostatus.sinclairstoryline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 143.204.207.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-43.fra53.r.cloudfront.net

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.71.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-113.fra56.r.cloudfront.net

consent-st.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.194.235.83 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-235-83.eu-central-1.compute.amazonaws.com

content.uplynk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content-aeuf1.uplynk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.202.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-202-227.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.50.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-50-161.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.100 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.208.254.20 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-254-20.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

63 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px2m.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lightboxapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.72.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-72-147.compute-1.amazonaws.com

prefmgr-cookie.truste-svc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.90.100.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-90-100-71.compute-1.amazonaws.com

px2.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:298::3350 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dsa.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42::626 (United States)

ASN54113 (FASTLY, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prd.jwpltx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.74 (United States) 1 redirects

ASN174 (COGENT-174, US)

acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 13.32.19.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-19-18.fra56.r.cloudfront.net

preferences-mgr.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.53.36 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-53-36.compute-1.amazonaws.com

my.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.68.170.46 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 46.170.68.34.bc.googleusercontent.com

preferences.bluecava.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.222.114.14 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-114-14.compute-1.amazonaws.com

ad.amgdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:dc00:19:9934:6a80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.138.218.136 (United States) 1 redirects

ASN14332 (SHOPZILLA, US)
PTR: shopzilla.com

www.shopzilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.234.224.18 (United States) 1 redirects

ASN395162 (MOD-PTC, US)

ad.wsod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.231.202.250 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 250.202.231.35.bc.googleusercontent.com

optout.parrable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.137.100.162 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-100-162.eu-west-1.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.97.175 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-97-175.eu-west-1.compute.amazonaws.com

optout.bigsea.weborama.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.171.131.228 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-131-228.compute-1.amazonaws.com

optout.1up.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
optout.ign.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.21.112.210 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-112-210.compute-1.amazonaws.com

optout.askmen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
optout.ziffdavis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
optout.pcmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.172.42.207 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-42-207.compute-1.amazonaws.com

optout.extremetech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
optout.toolbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.238.25.142 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-25-142.compute-1.amazonaws.com

optout.techbargains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
optout.ugo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
optout.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.23 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

optout.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.33 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

optout.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.248.46 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-248-46.eu-west-1.compute.amazonaws.com

www.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.240.97.247 (United States) 1 redirects

ASN40244 (TURNKEY-INTERNET, US)
PTR: 209-240-97-247.static.as40244.net

optout.alphonso.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.193.87.60 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-87-60.compute-1.amazonaws.com

apolloprogram.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.193.43 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-193-43.compute-1.amazonaws.com

optout.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.124.118 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-124-118.eu-west-1.compute.amazonaws.com

optout.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.195.119 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-195-119.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.97 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-97.fra6.r.cloudfront.net

privacy.britepool.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.212.101.34 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-101-34.compute-1.amazonaws.com

optout.crsspxl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.123 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-123.fra53.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.212.101.179 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-212-101-179.compute-1.amazonaws.com

optout.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adssettings.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adssettings.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:765:4800:7681:18d0:4c60:ba77 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pxl.iqm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 170.76.128.226 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.155.159.56 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-159-56.us-west-2.compute.amazonaws.com

dts.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.27.164.51 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-164-51.us-west-2.compute.amazonaws.com

partner.knorex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.121.140.207 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)

www.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.209.200.15 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-200-15.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.53 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.45 (United States)

ASN62713 (AS-PUBMATIC, US)

apps.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:8f4 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

api.retargetly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.171.80 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-171-80.eu-central-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.244.119 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.148 (Rotterdam, Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1.go.sonobi.com

go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.246.49 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

privacy.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.243 (United States)

ASN15133 (EDGECAST, US)

entitlements.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

cdn.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.19.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-19-104.fra56.r.cloudfront.net

s1.cnnx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.19.224.207 (United States)

ASN14332 (SHOPZILLA, US)

connexity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:6798:75ff:a274:9693 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.180.3 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.142.200 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-142-200.compute-1.amazonaws.com

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.87.177 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-87-177.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.47.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-47-217.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:5600:10:8317:ee40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.amgdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:24:b002:bc48:7748:582:a849 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

ingest.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.19.224.205 (United States)

ASN14332 (SHOPZILLA, US)

t.e1e.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:2800:133:202d:cd5:25f1:103b:1d26 (United States)

ASN15133 (EDGECAST, US)

x-default-stgec.uplynk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	moatads.com z.moatads.com px.moatads.com px2.moatads.com px2m.moatads.com dsa.moatads.com	1 MB
61	fox42kptm.com 23 redirects fox42kptm.com	2 MB
51	truste.com preferences-mgr.truste.com	39 KB
33	googlesyndication.com 948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	771 KB
32	doubleclick.net 4 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	150 KB
26	trustarc.com consent.trustarc.com consent-pref.trustarc.com consent-st.trustarc.com	414 KB
25	adlightning.com tagan.adlightning.com	610 KB
22	uplynk.com content.uplynk.com content-aeuf1.uplynk.com x-default-stgec.uplynk.com	2 MB
22	amazonaws.com 3gz8cg829c.execute-api.us-west-2.amazonaws.com	2 MB
14	33across.com 1 redirects ssc.33across.com optout.33across.com ssc-cms.33across.com	2 KB
13	yahoo.com 1 redirects c2shb.ssp.yahoo.com pr-bh.ybp.yahoo.com ads.yahoo.com	50 KB
12	amgdgt.com 5 redirects ad.amgdgt.com cdn.amgdgt.com	124 KB
12	rubiconproject.com 4 redirects ads.rubiconproject.com fastlane.rubiconproject.com pixel.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	134 KB
12	googletagservices.com www.googletagservices.com	426 KB
12	sinclairstoryline.com sinclairstoryline.com livevideostatus.sinclairstoryline.com	33 KB
11	google.com 1 redirects www.google.com adservice.google.com adssettings.google.com	3 KB
9	casalemedia.com 3 redirects htlb.casalemedia.com casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	8 KB
8	criteo.com 2 redirects gum.criteo.com mug.criteo.com bidder.criteo.com	8 KB
7	amazon-adsystem.com 1 redirects c.amazon-adsystem.com s.amazon-adsystem.com	42 KB
7	googleapis.com fonts.googleapis.com imasdk.googleapis.com	696 KB
5	adnxs.com 1 redirects ib.adnxs.com acdn.adnxs.com	20 KB
5	google.de 1 redirects www.google.de adservice.google.de adssettings.google.de	3 KB
5	google-analytics.com www.google-analytics.com	21 KB
5	lightboxcdn.com www.lightboxcdn.com	144 KB
4	jwpltx.com prd.jwpltx.com	164 B
4	jwpcdn.com ssl.p.jwpcdn.com	191 KB
4	twitter.com platform.twitter.com syndication.twitter.com	144 KB
3	connexity.net connexity.net	6 KB
3	w55c.net 3 redirects i.w55c.net pm.w55c.net	2 KB
3	mathtag.com 2 redirects www.mathtag.com pixel.mathtag.com sync.mathtag.com	2 KB
3	shopzilla.com 1 redirects www.shopzilla.com	2 KB
3	gstatic.com fonts.gstatic.com	90 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	adsrvr.org match.adsrvr.org	529 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	655 B
2	indexww.com js-sec.indexww.com	2 KB
2	retargetly.com 2 redirects api.retargetly.com	761 B
2	pubmatic.com apps.pubmatic.com cdn.pubmatic.com	5 KB
2	turn.com 2 redirects r.turn.com	599 B
2	criteo.net static.criteo.net	52 KB
2	media.net prebid.media.net contextual.media.net	8 KB
2	3lift.com tlx.3lift.com eb2.3lift.com	563 B
2	twimg.com pbs.twimg.com	6 KB
2	rlcdn.com idsync.rlcdn.com id.rlcdn.com	66 B
2	appspot.com paywall-prod.appspot.com	179 B
1	e1e.io t.e1e.io	8 KB
1	tidaltv.com 1 redirects ingest.tidaltv.com	221 B
1	adentifi.com rtb.adentifi.com	88 B
1	extend.tv 1 redirects sync.extend.tv	546 B
1	cnnx.io s1.cnnx.io	73 KB
1	2mdn.net s0.2mdn.net	17 KB
1	jwplayer.com entitlements.jwplayer.com	244 B
1	tapad.com 1 redirects privacy.tapad.com	142 B
1	sonobi.com 1 redirects go.sonobi.com	558 B
1	sojern.com 1 redirects pixel.sojern.com	200 B
1	quantserve.com 1 redirects pixel.quantserve.com	222 B
1	contextweb.com 1 redirects bh.contextweb.com	289 B
1	owneriq.net 1 redirects px.owneriq.net	475 B
1	openx.net 1 redirects u.openx.net	183 B
1	postrelease.com 1 redirects jadserve.postrelease.com	397 B
1	knorex.com 1 redirects partner.knorex.com	348 B
1	innovid.com 1 redirects dts.innovid.com	257 B
1	iqm.com 1 redirects pxl.iqm.com	376 B
1	emxdgt.com 1 redirects optout.emxdgt.com	280 B
1	company-target.com 1 redirects segments.company-target.com	402 B
1	crsspxl.com 1 redirects optout.crsspxl.com	349 B
1	britepool.com 1 redirects privacy.britepool.com	260 B
1	ml314.com 1 redirects ml314.com	413 B
1	bidr.io 1 redirects optout.prod.bidr.io	369 B
1	audrte.com 1 redirects optout.audrte.com	731 B
1	apolloprogram.io 1 redirects apolloprogram.io	237 B
1	alphonso.tv 1 redirects optout.alphonso.tv	272 B
1	demdex.net 1 redirects www.demdex.net	543 B
1	tynt.com 1 redirects optout.tynt.com	489 B
1	zdbb.net 1 redirects optout.zdbb.net	242 B
1	ugo.com 1 redirects optout.ugo.com	243 B
1	toolbox.com 1 redirects optout.toolbox.com	246 B
1	techbargains.com 1 redirects optout.techbargains.com	248 B
1	pcmag.com 1 redirects optout.pcmag.com	242 B
1	ign.com 1 redirects optout.ign.com	242 B
1	ziffdavis.com 1 redirects optout.ziffdavis.com	246 B
1	extremetech.com 1 redirects optout.extremetech.com	248 B
1	askmen.com 1 redirects optout.askmen.com	245 B
1	1up.com 1 redirects optout.1up.com	241 B
1	weborama.com 1 redirects optout.bigsea.weborama.com	204 B
1	thebrighttag.com 1 redirects s.thebrighttag.com	390 B
1	parrable.com 1 redirects optout.parrable.com	390 B
1	wsod.com 1 redirects ad.wsod.com	383 B
1	app.link 1 redirects app.link	327 B
1	bluecava.com 1 redirects preferences.bluecava.com	314 B
1	ipredictive.com 1 redirects my.ipredictive.com	124 B
1	acuityplatform.com 1 redirects acuityplatform.com	321 B
1	truste-svc.net prefmgr-cookie.truste-svc.net	2 KB
1	azurewebsites.net lightboxapi.azurewebsites.net	781 B
1	userway.org api.userway.org	721 B
1	yieldmo.com ads.yieldmo.com	224 B
1	googletagmanager.com www.googletagmanager.com	33 KB
0	mxptint.net Failed optout.mxptint.net Failed
485	98

	Domain	Requested by
61	fox42kptm.com	23 redirects fox42kptm.com tagan.adlightning.com z.moatads.com
51	preferences-mgr.truste.com	fox42kptm.com www.mathtag.com cdn.pubmatic.com ad.amgdgt.com s1.cnnx.io
50	px.moatads.com	948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com fox42kptm.com
26	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com fox42kptm.com
25	tagan.adlightning.com	fox42kptm.com tagan.adlightning.com 948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com
24	tpc.googlesyndication.com	948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com tagan.adlightning.com
22	3gz8cg829c.execute-api.us-west-2.amazonaws.com	fox42kptm.com
19	consent-pref.trustarc.com	consent.trustarc.com consent-pref.trustarc.com fox42kptm.com prefmgr-cookie.truste-svc.net
12	z.moatads.com	948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com tagan.adlightning.com z.moatads.com
12	www.googletagservices.com	fox42kptm.com 948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com tagan.adlightning.com
11	x-default-stgec.uplynk.com	ssl.p.jwpcdn.com
10	c2shb.ssp.yahoo.com	ads.rubiconproject.com
10	ssc.33across.com	ads.rubiconproject.com
9	ad.amgdgt.com	5 redirects fox42kptm.com ad.amgdgt.com
7	content-aeuf1.uplynk.com	ssl.p.jwpcdn.com
7	pagead2.googlesyndication.com	www.googletagservices.com srcdoc securepubads.g.doubleclick.net tpc.googlesyndication.com
7	www.google.com	fox42kptm.com tagan.adlightning.com
7	livevideostatus.sinclairstoryline.com	fox42kptm.com
6	consent.trustarc.com	fox42kptm.com consent.trustarc.com
5	pixel.rubiconproject.com	1 redirects fox42kptm.com
5	c.amazon-adsystem.com	fox42kptm.com c.amazon-adsystem.com
5	www.google-analytics.com	fox42kptm.com www.google-analytics.com
5	www.lightboxcdn.com	fox42kptm.com www.lightboxcdn.com tagan.adlightning.com
5	sinclairstoryline.com	fox42kptm.com sinclairstoryline.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	cm.g.doubleclick.net	3 redirects fox42kptm.com
4	prd.jwpltx.com	fox42kptm.com
4	imasdk.googleapis.com	fox42kptm.com tagan.adlightning.com imasdk.googleapis.com
4	ssl.p.jwpcdn.com	fox42kptm.com tagan.adlightning.com
4	ib.adnxs.com	1 redirects ads.rubiconproject.com acdn.adnxs.com
4	gum.criteo.com	2 redirects tagan.adlightning.com
4	content.uplynk.com	fox42kptm.com ssl.p.jwpcdn.com
3	cdn.amgdgt.com	ad.amgdgt.com
3	token.rubiconproject.com	3 redirects
3	connexity.net	s1.cnnx.io connexity.net
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	ssc-cms.33across.com	ads.rubiconproject.com
3	www.shopzilla.com	1 redirects fox42kptm.com s1.cnnx.io
3	px2.moatads.com	z.moatads.com
3	mug.criteo.com	fox42kptm.com
3	adservice.google.com	tagan.adlightning.com
3	adservice.google.de	tagan.adlightning.com
3	fonts.gstatic.com	fonts.googleapis.com
3	sb.scorecardresearch.com	1 redirects fox42kptm.com
3	fonts.googleapis.com	fox42kptm.com 948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com
2	pm.w55c.net	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	match.adsrvr.org	fox42kptm.com ssum-sec.casalemedia.com
2	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
2	sync-tm.everesttech.net	2 redirects
2	js-sec.indexww.com	ads.rubiconproject.com ssum-sec.casalemedia.com
2	eus.rubiconproject.com	ads.rubiconproject.com eus.rubiconproject.com
2	api.retargetly.com	2 redirects
2	r.turn.com	2 redirects
2	static.criteo.net	ads.rubiconproject.com static.criteo.net
2	948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net tagan.adlightning.com
2	pbs.twimg.com	fox42kptm.com
2	syndication.twitter.com	fox42kptm.com platform.twitter.com
2	platform.twitter.com	fox42kptm.com platform.twitter.com
2	paywall-prod.appspot.com	fox42kptm.com
1	t.e1e.io	connexity.net
1	ingest.tidaltv.com	1 redirects
1	id.rlcdn.com	fox42kptm.com
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	sync.extend.tv	1 redirects
1	ads.yahoo.com	fox42kptm.com
1	sync.mathtag.com	1 redirects
1	pixel.mathtag.com	1 redirects
1	s1.cnnx.io	www.shopzilla.com
1	cdn.pubmatic.com	apps.pubmatic.com
1	s0.2mdn.net	imasdk.googleapis.com
1	eb2.3lift.com	ads.rubiconproject.com
1	acdn.adnxs.com	ads.rubiconproject.com
1	contextual.media.net	ads.rubiconproject.com
1	entitlements.jwplayer.com	fox42kptm.com
1	privacy.tapad.com	1 redirects
1	go.sonobi.com	1 redirects
1	pixel.sojern.com	1 redirects
1	i.w55c.net	1 redirects
1	pixel.quantserve.com	1 redirects
1	bh.contextweb.com	1 redirects
1	apps.pubmatic.com	fox42kptm.com
1	px.owneriq.net	1 redirects
1	u.openx.net	1 redirects
1	jadserve.postrelease.com	1 redirects
1	www.mathtag.com	fox42kptm.com
1	partner.knorex.com	1 redirects
1	dts.innovid.com	1 redirects
1	casalemedia.com	1 redirects
1	pxl.iqm.com	1 redirects
1	adssettings.google.de	1 redirects
1	adssettings.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	optout.emxdgt.com	1 redirects
1	segments.company-target.com	1 redirects
1	optout.crsspxl.com	1 redirects
1	privacy.britepool.com	1 redirects
1	ml314.com	1 redirects
1	optout.prod.bidr.io	1 redirects
1	optout.audrte.com	1 redirects
1	apolloprogram.io	1 redirects
1	optout.alphonso.tv	1 redirects
1	www.demdex.net	1 redirects
1	optout.tynt.com	1 redirects
1	optout.33across.com	1 redirects
1	optout.zdbb.net	1 redirects
1	optout.ugo.com	1 redirects
1	optout.toolbox.com	1 redirects
1	optout.techbargains.com	1 redirects
1	optout.pcmag.com	1 redirects
1	optout.ign.com	1 redirects
1	optout.ziffdavis.com	1 redirects
1	optout.extremetech.com	1 redirects
1	optout.askmen.com	1 redirects
1	optout.1up.com	1 redirects
1	optout.bigsea.weborama.com	1 redirects
1	s.thebrighttag.com	1 redirects
1	optout.parrable.com	1 redirects
1	ad.wsod.com	1 redirects
1	app.link	1 redirects
1	preferences.bluecava.com	1 redirects
1	my.ipredictive.com	1 redirects
1	acuityplatform.com	1 redirects
1	dsa.moatads.com	fox42kptm.com
1	px2m.moatads.com	fox42kptm.com
1	prefmgr-cookie.truste-svc.net	fox42kptm.com
1	lightboxapi.azurewebsites.net	www.lightboxcdn.com
1	api.userway.org	sinclairstoryline.com
1	bidder.criteo.com	ads.rubiconproject.com
1	fastlane.rubiconproject.com	ads.rubiconproject.com
1	htlb.casalemedia.com	ads.rubiconproject.com
1	prebid.media.net	ads.rubiconproject.com
1	ads.yieldmo.com	ads.rubiconproject.com
1	tlx.3lift.com	ads.rubiconproject.com
1	www.google.de	fox42kptm.com
1	consent-st.trustarc.com	consent-pref.trustarc.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	idsync.rlcdn.com	fox42kptm.com
1	ads.rubiconproject.com	fox42kptm.com
1	www.googletagmanager.com	fox42kptm.com
0	optout.mxptint.net Failed	fox42kptm.com
485	141

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
sbgi.net
publicfiles.fcc.gov
edyy.fa.us2.oraclecloud.com

Subject Issuer	Validity	Valid
fox42kptm.com Amazon	`2021-03-16` - `2022-04-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
frontend.sinclairstoryline.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
ssl1029400.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-06` - `2022-06-30`	a year	crt.sh
*.adlightning.com Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.appspot.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
livevideostatus.sinclairstoryline.com Amazon	`2021-11-17` - `2022-12-16`	a year	crt.sh
*.uplynk.com Amazon	`2021-08-26` - `2022-09-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.yieldmo.com Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2021-09-28` - `2021-12-27`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-12` - `2022-05-05`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
api.userway.org Amazon	`2021-11-02` - `2022-11-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 02	`2021-07-07` - `2022-07-07`	a year	crt.sh
*.truste-svc.net Go Daddy Secure Certificate Authority - G2	`2020-04-25` - `2022-06-23`	2 years	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.jwplayer.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
*.truste.com Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh
*.amgdgt.com Amazon	`2021-10-23` - `2022-11-20`	a year	crt.sh
*.shopzilla.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-26` - `2022-08-25`	a year	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
entitlements.jwplayer.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-30` - `2022-06-30`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.cnnx.io Sectigo RSA Domain Validation Secure Server CA	`2021-08-10` - `2022-09-09`	a year	crt.sh
*.connexity.net Sectigo RSA Domain Validation Secure Server CA	`2021-06-17` - `2022-07-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
adentifi.com Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.e1e.io Sectigo RSA Domain Validation Secure Server CA	`2021-04-28` - `2022-05-28`	a year	crt.sh

This page contains 86 frames:

Primary Page: https://fox42kptm.com/
Frame ID: FAA3144F44D07534AA1093C5EAF5AADE
Requests: 234 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
Frame ID: F9C4773FC278E8B99F138D8D0FE55D1E
Requests: 20 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Ffox42kptm.com
Frame ID: C4D585A0B8D16C20BFEEF6420BF23029
Requests: 2 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html
Frame ID: EFAF50AB9B180782FA9E001054C5FA74
Requests: 1 HTTP requests in this frame

Frame: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 31FD24B542497401CE666990AC4B8849
Requests: 1 HTTP requests in this frame

Frame: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B5A7EFCEEF89C2B08DA68ABDA7250064
Requests: 18 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Frame ID: F41886F2680C796B14DE1F61A3EFC541
Requests: 9 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Frame ID: 1578AD52EBE1A1FED228212CB545F2BC
Requests: 9 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http://sbgi.net/privacy-policy&irm=undefined&from=https://consent.trustarc.com/
Frame ID: 45575AF5ABF3BA575162FCF076E2DFCC
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Frame ID: 8D6E077226CB1860AA2E162FA7CB64F7
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Frame ID: CC2F217743E981A86DC461F356654CB7
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Frame ID: 08CF61431981C0AC845257C5CC1F75E9
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Frame ID: DBC3C525C4FC14323A7491B3B0C964D7
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Frame ID: 39223DC5EEE1ED7F432F043AE72C11EE
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Frame ID: AF1551A3D4E2E4D9D4232AFCC4D23F7F
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Frame ID: 7DB2F93E908FAC5618F0A2D05B9925B0
Requests: 9 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Frame ID: AD8EEAD65AD897A1BC528894556488E6
Requests: 10 HTTP requests in this frame

Frame: https://z.moatads.com/px2/client.js
Frame ID: FF9BC2A315DC47308FE3014A1E3D1B4B
Requests: 9 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: ED6E4DF4A6E79E1800692905A2357586
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/383/1/7PM7oxuhHq/
Frame ID: 9BD706FAB269B378A4945DB65A1A1C4E
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/642/1/adelphic
Frame ID: ACB2BD7AA94364EDAA004D04C80E3AD4
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/569/1/bluecava-csrf/
Frame ID: 39C1199F09B59390DD187B10DD6182D3
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/636/2/64821292050951022196/
Frame ID: 6F2CEC3EC3A01F1E09289AD43BABED82
Requests: 8 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/713/1-2/
Frame ID: AA8185DA449F6E9A8DAC7A16C26DF906
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/816/1-0
Frame ID: 310BA9DA6698156D6F82B982405D90BC
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/611/2/920231623462061194/
Frame ID: 290EF4B1B7ED3F64B80B3F936DC67915
Requests: 4 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/
Frame ID: 514030471A636B93B409538E1A2DABE3
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/742/1
Frame ID: D671405E6BD3CE65031D5391C7E09EC1
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/519/1/0
Frame ID: 6E4607A3BC4A85DC1950690C41B2BDD4
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/747/1-0/csrf
Frame ID: C284D035CA3BB060C21926398BCEECBA
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/620/1/77390c34-2e5c-42ae-8cc9-c945aa5e5514/
Frame ID: BE8E5993D49F80D4719B755FE2007018
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/619/1/5c789485-af43-4eb6-8dfd-3b4aed85a105/
Frame ID: EFD858A00DADD2D1A4F8A9980BA12257
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/615/1/15a1cb3a-46f3-4cb3-8e87-b8ee5b97e78d/
Frame ID: A5587514ADB3CB4E4BFD46CE000EE406
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/632/1/3cc2f022-3b32-4426-8bc3-3f1fc93df57c/
Frame ID: EE0F033E23CB16A36C3005BC54B9372B
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/618/1/3772b3b8-c5e3-4fef-b398-a28e147aa9a2/
Frame ID: CE35B6CE56A22C454556C1E6EA2B31B5
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/614/1/86b674ad-04fc-40e5-ae9a-a8f27a0101c0/
Frame ID: CC9310802F689D2DD5F75DCE06016BD1
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/631/1/0f1500c8-de2b-4c4a-a374-1b9f9dff2556/
Frame ID: 7B5A9E8FF59971D1DA2143CD9DB0FC48
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/626/1/810ba329-2b88-4349-8868-680b9956c8f0/
Frame ID: 22FE6D7D954C553070840243F65C44C0
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/627/1/d7c9032e-41b5-470b-9893-04a465d42aeb/
Frame ID: FF25268342CD12FF8E32103D5CA87DC1
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/633/1/e9b5e344-76fb-4aa0-adc2-01fd185ed25e/
Frame ID: 9C724428ACD6739EB6E70C48CE8D4CD7
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/258/1/a3f6adda113dadec/
Frame ID: E0EDDBD0247EEA48A33E932ACD90079F
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/488/1/4846e59b55089f84/
Frame ID: 0CF432B5337209594A23489129B85C47
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/512/1/1637811193835
Frame ID: 4E4FBCCB85A2362C7660B37C414649C9
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/768/1
Frame ID: DD58552661D50E9DA91CD5A07DED3D7B
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/559/1-0/243369891/
Frame ID: 98F52CFB013F98BF12A7FAF728996DC1
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/823/1-0
Frame ID: 9C9E72A0E02BAFA0F8DA01B2936AC37A
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/781/1/0b9490d1f38e
Frame ID: F601788643935749660247C13BA219BE
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/
Frame ID: 380803CD8D4C1E948C9F35BEEA3EF0DB
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/853/1-0
Frame ID: 44550DA311507D0E87633962EE6A0D5A
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/392/1/253614
Frame ID: 6044AADF9DB24B5B9634A13A7FCAD417
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/762/1-0/
Frame ID: 1920CEE4558582434A3AEBA937F8BDCA
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/818/0-0
Frame ID: 049F5EC64728F00ED85090DFF0EA2F92
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/804/2/AFT-j8gAAAAAYZ8LAbeuwfUdVK0-XPS0GQASM015t_bK/
Frame ID: D7F2A5090FD92DE844C98180A058E28A
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/789/1/29c20b7f96c7d51421db9667dc879d78
Frame ID: CF6559365197A9C2C1A043FD26AF7632
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/848/1/wgPseVarXSJp5xk7RGyogcBmx
Frame ID: 7BE58015B9E4B33028300C0150BE7B8D
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/321/1/17d55278aca/
Frame ID: 5F60A4A975909A2FE706BDC59F87D755
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/641/1/bf2a3ed4-5444-4599-b0d2-bcc9f33609a4/
Frame ID: 733AFCD5DB2A82A12B902A7E01514152
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/366/1-0/iD73m9npAf
Frame ID: E39E82D9956E7ADA595F1005EB86C76E
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/807/1-1/l6s8ndc36ht0pbe7q2q9n0jal6/
Frame ID: 07E8FF56D266DD6BE391092798200F28
Requests: 2 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/755/3/
Frame ID: 0B8EA3133667C1E1BF4751A1B4F6B225
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/765/1/1637811193/
Frame ID: 9B4A64C1C0CAE5AAAF3F9D727F4C35FE
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/591/1-1/no-token
Frame ID: 4AD865B74D1BB9E4A036B5EABA92308E
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/420/1/5lgZNsRPmYlMZd8b0KVIQmnjTLfbQd9tr7yx/
Frame ID: E9B6C793469EED1E841D840C8466406B
Requests: 3 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/422/1/kRbHDBQU59Vc
Frame ID: 5AD873CF2802B1523240D159103A6837
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/806/1-0/O07112450421637811193788/
Frame ID: 10440287A0340E6A668B5A77D5B13992
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/497/2-0/0
Frame ID: 8F31E9AA560B0E4DF3287A09721FBDEE
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/831/1-1/224195000
Frame ID: 78A3D8F01CD4C9BD0BD07F3D5AB481F8
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/604/1/JzOgcAbcCdfipmDb
Frame ID: E754F3A92B9F06BBB8BE55B82219159C
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/862/1/
Frame ID: 8E03C803CE1B33EAB20559F191BB3E01
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/428/1/f2a39858-bf77-4da6-85fc-a2760939aa33/
Frame ID: 76A878D0912B042AA2CBE67A4CAB9681
Requests: 1 HTTP requests in this frame

Frame: https://optout.mxptint.net/daastatus.ashx?rd=http://preferences-mgr.truste.com&participant_id=540&action_id=3
Frame ID: 1CD3BB2DF2B060A84B969B5376DE6C5F
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ceICvyEA8r6PfxaKlId8sQ&gdpr_consent=undefined&us_privacy=1-N-
Frame ID: 3711AC0392CD1571C98448A8E01D3EC3
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU34Q8WJ&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=1&usp_consent=1&uspstring=1-N-&itype=PREBID
Frame ID: 4767AEB2DEE934DDC86DA73E91253568
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cg8vSWEA8r6PfxaKlId8sQ&gdpr_consent=undefined&us_privacy=1-N-
Frame ID: 8E74772EBC0C59548D7CFEDFA3CAE302
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 46FEEB0385DF1D9906BA702CDCBA1BB4
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1-N-&
Frame ID: 6BE87E68BAC6C9A02464FE35031C3F81
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1-N-
Frame ID: 543810FE76E7EBC093070190AD044AB8
Requests: 10 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cLSdvgEA8r6PfxaKlId8sQ&gdpr_consent=undefined&us_privacy=1-N-
Frame ID: 5A6A2FC723587CEDDE96F0AF98D26B80
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C592723C28CC887C1412B8D926BA2FEA
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: A682CA46E4DFBBFC030A5BB269C95EF8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A564B48E491FF0FAB85AEC6A180C27ED
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://fox42kptm.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: FBAAFC9C4120F10BA0F7C189ACD3F30E
Requests: 10 HTTP requests in this frame

Frame: https://connexity.net/c/cse?a=O&O=10&xdm_e=https%3A%2F%2Fwww.shopzilla.com&xdm_c=default2492&xdm_p=1
Frame ID: B0E41B242BE86020879ECCB25B0A2F48
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=fox42kptm.com
Frame ID: 234B6BA47FFAE6B6E678B06B71531810
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 659AAEF7AF63FE0C45C49A723EE8C16A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9F868982A51072948DF872B6109F0C71
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Omaha News, Weather, Sports, Breaking News | KPTMsbg-envelope

Page URL History Show full URLs

http://fox42kptm.com/ HTTP 301
https://fox42kptm.com/ Page URL

Page Statistics

485
Requests

91 %
HTTPS

29 %
IPv6

98
Domains

141
Subdomains

80
IPs

8
Countries

10397 kB
Transfer

21700 kB
Size

64
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/fox42kptm

Search URL Search Domain Scan URL

URL: https://twitter.com/fox42kptm

Search URL Search Domain Scan URL

URL: https://sbgi.net/terms-conditions/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://sbgi.net/copyright/
Title: Copyright Notices

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/kptm
Title: FCC Info

Search URL Search Domain Scan URL

URL: https://edyy.fa.us2.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_2002/requisitions?location=Omaha,%20NE,%20United%20States&locationId=100000012528964&locationLevel=city&radius=0&radiusUnit=MI
Title: Careers

Search URL Search Domain Scan URL

URL: http://sbgi.net/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://sbgi.net/privacy-policy#cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fox42kptm.com/ HTTP 301
https://fox42kptm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://fox42kptm.com/resources/media2/16x9/full/730/center/80/ef97127f-913d-415b-9221-8d2d5b23fbb8-jumbo16x9_Groceries.png HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/730/center/80/ef97127f-913d-415b-9221-8d2d5b23fbb8-jumbo16x9_Groceries.png

Request Chain 33

https://fox42kptm.com/resources/media2/36x25/full/360/center/80/4ddfa226-07ab-4118-93ef-4a169244a6a6-jumbo36x25_COVID.png HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/360/center/80/4ddfa226-07ab-4118-93ef-4a169244a6a6-jumbo36x25_COVID.png

Request Chain 34

https://fox42kptm.com/resources/media2/36x25/full/360/center/80/7d63b71a-15a9-426a-b64b-2c2bf4ee6318-jumbo36x25_dist06_01.jpg HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/360/center/80/7d63b71a-15a9-426a-b64b-2c2bf4ee6318-jumbo36x25_dist06_01.jpg

Request Chain 35

https://fox42kptm.com/resources/media2/36x25/full/140/center/80/4421fa0f-681c-40f4-950d-28b72ae65cfd-jumbo36x25_HospitalBed.jpg HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/4421fa0f-681c-40f4-950d-28b72ae65cfd-jumbo36x25_HospitalBed.jpg

Request Chain 36

https://fox42kptm.com/resources/media2/36x25/full/140/center/80/ade5f8ca-f1b5-44e4-8f3d-95d3ce6742a3-jumbo36x25_biden.jpg HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/ade5f8ca-f1b5-44e4-8f3d-95d3ce6742a3-jumbo36x25_biden.jpg

Request Chain 37

https://fox42kptm.com/resources/media2/36x25/full/140/center/80/14474a82-4a17-4b39-9fde-c7ce7b1ea802-jumbo36x25_AP20277107883557.jpg HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/14474a82-4a17-4b39-9fde-c7ce7b1ea802-jumbo36x25_AP20277107883557.jpg

Request Chain 38

https://fox42kptm.com/resources/media2/36x25/full/140/center/80/68e526bc-0599-4cc0-b77f-6fd71f519379-jumbo36x25_WDaleClark.png HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/68e526bc-0599-4cc0-b77f-6fd71f519379-jumbo36x25_WDaleClark.png

Request Chain 39

https://fox42kptm.com/resources/media2/36x25/full/140/center/80/d1f906f1-efac-452f-9925-df4b9235fb71-jumbo36x25_AP21274679968450.jpg HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/d1f906f1-efac-452f-9925-df4b9235fb71-jumbo36x25_AP21274679968450.jpg

Request Chain 40

https://fox42kptm.com/resources/media2/36x25/full/140/center/80/df086f40-2ccf-4bec-a659-8a01c3f7c366-jumbo36x25_GratitudesignsatTysonFoods.PNG HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/df086f40-2ccf-4bec-a659-8a01c3f7c366-jumbo36x25_GratitudesignsatTysonFoods.PNG

Request Chain 41

https://fox42kptm.com/resources/media2/36x25/full/140/center/80/364d9d0f-e255-4f02-a04a-aa7ea24acd5b-jumbo36x25_IMG_3343.jpg HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/364d9d0f-e255-4f02-a04a-aa7ea24acd5b-jumbo36x25_IMG_3343.jpg

Request Chain 42

https://fox42kptm.com/resources/media2/36x25/full/372/center/80/99a77588-a8e1-4e93-9acf-d5d9eff07cb8-jumbo36x25_signatureGettyImages.jpg HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/372/center/80/99a77588-a8e1-4e93-9acf-d5d9eff07cb8-jumbo36x25_signatureGettyImages.jpg

Request Chain 43

https://fox42kptm.com/resources/media2/36x25/full/372/center/80/207c57c8-6d52-4185-9cc5-2d01d427d652-jumbo36x25_BackCover.jpg HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/372/center/80/207c57c8-6d52-4185-9cc5-2d01d427d652-jumbo36x25_BackCover.jpg

Request Chain 44

https://fox42kptm.com/resources/media2/36x25/full/372/center/80/bcf9ed7c-6db5-425c-a4e7-bcc51f276a0f-jumbo36x25_nebraskastatefair.PNG HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/372/center/80/bcf9ed7c-6db5-425c-a4e7-bcc51f276a0f-jumbo36x25_nebraskastatefair.PNG

Request Chain 45

https://fox42kptm.com/resources/media2/16x9/full/210/center/80/3863ffb5-2f13-41dd-b24e-8b6508629976-jumbo16x9_FBvsIllinois2246.jpg HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/3863ffb5-2f13-41dd-b24e-8b6508629976-jumbo16x9_FBvsIllinois2246.jpg

Request Chain 46

https://fox42kptm.com/resources/media2/16x9/full/210/center/80/90370b0d-a1c7-469b-aca8-ccd5cc2d65d7-jumbo16x9_holidayGettyImages.jpg HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/90370b0d-a1c7-469b-aca8-ccd5cc2d65d7-jumbo16x9_holidayGettyImages.jpg

Request Chain 47

https://fox42kptm.com/resources/media2/16x9/full/210/center/80/427b0860-1095-4885-aa8d-8602d340f701-jumbo16x9_thanksgiving2.PNG HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/427b0860-1095-4885-aa8d-8602d340f701-jumbo16x9_thanksgiving2.PNG

Request Chain 48

https://fox42kptm.com/resources/media2/16x9/full/210/center/80/5388e2d5-15c5-4de1-a309-25d5fd04d767-jumbo16x9_AP21316021673474.jpg HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/5388e2d5-15c5-4de1-a309-25d5fd04d767-jumbo16x9_AP21316021673474.jpg

Request Chain 72

https://sb.scorecardresearch.com/b?c1=2&c2=19578925&ns__t=1637811188726&ns_c=UTF-8&cv=3.5&c8=Omaha%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20KPTM&c7=https%3A%2F%2Ffox42kptm.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=19578925&ns__t=1637811188726&ns_c=UTF-8&cv=3.5&c8=Omaha%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20KPTM&c7=https%3A%2F%2Ffox42kptm.com%2F&c9=

Request Chain 84

https://fox42kptm.com/resources/media2/16x9/full/351/center/80/ef97127f-913d-415b-9221-8d2d5b23fbb8-jumbo16x9_Groceries.png HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/351/center/80/ef97127f-913d-415b-9221-8d2d5b23fbb8-jumbo16x9_Groceries.png

Request Chain 85

https://fox42kptm.com/resources/media2/1x1/full/100/center/80/b0550d71-8cff-45b3-a54b-00419bd5b4fb-large1x1_Gov.PeteRickettsinhisoffice.jpg HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/b0550d71-8cff-45b3-a54b-00419bd5b4fb-large1x1_Gov.PeteRickettsinhisoffice.jpg

Request Chain 86

https://fox42kptm.com/resources/media2/1x1/full/100/center/80/0ec04194-ff9b-4fe7-9502-26336c3ed676-large1x1_KatrinaAlspaugh.png HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/0ec04194-ff9b-4fe7-9502-26336c3ed676-large1x1_KatrinaAlspaugh.png

Request Chain 87

https://fox42kptm.com/resources/media2/1x1/full/100/center/80/d1f906f1-efac-452f-9925-df4b9235fb71-large1x1_AP21274679968450.jpg HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/d1f906f1-efac-452f-9925-df4b9235fb71-large1x1_AP21274679968450.jpg

Request Chain 88

https://fox42kptm.com/resources/media2/1x1/full/100/center/80/c8ca9b8d-60f6-47d3-8925-30c3ebbc9896-large1x1_carseat.JPG HTTP 301
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/c8ca9b8d-60f6-47d3-8925-30c3ebbc9896-large1x1_carseat.JPG

Request Chain 111

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffox42kptm.com%2F&domain=fox42kptm.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=mx250nw0SzMwblRpVTA0bWREeThuTmRjV0xOdnptV3hLZkZySklIcUU3elVoZVlmR0hmOGZZZzV3UVdpdW03RTlkMXhoU0xSaHg4VFFDTTJMSno2WXdPdGdaekF4NUkveUorNGdlMmpPRWFjVWtQUzcyeXptQ2ZxZEhCcmYvT1BRczh5OVlRazNkUUhCWTBNQ1dKZ2dmK3VLRkhKaWZNd1BFREhYYUdCYktxdUZidTNYcmxVNEhENlJtTEkzUEtIaEpCTGZ1RmkxdGRxdmdMUHdUNHBUS2ZmcFRDMXduTjVLWTlRNmNoYUQyNlFFRTNVPXw&cppv=2

Request Chain 304

https://acuityplatform.com/Adserver/nai?action_id=3&participant_id=383&rd=https://preferences-mgr.truste.com&nocache=0.05544559979310515 HTTP 302
https://preferences-mgr.truste.com/token/383/1/7PM7oxuhHq/

Request Chain 305

https://my.ipredictive.com/optout/aboutads?action_id=3&participant_id=642&rd=https://preferences-mgr.truste.com&nocache=0.22171448604303445 HTTP 302
https://preferences-mgr.truste.com/token/642/1/adelphic

Request Chain 306

https://preferences.bluecava.com/daa/optout.ashx?action_id=3&participant_id=569&rd=https://preferences-mgr.truste.com/&nocache=0.7879256006682422 HTTP 302
https://preferences-mgr.truste.com/token/569/1/bluecava-csrf/

Request Chain 307

https://ad.amgdgt.com/ads/nai-coop-opt-out?action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.5122424896491129 HTTP 302
https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.5122424896491129

Request Chain 308

https://r.turn.com/r/optout?action_id=3&participant_id=713&rd=https://preferences-mgr.truste.com&nocache=0.6035997644404021 HTTP 302
https://preferences-mgr.truste.com/token/713/1-2/

Request Chain 309

https://app.link/nai-optout?action_id=3&participant_id=816&rd=https://preferences-mgr.truste.com&nocache=0.0441222278973723 HTTP 302
https://preferences-mgr.truste.com/token/816/1-0

Request Chain 310

https://www.shopzilla.com/opt_out_external?action_id=3&participant_id=611&rd=https://preferences-mgr.truste.com&nocache=0.5073654726964438 HTTP 302
https://www.shopzilla.com/ad_retarget_global_opt_out?isExternalOptOut=true&rd=https://preferences-mgr.truste.com&action_id=3&participant_id=611&token=920231623462061194

Request Chain 311

https://ad.wsod.com/coop_api/?action_id=3&participant_id=407&rd=https://preferences-mgr.truste.com/&nocache=0.2012291816839138 HTTP 302
https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/

Request Chain 312

https://optout.parrable.com/iba?action_id=3&participant_id=742&rd=https://preferences-mgr.truste.com/&nocache=0.9865990052656808 HTTP 302
https://preferences-mgr.truste.com//token/742/1

Request Chain 313

https://s.thebrighttag.com/api/privacy/3fLGmeU/nai?action_id=3&participant_id=519&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6490295423221435 HTTP 307
https://preferences-mgr.truste.com/token/519/1/0

Request Chain 314

https://optout.bigsea.weborama.com/optout?action_id=3&participant_id=747&rd=https://preferences-mgr.truste.com&nocache=0.52841101491288 HTTP 302
https://preferences-mgr.truste.com/token/747/1-0/csrf

Request Chain 315

https://optout.1up.com/opt-out/request?action_id=3&participant_id=620&rd=https://preferences-mgr.truste.com/&nocache=0.9747481164126433 HTTP 302
https://preferences-mgr.truste.com//token/620/1/77390c34-2e5c-42ae-8cc9-c945aa5e5514/

Request Chain 316

https://optout.askmen.com/opt-out/request?action_id=3&participant_id=619&rd=https://preferences-mgr.truste.com/&nocache=0.5473102269759003 HTTP 302
https://preferences-mgr.truste.com//token/619/1/5c789485-af43-4eb6-8dfd-3b4aed85a105/

Request Chain 317

https://optout.extremetech.com/opt-out/request?action_id=3&participant_id=615&rd=https://preferences-mgr.truste.com/&nocache=0.7428351397390511 HTTP 302
https://preferences-mgr.truste.com//token/615/1/15a1cb3a-46f3-4cb3-8e87-b8ee5b97e78d/

Request Chain 318

https://optout.ziffdavis.com/opt-out/request?action_id=3&participant_id=632&rd=https://preferences-mgr.truste.com/&nocache=0.5101008045659947 HTTP 302
https://preferences-mgr.truste.com//token/632/1/3cc2f022-3b32-4426-8bc3-3f1fc93df57c/

Request Chain 319

https://optout.ign.com/opt-out/request?action_id=3&participant_id=618&rd=https://preferences-mgr.truste.com/&nocache=0.6359066508982756 HTTP 302
https://preferences-mgr.truste.com//token/618/1/3772b3b8-c5e3-4fef-b398-a28e147aa9a2/

Request Chain 320

https://optout.pcmag.com/opt-out/request?action_id=3&participant_id=614&rd=https://preferences-mgr.truste.com/&nocache=0.9003283708094316 HTTP 302
https://preferences-mgr.truste.com//token/614/1/86b674ad-04fc-40e5-ae9a-a8f27a0101c0/

Request Chain 321

https://optout.techbargains.com/opt-out/request?action_id=3&participant_id=631&rd=https://preferences-mgr.truste.com/&nocache=0.5713093089586712 HTTP 302
https://preferences-mgr.truste.com//token/631/1/0f1500c8-de2b-4c4a-a374-1b9f9dff2556/

Request Chain 322

https://optout.toolbox.com/opt-out/request?action_id=3&participant_id=626&rd=https://preferences-mgr.truste.com/&nocache=0.0960841684763718 HTTP 302
https://preferences-mgr.truste.com//token/626/1/810ba329-2b88-4349-8868-680b9956c8f0/

Request Chain 323

https://optout.ugo.com/opt-out/request?action_id=3&participant_id=627&rd=https://preferences-mgr.truste.com/&nocache=0.09539134180976716 HTTP 302
https://preferences-mgr.truste.com//token/627/1/d7c9032e-41b5-470b-9893-04a465d42aeb/

Request Chain 324

https://optout.zdbb.net/opt-out/request?action_id=3&participant_id=633&rd=https://preferences-mgr.truste.com/&nocache=0.3738021102073448 HTTP 302
https://preferences-mgr.truste.com//token/633/1/e9b5e344-76fb-4aa0-adc2-01fd185ed25e/

Request Chain 325

https://optout.33across.com/api/?action_id=3&participant_id=258&rd=https://preferences-mgr.truste.com&nocache=0.6986973234581877 HTTP 302
https://preferences-mgr.truste.com/token/258/1/a3f6adda113dadec/

Request Chain 326

https://optout.tynt.com/api/?action_id=3&participant_id=488&rd=https://preferences-mgr.truste.com&nocache=0.6475121121320722 HTTP 302
https://preferences-mgr.truste.com/token/488/1/4846e59b55089f84/

Request Chain 327

https://www.demdex.net/daa/daa_opt.html?action_id=3&participant_id=512&rd=https://preferences-mgr.truste.com&nocache=0.08834838937129663 HTTP 302
https://preferences-mgr.truste.com/token/512/1/1637811193835

Request Chain 328

https://optout.alphonso.tv/optout_v1?action_id=3&participant_id=768&rd=https://preferences-mgr.truste.com&nocache=0.7515458405110695 HTTP 302
https://preferences-mgr.truste.com/token/768/1

Request Chain 329

https://apolloprogram.io/optout?action_id=3&participant_id=559&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.44956453420591114 HTTP 302
https://preferences-mgr.truste.com/token/559/1-0/243369891/

Request Chain 330

https://optout.audrte.com/nai?action_id=3&participant_id=823&rd=https://preferences-mgr.truste.com&nocache=0.6705308076131347 HTTP 302
https://preferences-mgr.truste.com/token/823/1-0

Request Chain 331

https://optout.prod.bidr.io/optout?action_id=3&participant_id=781&rd=https://preferences-mgr.truste.com/&nocache=0.6998410725971513 HTTP 302
https://preferences-mgr.truste.com/token/781/1/0b9490d1f38e

Request Chain 332

https://ml314.com/daaoptout.ashx?action_id=3&participant_id=718&rd=https://preferences-mgr.truste.com&nocache=0.5973914267406821 HTTP 302
https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/

Request Chain 333

https://privacy.britepool.com/status?action_id=3&participant_id=853&rd=https://preferences-mgr.truste.com&nocache=0.020557663645805357 HTTP 302
https://preferences-mgr.truste.com/token/853/1-0

Request Chain 334

https://optout.crsspxl.com/opt-out.php?action_id=3&participant_id=392&rd=https://preferences-mgr.truste.com/&nocache=0.7105913349751052 HTTP 302
https://preferences-mgr.truste.com//token/392/1/253614

Request Chain 335

https://segments.company-target.com/dnt?action_id=3&participant_id=762&rd=https://preferences-mgr.truste.com&nocache=0.9928813346327054 HTTP 302
https://preferences-mgr.truste.com/token/762/1-0/

Request Chain 336

https://optout.emxdgt.com/?action_id=3&participant_id=818&rd=https://preferences-mgr.truste.com&nocache=0.8215778589199099 HTTP 302
https://preferences-mgr.truste.com/token/818/0-0

Request Chain 337

https://googleads.g.doubleclick.net/ads/preferences/naioptout?action_id=3&participant_id=804&rd=https://preferences-mgr.truste.com&nocache=0.9016897430021813 HTTP 302
https://adssettings.google.com/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYZ8LAbeuwfUdVK0-XPS0GQASM015t_bK&aboutads_sess=ACi0TCiC7Sh0KqWKbyNfUOJkaW1O-20vzpKRNJqoekPSUwjwRoTugSKE9scWAhntxROmo_ojeplx&status=2 HTTP 302
https://adssettings.google.de/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYZ8LAbeuwfUdVK0-XPS0GQASM015t_bK&aboutads_sess=ACi0TCiC7Sh0KqWKbyNfUOJkaW1O-20vzpKRNJqoekPSUwjwRoTugSKE9scWAhntxROmo_ojeplx&status=2&ipr=y HTTP 302
https://preferences-mgr.truste.com/token/804/2/AFT-j8gAAAAAYZ8LAbeuwfUdVK0-XPS0GQASM015t_bK/

Request Chain 338

https://pxl.iqm.com/api/v1/twb/opt_out?action_id=3&participant_id=789&rd=https://preferences-mgr.truste.com&nocache=0.9324879470229022 HTTP 302
https://preferences-mgr.truste.com/token/789/1/29c20b7f96c7d51421db9667dc879d78

Request Chain 339

https://casalemedia.com/privacy/optout?action_id=3&participant_id=848&rd=https://preferences-mgr.truste.com&nocache=0.7028909602996218 HTTP 302
https://preferences-mgr.truste.com/token/848/1/wgPseVarXSJp5xk7RGyogcBmx

Request Chain 340

https://dts.innovid.com/dnt/?action_id=3&participant_id=321&rd=https://preferences-mgr.truste.com&nocache=0.4430482593245135 HTTP 302
https://preferences-mgr.truste.com/token/321/1/17d55278aca/

Request Chain 341

https://partner.knorex.com/oba/api/aboutads?action_id=3&participant_id=641&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.30323297494755774 HTTP 302
https://preferences-mgr.truste.com/token/641/1/bf2a3ed4-5444-4599-b0d2-bcc9f33609a4/

Request Chain 342

https://pixel.rubiconproject.com/oba/optout/?action_id=3&participant_id=366&rd=https://preferences-mgr.truste.com/&nocache=0.8326122657985939 HTTP 302
https://preferences-mgr.truste.com//token/366/1-0/iD73m9npAf

Request Chain 344

https://jadserve.postrelease.com/naioptout?action_id=3&participant_id=755&rd=https://preferences-mgr.truste.com&nocache=0.7483754309738488 HTTP 302
https://preferences-mgr.truste.com/token/755/3/

Request Chain 345

https://u.openx.net/privacy/daa?action_id=3&participant_id=765&rd=https://preferences-mgr.truste.com&nocache=0.9767338110720163 HTTP 302
https://preferences-mgr.truste.com/token/765/1/1637811193/

Request Chain 346

https://px.owneriq.net/nai/optout?action_id=3&participant_id=591&rd=https://preferences-mgr.truste.com&nocache=0.08491138375086416 HTTP 302
https://preferences-mgr.truste.com/token/591/1-1/no-token

Request Chain 348

https://bh.contextweb.com/bh/oba/aboutads/?action_id=3&participant_id=422&rd=https://preferences-mgr.truste.com/&nocache=0.6952672320257922 HTTP 302
https://preferences-mgr.truste.com//token/422/1/kRbHDBQU59Vc

Request Chain 349

https://pixel.quantserve.com/optout?action_id=3&participant_id=806&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6593257182812271 HTTP 302
https://preferences-mgr.truste.com/token/806/1-0/O07112450421637811193788/

Request Chain 350

https://api.retargetly.com/optout?action_id=3&participant_id=497&rd=https://preferences-mgr.truste.com/&nocache=0.02255381501620901 HTTP 302
https://api.retargetly.com/optout?action_id=3&participant_id=497&rd=https%3A%2F%2Fpreferences-mgr.truste.com%2F&nocache=0.02255381501620901&_rlid=9ba394d9-8dc8-40e3-bba6-b6a315110700 HTTP 302
https://preferences-mgr.truste.com//token/497/2-0/0

Request Chain 351

https://i.w55c.net/optout/nai?action_id=3&participant_id=831&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.9091489639580301 HTTP 302
https://preferences-mgr.truste.com/token/831/1-1/224195000

Request Chain 352

https://pixel.sojern.com/optout/do?action_id=3&participant_id=604&rd=https://preferences-mgr.truste.com&nocache=0.5565758212476122 HTTP 307
https://preferences-mgr.truste.com/token/604/1/JzOgcAbcCdfipmDb

Request Chain 353

https://go.sonobi.com/optout?action_id=3&participant_id=862&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.8081172295620316 HTTP 302
https://preferences-mgr.truste.com/token/862/1/

Request Chain 354

https://privacy.tapad.com/daa-coop?action_id=3&participant_id=428&rd=https://preferences-mgr.truste.com&nocache=0.7274371360589675 HTTP 303
https://preferences-mgr.truste.com/token/428/1/f2a39858-bf77-4da6-85fc-a2760939aa33/

Request Chain 355

https://optout.mxptint.net/daaoptout.ashx?action_id=3&participant_id=540&rd=http://preferences-mgr.truste.com&nocache=0.8218843521293426 HTTP 302
https://optout.mxptint.net/daastatus.ashx?rd=http://preferences-mgr.truste.com&participant_id=540&action_id=3

Request Chain 386

https://pixel.mathtag.com/event/img?mt_id=888&mt_nsync&mm_bnc&redir=https%3A%2F%2Fpreferences-mgr.truste.com%2F%2Ftoken%2F807%2F%5BNAI_OPTOUT%5D-1%2Fl6s8ndc36ht0pbe7q2q9n0jal6%2F HTTP 302
https://preferences-mgr.truste.com//token/807/1-1/l6s8ndc36ht0pbe7q2q9n0jal6/

Request Chain 390

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 391

https://ssum-sec.casalemedia.com/usermatch?d=https://fox42kptm.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://fox42kptm.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 397

https://token.rubiconproject.com/token?pid=25470&us_privacy=1-N- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dFRUhUUlQtVC1KNE9W&us_privacy=1-N-

Request Chain 398

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1-N- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9cd8619f-03fb-4e00-81fa-957d5a44e524

Request Chain 399

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1-N- HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1-N-&_test=YZ8D_wAHE09y_QAz HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZ8D_wAHE09y_QAz&us_privacy=1-N-&_test=YZ8D_wAHE09y_QAz

Request Chain 400

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1-N- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDPi08YhtLqlcNGs4ZEGBEc&google_cver=1

Request Chain 401

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1-N- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/JwStnPf0wL9fBmFIOPxlww?csrc=&us_privacy=1-N- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3649394813404517257

Request Chain 402

https://token.rubiconproject.com/token?pid=26594&us_privacy=1-N- HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWEEHTRT-T-J4OV&sigv=1&esig=2~331211c2884c266035c1ef66fbaccb918cfd4cbf&us_privacy=1-N-

Request Chain 404

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YZ8D-8_Jpk_tcvw38U6rIAAABLcAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEP26hlEocvNytQNp8bJLyoQ&google_cver=1

Request Chain 405

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YZ8D.8-Jpk-tcvw38U6rIAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFLaKs1s28Va8Jd2fnRz4XU&google_cver=1&gdpr=1&google_hm=2

Request Chain 406

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZ8D-8_Jpk_tcvw38U6rIAAABLcAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZ8D-8_Jpk_tcvw38U6rIAAABLcAAAIB&dcc=t

Request Chain 408

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=3be22bf8-bbf3-4ae6-be2b-6d72dde20b30

Request Chain 409

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=a3eovCwz1MQ5vB5&gdpr=1

Request Chain 426

https://ad.amgdgt.com/ads/opt-out?op=check&src=MST&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D376952129585152%26pf%3Damg%26st%3D HTTP 302
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=376952129585152&pf=amg&st=nt HTTP 302
https://cdn.amgdgt.com/base/pixels/transparent.gif

Request Chain 427

https://r.turn.com/r/optout?src=amobee&type=status&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D3142738483718651904%26pf%3Dturn%26st%3D HTTP 302
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=3142738483718651904&pf=turn&st=t HTTP 302
https://cdn.amgdgt.com/base/pixels/transparent.gif

Request Chain 428

https://ingest.tidaltv.com/opt-out?op=givethestatus&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D3033294008%26pf%3Dvid%26st%3D HTTP 302
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=3033294008&pf=vid&st=nt HTTP 302
https://cdn.amgdgt.com/base/pixels/transparent.gif

Request Chain 456

https://gum.criteo.com/sid/json?origin=publishertag&domain=fox42kptm.com&sn=ChromeSyncframe&so=3&topUrl=fox42kptm.com&bundle=ET-Mc19VRXZoVkQzVkI2UGRhZzRZVjIlMkZkblMwNEhvMHlTZGx1NEhwM2NKa1lRRjIyN0xyM0huWHAlMkZWZGFSQnU1b3J2d1B0eFd4SDFNU3NnUUFzVUYyd0lhYlJlMnE5S0x4ejF6MnR0MW0lMkJOdzFVam9rJTJCMDVqVExmRlVOWWxocDBFNWFX&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=0mCevHxHMFY2Y0hObFJnbnhoRXVnbmNwRXBldzBCdmtza0g0cWdtY1ljMFdPQVpVS3ZKQ1VJaDJhaFFMWDUyR0JVQWo4L3R1SENlUjNUYTJVNmV0cGo5OEFtT0lEVnlEUFhUbFBCbUhGOFRiOTVrSHpiN0ROdzc5OVV3WHlnUjNxeUQ0TDdQSWsvNE0xWDB2OEsyUkZkUndPc2xzNWRlbm9RQ2lsdUFMSGpkS0J0NnB5SEJBSEo0Uk0yRlFBcWdJTWxSSzkyeW1pK1M2WW9wNk81c1JQZXVXOVJyVEdHcVN0QmhuYlhncHcrNlJVYkpVSzRxYW01N3Y4OVUxRml4WWwvdmZqY2VrbUhlektyZFE2RnB4eDNKTXNDUVRHNnlnNjdCNGhvbWRLZFoxdHF1MD18&cppv=2

485 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fox42kptm.com/
Redirect Chain

http://fox42kptm.com/
https://fox42kptm.com/

454 KB
456 KB

1710ms
1688ms

Document
text/html

143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: 1a4d34ebf101524a20eb423967b0ed855c218ddf1ee63e0af1851f74028fede7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 25 Nov 2021 03:33:07 GMT
server: openresty
access-control-allow-credentials: true
access-control-allow-origin: http://sinclairstoryline.com
etag: bac54cb0-4d9e-11ec-a12b-0629df1e01f2
if-none-match: bac54cb0-4d9e-11ec-a12b-0629df1e01f2
sbgi-realpath: /renderer/fox42kptm/
sbgi-rendertime: Nov-25-2021 03:33:07
sbgi-protocol: https
host-sni: fox42kptm.com
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: bGe9S5jLq4-Mb1rmrvs1hQNOZ4EF-W8rpx7dg2jJBckEGMYzRxp-3w==

Redirect headers

Server: CloudFront
Date: Thu, 25 Nov 2021 03:33:05 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://fox42kptm.com/
X-Cache: Redirect from cloudfront
Via: 1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: Oiz9bG6gAGdWEO9RW80Rxt92lqRzlTyZT42K6fDVCuOBRaOJ9GpIbg==

GET
H2 200 privacyUtils.js Show response
fox42kptm.com/resources/assets/2021-11-23T00-23Z/core/shared/ 6 KB
3 KB 11ms
11ms Script
application/javascript 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/core/shared/privacyUtils.js
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: fd149cc6224d5959e10776f365d9c6e6a6fc293bf25927bb6eeb8e00073a69de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 01:11:19 GMT
content-encoding: gzip
age: 94908
x-cache: Hit from cloudfront
nmp-debug: resources
content-length: 2203
last-modified: Tue, 23 Nov 2021 00:46:26 GMT
server: openresty
etag: "6691f98edee81a701d32400403c3a1c5"
x-amz-version-id: m6zaz6_aJKIY3OAMY_ISRnDpvtg2EV3p
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: oDm-bUiyQ4h_uukkovD9PIXUmknIc0wgjauLTHmhs9jWRbBlNGVKTQ==
expires: Wed, 23 Nov 2022 00:46:25 GMT

GET
H2 200 common.css
fox42kptm.com/resources/assets/common/fonts/open-sans/ 630 B
1 KB 497ms
497ms Stylesheet
text/css 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/resources/assets/common/fonts/open-sans/common.css?_=2021-11-23T00-23Z
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: b686e3e2a293833a4692aabe20e2e61115fafc0a4df592641e07d0eefb64f484

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
last-modified: Thu, 12 Apr 2018 21:07:15 GMT
server: openresty
x-amz-cf-pop: FRA53-C1
etag: "96a7ea31ff8f8fce2c4c23e349c39651"
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
date: Thu, 25 Nov 2021 03:33:08 GMT
nmp-debug: resources
content-length: 630
x-amz-cf-id: bRI95KJVnlFMdqTv54wvJrb739Ht1Jvq2hmBiWOCRt9gxmIp18Kw_w==

GET
H2 200 ads.js Show response
fox42kptm.com/resources/assets/2021-11-23T00-23Z/core/shared/ 347 B
725 B 10ms
10ms Script
application/javascript 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/core/shared/ads.js
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: 1666b41d1d6fb7ba772113768f30b4b59a7494633f656ff4b12fe2a410c6c9ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 01:12:03 GMT
content-encoding: gzip
age: 94864
x-cache: Hit from cloudfront
nmp-debug: resources
content-length: 244
last-modified: Tue, 23 Nov 2021 00:46:22 GMT
server: openresty
etag: "05c0c76ac74869e90bd410e8300d42e5"
x-amz-version-id: vw19v1P4qOvJQkqZ3FrV7Ff3hxI23.w8
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: y-OeY59Zf8C4Ewl93_KO-E_O4blGJZtgTeh0eXY6msJ0txtzNzzvbQ==
expires: Wed, 23 Nov 2022 00:46:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 44ms
20ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/common/fonts/open-sans/common.css?_=2021-11-23T00-23Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d65b393a4a1a83f69af4493633f8ca93956cfe57870b5dfe97cfcb18e92c8194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 03:33:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Nov 2021 03:33:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Nov 2021 03:33:08 GMT

GET
H2 200 notice Show response
consent.trustarc.com/ 9 KB
4 KB 55ms
37ms Script
text/javascript 13.35.253.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=sbgi.net&c=teconsent&text=true&js=nj&noticeType=bb&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irmc=irmlink

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.253.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-115.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

9d7f44d77a06a94db8b8f359962128c2b94ffee62814bf78b8768d4738178f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 3649
x-xss-protection: 1; mode=block
timing-allow-origin: *
access-control-allow-origin: *
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=3600
cloudfront-viewer-country-region: BE
x-amz-cf-id: _3frXc54U38TQGLAoMHN8f_WashsluTzxNFLdAqt-ZWXKmH_oRhbtQ==
expires: Thu, 25 Nov 2021 04:33:08 GMT

GET
H2 200 player.js Show response
fox42kptm.com/resources/video/players/prod/src/scripts/jwplayer/ 7 KB
8 KB 10ms
9ms Script
application/javascript 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/resources/video/players/prod/src/scripts/jwplayer/player.js?_=2021-11-23T00-23Z
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: 9152865d677d583c117c3d013c524b3904e4c7edf59fdc9d92a7f36ee37f6588

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 01:11:20 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: resources
last-modified: Tue, 02 Nov 2021 21:29:46 GMT
server: openresty
age: 94908
etag: "ec1341ef9396e9305d5e079d18ba440e"
x-cache: Hit from cloudfront
x-amz-version-id: GI6lc0KWK32Hu2PGdfLtej3dRnhY.0M_
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
content-length: 7256
x-amz-cf-id: pOj2aRZWUNOWdUqKLHr9oGZ4d1MN_zasaAeybqsRU6ETNxR4BxlZdw==

GET
H2 200 widget.js Show response
sinclairstoryline.com/resources/defaults/userway/ 1 KB
1 KB 700ms
654ms Script
application/javascript 143.204.207.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sinclairstoryline.com/resources/defaults/userway/widget.js?2021-11-23T00-23Z
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-16.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ff62030ec15826d5df76673030a7722e255ccd09fe2de0fb04c5018f5e02689

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
last-modified: Mon, 08 Feb 2021 18:25:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"6b60b57afed873c7118f08185b5e2ded"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: LERj_HbTvhAdKINBta1Q1N.8IrmgQ11H
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-replication-status: FAILED
x-amz-meta-version-id: 6n3msFMhAfCO.VxzkWYc3kd2tATtZkdZ
content-type: application/javascript
x-amz-cf-id: 0jFfg2pDHfGJvonWCWvgOigoglhgycPW-LjTR9PkkAq780D3AnK41Q==
x-amz-meta-replication-status: FAILED

GET
H2 200 lightbox_sinclair.js Show response
www.lightboxcdn.com/static/ 6 KB
3 KB 90ms
23ms Script
application/x-javascript 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/lightbox_sinclair.js
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb0222d18b27ec46b71e2fcb8533f8b4c3182e71a9d96fd3012f42e5d7621c01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Nov 2021 03:33:08 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 9rI8H6kuI9fSSFt+4He4XA==
age: 452642
cf-polished: origSize=7214
x-ms-meta-cbmodifiedtime: Fri, 23 Apr 2021 20:57:39 GMT
last-modified: Fri, 23 Apr 2021 20:58:04 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
x-ms-request-id: 55900a2d-d01e-008e-0283-381a60000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 6b37d056ebdf3752-MXP
expires: Fri, 25 Nov 2022 03:33:08 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/sinclair/ 44 KB
19 KB 56ms
11ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/op.js
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a24bf9eeb676e49b191fb4c1dbeb242a26fd1417193816d4475f4d420bdf9821

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: ehHy7bkdIxZ_6owNEKv4yKa5Qd_J.mNG
content-encoding: gzip
etag: "039af9220ac1ef3874c0b451e135ee7c"
age: 1768
x-cache: Hit from cloudfront
content-length: 18628
x-amz-meta-git_commit: 7b120a5
last-modified: Wed, 24 Nov 2021 15:51:51 GMT
server: AmazonS3
date: Thu, 25 Nov 2021 03:04:00 GMT
content-type: application/javascript
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: JqfceQroBx0CaD5JAqrCnp8FeTrF7oikRmhrrq1Ls_xZGVm4W3-4eg==

GET
H2 200 presentations-home_v1.min.css
fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_css/ 379 KB
44 KB 11ms
11ms Stylesheet
text/css 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_css/presentations-home_v1.min.css
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: 341b298b017b1a994caed1401e91d604de757e289cbbf550e7f74399dc3357d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 01:32:57 GMT
content-encoding: gzip
age: 93611
x-cache: Hit from cloudfront
nmp-debug: resources
content-length: 44868
last-modified: Tue, 23 Nov 2021 00:51:22 GMT
server: openresty
etag: "2f3c7129b1864885f5fc17f0c1ecb89f"
x-amz-version-id: cB78H_n6_TVB2QSMgX38cDCHgIpwFkDF
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: FRA53-C1
content-type: text/css
x-amz-cf-id: xbfvCVimDUVX-QVpXOKcABd52PZRvM_nkSS66PjeXAbZmEBLla2_6Q==
expires: Wed, 23 Nov 2022 00:51:21 GMT

GET
H2 200 presentations-home_v1.min.js Show response
fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/ 2 MB
415 KB 12ms
12ms Script
application/javascript 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: 12cbe60da3e04341e0347f56362318263b450ed8247f0ef97f0c702a954a2cfd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 01:32:57 GMT
content-encoding: gzip
age: 93611
x-cache: Hit from cloudfront
nmp-debug: resources
content-length: 424093
last-modified: Tue, 23 Nov 2021 00:33:18 GMT
server: openresty
etag: "f6ae9f141a28d0274febbcda164740ab"
x-amz-version-id: JuJ8V_xIJ0wdtT55Dn2KsKFjAg36itiB
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: xmzClSP8jlDR5Oh_Et7GmuO23_Rsji9OKwNM1zuvJAwIzTCpGhikOg==
expires: Wed, 23 Nov 2022 00:33:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 49ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1921
date: Thu, 25 Nov 2021 03:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 25 Nov 2021 05:01:07 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 85 KB
33 KB 64ms
20ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M8L3F43&l=sinclairDigitalGtmData

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e0360c3428c635577f1d7e5bf3a7dd2b42d738895a67d097ab5cb48409359bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33383
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Nov 2021 03:33:08 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 52ms
9ms Script
application/javascript 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:26:31 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 80987
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: wGT-GgHRSgIqtezEyIVp3VURvOsihsOQeSA_zfI0VQyqW1UDqbeXvw==

GET
H2 200 player.config.json Show response
fox42kptm.com/resources/video/players/prod/player-configs/config/ 3 KB
3 KB 35ms
35ms Fetch
application/json 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/resources/video/players/prod/player-configs/config/player.config.json
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/video/players/prod/src/scripts/jwplayer/player.js?_=2021-11-23T00-23Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: 3a901c565d457f71c50db3910838f0709256732130a52d720246967605e03427

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: EWY42aiAqrJX5Ooa14mTuKjI4yq5aUHV
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: resources
last-modified: Tue, 02 Nov 2021 21:29:03 GMT
server: openresty
age: 171560
etag: "e057f4e34bd3865b4b22b4a4fb0b9dea"
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
date: Tue, 23 Nov 2021 03:53:48 GMT
x-amz-cf-pop: FRA53-C1
content-length: 2888
x-amz-cf-id: lgGG0_3BTEPS9P0OCEyJ1raKQYCheERAr8NpIInLdkKYw8yLbHVZYA==

GET
H2 200 v1.7-940 Show response
consent.trustarc.com/asset/notice.js/v/ 75 KB
24 KB 51ms
14ms Script
text/javascript 13.35.253.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-940
Requested by: Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=sbgi.net&c=teconsent&text=true&js=nj&noticeType=bb&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irmc=irmlink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-115.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 917cd441969c201fe537f3c3c47a825d2fd9b68535a5873358b630a5c6a25f0d

Request headers

Referer: https://fox42kptm.com/
Origin: https://fox42kptm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 09:37:03 GMT
content-encoding: gzip
age: 64565
x-cache: Hit from cloudfront
pragma: public
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 03:18:10 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: ZjsZJ_LSk9cHLDRRQ2XIr7V23pfAu1qF8-dN-KL23CRfeytye9XXRg==
expires: Fri, 24 Dec 2021 09:37:03 GMT

GET
H2 200 log
consent.trustarc.com/ 43 B
394 B 35ms
34ms Image
image/gif 13.35.253.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/log?domain=sbgi.net&country=de&state=&behavior=expressed&c=ec5d
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-115.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:08 GMT
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: Bezeko3-4Tmaiz8jRxL30YzpVuwwKlQzZkM3gDaIvB9AulH5x7-HxA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 jwplayer.js Show response
fox42kptm.com/resources/video/players/prod/player-configs/vendor/jwplayer/8.22.1/ 112 KB
113 KB 23ms
21ms Script
application/javascript 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/resources/video/players/prod/player-configs/vendor/jwplayer/8.22.1/jwplayer.js
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/video/players/prod/src/scripts/jwplayer/player.js?_=2021-11-23T00-23Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: e773fac3894a49f902d0d72c16d4ca2f6fb10909f667b17639561959d5e05ce3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: e.H.YM_ybvMVP7P6rtk1VfpaynBUAVjC
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
last-modified: Tue, 28 Sep 2021 21:06:18 GMT
server: openresty
x-amz-cf-pop: FRA53-C1
etag: "24abd625040f38e4d8e8bf4e5f1749e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
date: Thu, 25 Nov 2021 03:33:08 GMT
nmp-debug: resources
content-length: 114670
x-amz-cf-id: MFkGjHcqVkB6oyf15PFnLuKcPYCAIcLlAVuwtyhGICHQ6MGXTc0mVQ==

GET
H2 200 bundle.js Show response
fox42kptm.com/resources/video/players/prod/dist/1.4.18/ 173 KB
174 KB 11ms
9ms Script
application/javascript 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/resources/video/players/prod/dist/1.4.18/bundle.js
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/video/players/prod/src/scripts/jwplayer/player.js?_=2021-11-23T00-23Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: d9d41bb1b449996d73e3d0c41fc7380c7a3a29ee0906a6127f6ffb9fd0e6f8d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 03:23:27 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: resources
last-modified: Tue, 02 Nov 2021 21:29:43 GMT
server: openresty
age: 432581
etag: "858fead60832013b7addf3035afe7357"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: zauOdodFc5IFoJE48M4IKSOBU6yclaif
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
content-length: 177135
x-amz-cf-id: yQhA9uPNZW37pvVc6Q5AP7LQkVVJ8kRIcFBAr59DoSXO-R0GSGfv9Q==

OPTIONS
H2 204 frontEndConfig
paywall-prod.appspot.com/ Frame 0
0 955ms
907ms Preflight
text/html 2a00:1450:4001:803::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paywall-prod.appspot.com/frontEndConfig
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: property
Origin: https://fox42kptm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: property
x-cloud-trace-context: fb25e37679ff7458327b0560d0f7250f
date: Thu, 25 Nov 2021 03:33:09 GMT
content-type: text/html
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 164ms
39ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE4) /
Resource Hash: 00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 03:33:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:33:56 GMT
Server: ECS (mil/6CE4)
Age: 1232
Etag: "a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29104

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 38ms
9ms Script
application/javascript 13.32.21.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: KuXuY5mbG6yln5YsEdf9JaPJtFF6aIqm
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 751
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1SS8KQA4F5RQG6MJF528
date: Thu, 25 Nov 2021 03:20:38 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: FIG_RWdGDdKrjttErSmS83zih1Kb62kF1bJ-EbQSEb6Ca03si3xWkA==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c02cae5b2de27b0f12598ab23cf91b1e0e99dda2821e2d17510497e23093cbe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1054 / 532 of 1000 / last-modified: 1637708807"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26862
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 25 Nov 2021 03:33:08 GMT

GET
H/1.1 200
OK 21162_KMPH_KRNV_Sinclair_DM.js Show response
ads.rubiconproject.com/prebid/ 467 KB
115 KB 43ms
10ms Script
text/javascript 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a7dd4037c97e1db5346c98e632f63ea56dc54df4383499be12f8f29d7084170f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 03:33:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Sep 2021 22:56:22 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 116885
Expires: Thu, 25 Nov 2021 03:33:08 GMT

GET
H2 200 wi-98.svg
fox42kptm.com/resources/defaults/news_3.0/icons/weather/ 2 KB
3 KB 9ms
9ms Image
image/svg+xml 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox42kptm.com/resources/defaults/news_3.0/icons/weather/wi-98.svg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: a2e880272bb5d4323728a77ccc3ed4be166120d06af55cece4aeb00a1a6d12a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 20:54:34 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: resources
last-modified: Fri, 17 Nov 2017 23:01:02 GMT
server: openresty
age: 110314
etag: "03c7a114a9c96a8a710dc17e1d1ce216"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: FRA53-C1
content-type: image/svg+xml
content-length: 2230
x-amz-cf-id: Hc-3lA6TgOK9FjbWDK9PgKRXupKyHnj7gyIiHdmHo8AJSOLb1Yxl0Q==

GET
H2 200 wi-85.svg
fox42kptm.com/resources/defaults/news_3.0/icons/weather/ 2 KB
3 KB 9ms
9ms Image
image/svg+xml 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox42kptm.com/resources/defaults/news_3.0/icons/weather/wi-85.svg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: d1b0e7a7433aa300045f598ae81d285a07246ab776af640fe7c4f423779d06bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: resources
last-modified: Tue, 14 Nov 2017 01:23:06 GMT
server: openresty
age: 415507
etag: "55377cb46068d6e86a942f9b9b5c16aa"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
date: Sat, 20 Nov 2021 08:08:01 GMT
x-amz-cf-pop: FRA53-C1
content-length: 2349
x-amz-cf-id: cRmY7npIpAIZNoxU9l2HgKqzQZIrl5LwOJv4xsCsCbp9DKuwD8m-mg==

GET
H2 200 wi-65.svg
fox42kptm.com/resources/defaults/news_3.0/icons/weather/ 3 KB
3 KB 9ms
9ms Image
image/svg+xml 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox42kptm.com/resources/defaults/news_3.0/icons/weather/wi-65.svg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: 644d937882b52a3abb2724e13a0364eafa7ec48a8a48dadf6610b5fcf99014f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 18:00:51 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: resources
last-modified: Sun, 11 Mar 2018 16:56:43 GMT
server: openresty
age: 552737
etag: "a83453ac422defc56e9687be8d8b2288"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: FRA53-C1
content-type: image/svg+xml
content-length: 2622
x-amz-cf-id: aqbo_vDvM-iy5OfhtdHniH3ta1aT2EYno5mcjJL1UFpor-Du4j_z0g==

GET
H2 200 sbg-gallery_g.svg
fox42kptm.com/resources/defaults/news_3.0/icons/ui/ 1 KB
1 KB 9ms
9ms Image
image/svg+xml 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox42kptm.com/resources/defaults/news_3.0/icons/ui/sbg-gallery_g.svg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_css/presentations-home_v1.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: 8635c5e193a35779bbfeceb8d06f67647e2c57b366aaeaf797fa7158b62b7c01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_css/presentations-home_v1.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 00:11:55 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: resources
last-modified: Sun, 11 Mar 2018 16:56:10 GMT
server: openresty
age: 444073
etag: "42fd9c0dfbb8ea1cf2bbea48349a326b"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: FRA53-C1
content-type: image/svg+xml
content-length: 1120
x-amz-cf-id: OIM9ADprizHCh9IGB_fvlLFxkTpbJV0lq9ShkNjxJvUw8_kIxYcJXQ==

GET
H2 200 sbg-video_g.svg
fox42kptm.com/resources/defaults/news_3.0/icons/ui/ 1 KB
2 KB 9ms
8ms Image
image/svg+xml 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox42kptm.com/resources/defaults/news_3.0/icons/ui/sbg-video_g.svg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_css/presentations-home_v1.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: eb09aab900d7fc638ce33711030f3581f948130016b6c5bfeb456b85a52b4ad5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_css/presentations-home_v1.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 00:11:55 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: resources
last-modified: Sun, 11 Mar 2018 16:56:10 GMT
server: openresty
age: 444073
etag: "8f1704574cbdfeae279a58a26de0e2be"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: FRA53-C1
content-type: image/svg+xml
content-length: 1295
x-amz-cf-id: 6cYfoReMg4xO6nXRxfxe1nU3D1C-SD1HnsIb-EqY1Or7lUONpWExyQ==

GET
H2 200 sbg-video2.svg
fox42kptm.com/resources/defaults/news_3.0/icons/ui/ 2 KB
2 KB 9ms
9ms Image
image/svg+xml 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox42kptm.com/resources/defaults/news_3.0/icons/ui/sbg-video2.svg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_css/presentations-home_v1.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: ff21b1a811ffdbaf4d7f0901bec20622a43934ba210028d9c116b21f02af5364

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_css/presentations-home_v1.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: resources
last-modified: Sun, 11 Mar 2018 16:56:10 GMT
server: openresty
age: 106090
etag: "a65417a4a7fb9bbf9f144a00cedb0871"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
date: Tue, 23 Nov 2021 22:04:57 GMT
x-amz-cf-pop: FRA53-C1
content-length: 1628
x-amz-cf-id: 78iNl3qxPkGquxqqlMElkd0OLsXhVbOHO5NSzdj-cndOf1yWnNhZww==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fox42kptm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 15:57:38 GMT
x-content-type-options: nosniff
age: 41730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 15:57:38 GMT

GET
H2 200 profile Show response
syndication.twitter.com/timeline/ 165 KB
12 KB 226ms
202ms Script
application/javascript 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/timeline/profile?callback=__twttrf.callback&dnt=false&screen_name=fox42kptm&suppress_response_codes=true&lang=en&rnd=0.3086979609023588

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

b09b3ca9565b6f8f3a46269f178d4d7dc6e178bd3edef5ed3f677e3a64eba25b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
content-length: 11614
x-xss-protection: 0
x-response-time: 193
last-modified: Thu, 25 Nov 2021 03:33:08 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 20f9caba5cb4cfffa7ca6f8bc26525c97500b2f45463d8758cf6f0d915062dc5
timing-allow-origin: *
x-transaction: 67b26fb5a241a5ff
expires: Thu, 25 Nov 2021 03:38:08 GMT

GET
H2

200

ef97127f-913d-415b-9221-8d2d5b23fbb8-jumbo16x9_Groceries.png
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/730/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/16x9/full/730/center/80/ef97127f-913d-415b-9221-8d2d5b23fbb8-jumbo16x9_Groceries.png
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/730/center/80/ef97127f-913d-415b-9221-8d2d5b23fbb8-jumbo16x9_Groceries.png

714 KB
716 KB

701ms
672ms

Image
image/png

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/730/center/80/ef97127f-913d-415b-9221-8d2d5b23fbb8-jumbo16x9_Groceries.png
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: 4df590dc5e5e16c2c595e193c7e28ed1c73f4de5892e283fce3a832745677191

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: 08126d57-87d6-498a-b995-9f052b99820e
x-cache: Miss from cloudfront
content-type: image/png
x-amzn-trace-id: Root=1-619f03f5-589f7ca355c4741c0f329480
x-amz-apigw-id: JV2OVGffPHcF4eQ=
content-length: 731593
x-amz-cf-id: 1EsJd7BC_2UkT7jKo6GcQkxDdzbKpod3XNFVGoHaH4vp0ldUdfqcIA==

Redirect headers

date: Wed, 24 Nov 2021 16:29:52 GMT
via: 1.1 f13aef0c4b52f6f681401f232d03eb69.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 39796
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/730/center/80/ef97127f-913d-415b-9221-8d2d5b23fbb8-jumbo16x9_Groceries.png
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: faub8WtRahEhxKwuJuaBHaQNyDbBIXnmBk-CNbWhg4PfHCKqMSIwYQ==

GET
H2

200

4ddfa226-07ab-4118-93ef-4a169244a6a6-jumbo36x25_COVID.png
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/360/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/36x25/full/360/center/80/4ddfa226-07ab-4118-93ef-4a169244a6a6-jumbo36x25_COVID.png
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/360/center/80/4ddfa226-07ab-4118-93ef-4a169244a6a6-jumbo36x25_COVID.png

199 KB
199 KB

662ms
634ms

Image
image/png

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/360/center/80/4ddfa226-07ab-4118-93ef-4a169244a6a6-jumbo36x25_COVID.png
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: 142445a345542e9b8c2dd14a3cd3f3022f85b0ca31c19860f8c6bf392e3b97ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: a14abcad-e5ed-4193-b840-3e9739e615da
x-cache: Miss from cloudfront
content-type: image/png
x-amzn-trace-id: Root=1-619f03f5-6ea531606d7724f8344438e2
x-amz-apigw-id: JV2OVGtxvHcFRWg=
content-length: 203344
x-amz-cf-id: nOVap0Yia2dWVs8Pigx2gJvoInGfH0vaK2PoM6jraN3QYeNWSA1cmA==

Redirect headers

date: Wed, 24 Nov 2021 20:22:41 GMT
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c653.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 25827
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/360/center/80/4ddfa226-07ab-4118-93ef-4a169244a6a6-jumbo36x25_COVID.png
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: x_WP_erN84zRks4UKCv7MVt_XF0Pw77_dInmPPneJj8mRZe9jBDtjA==

GET
H2

200

7d63b71a-15a9-426a-b64b-2c2bf4ee6318-jumbo36x25_dist06_01.jpg
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/360/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/36x25/full/360/center/80/7d63b71a-15a9-426a-b64b-2c2bf4ee6318-jumbo36x25_dist06_01.jpg
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/360/center/80/7d63b71a-15a9-426a-b64b-2c2bf4ee6318-jumbo36x25_dist06_01.jpg

19 KB
20 KB

668ms
640ms

Image
image/jpeg

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/360/center/80/7d63b71a-15a9-426a-b64b-2c2bf4ee6318-jumbo36x25_dist06_01.jpg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: df5273c3a1ce9bbdf375c254403bd98fcc2f1ee9e4996b79892b2b63df8d2927

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: 76bfec09-9445-4fd5-807a-cf779248d705
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amzn-trace-id: Root=1-619f03f5-2d4275f2257332547239f1c4
x-amz-apigw-id: JV2OVGiqvHcFqGw=
content-length: 19830
x-amz-cf-id: yF3ZAcTvTA0rJ0WnrD8pWRKTKasAQYBGAd8f66XzaFnYj9ifu89EQw==

Redirect headers

date: Thu, 25 Nov 2021 02:14:11 GMT
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 4737
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/360/center/80/7d63b71a-15a9-426a-b64b-2c2bf4ee6318-jumbo36x25_dist06_01.jpg
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: 7soazQWBiFh4mG_8Gm8MeW24Wh5oNdHO1tjge2CUDBN7OharyGVAvQ==

GET
H2

200

4421fa0f-681c-40f4-950d-28b72ae65cfd-jumbo36x25_HospitalBed.jpg
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/36x25/full/140/center/80/4421fa0f-681c-40f4-950d-28b72ae65cfd-jumbo36x25_HospitalBed.jpg
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/4421fa0f-681c-40f4-950d-28b72ae65cfd-jumbo36x25_HospitalBed.jpg

3 KB
4 KB

509ms
484ms

Image
image/jpeg

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/4421fa0f-681c-40f4-950d-28b72ae65cfd-jumbo36x25_HospitalBed.jpg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: 8fa676f1dea68026cc6b6b619e43ad32e4b4a12b1ec8f6d96b8e7aca09db5be7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: 230e1cf9-8f3d-4880-8345-96c89ce5ab2b
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amzn-trace-id: Root=1-619f03f5-71c61fb036b64b8569440471
x-amz-apigw-id: JV2OVGzavHcF9Kg=
content-length: 3251
x-amz-cf-id: V_unfpGyKZrWDTyqrflLK0Xga_xT2K72TjSLBOzebuM5Zf-CUGGvAw==

Redirect headers

date: Wed, 24 Nov 2021 07:17:29 GMT
via: 1.1 6ba2a21321beeef65404429d0a4b6381.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 72939
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/4421fa0f-681c-40f4-950d-28b72ae65cfd-jumbo36x25_HospitalBed.jpg
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: NFiZ1OQRSs-D1PMl_7eTp1J4Ehu0ZRGeISIeLG2720kFaeamPMefYQ==

GET
H2

200

ade5f8ca-f1b5-44e4-8f3d-95d3ce6742a3-jumbo36x25_biden.jpg
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/36x25/full/140/center/80/ade5f8ca-f1b5-44e4-8f3d-95d3ce6742a3-jumbo36x25_biden.jpg
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/ade5f8ca-f1b5-44e4-8f3d-95d3ce6742a3-jumbo36x25_biden.jpg

6 KB
6 KB

843ms
816ms

Image
image/jpeg

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/ade5f8ca-f1b5-44e4-8f3d-95d3ce6742a3-jumbo36x25_biden.jpg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: 8cd0286b215542d71d4cc71b2b0579c7d55d06099781a2de8233ab2e81a32066

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: f929a7af-97ec-41c6-896f-81eddbde530c
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amzn-trace-id: Root=1-619f03f5-558952123f0cadba1864fd77
x-amz-apigw-id: JV2OYGctvHcFclg=
content-length: 5950
x-amz-cf-id: C-f29HwMm4z-IoQ0koXqtqKukFtmn-DX3IHEDec1QfUl2AJZ36493Q==

Redirect headers

date: Thu, 25 Nov 2021 00:07:12 GMT
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 12356
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/ade5f8ca-f1b5-44e4-8f3d-95d3ce6742a3-jumbo36x25_biden.jpg
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: -98zDbjzmc2OTTtAEnjBlFd1tbVPK0cRsq3rxWNVlj4i7T5PPWbfFA==

GET
H2

200

14474a82-4a17-4b39-9fde-c7ce7b1ea802-jumbo36x25_AP20277107883557.jpg
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/36x25/full/140/center/80/14474a82-4a17-4b39-9fde-c7ce7b1ea802-jumbo36x25_AP20277107883557.jpg
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/14474a82-4a17-4b39-9fde-c7ce7b1ea802-jumbo36x25_AP20277107883557.jpg

8 KB
8 KB

806ms
779ms

Image
image/jpeg

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/14474a82-4a17-4b39-9fde-c7ce7b1ea802-jumbo36x25_AP20277107883557.jpg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: eabb8203b3e92e541504b2e5146529e7e63c95afeb8bd91998db372f21dbb608

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: ff014e3a-1ff2-47e7-9a04-d98a495ad42f
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amzn-trace-id: Root=1-619f03f5-5bed969500ddf65e7f1323ce
x-amz-apigw-id: JV2OYEQsvHcFh4w=
content-length: 8058
x-amz-cf-id: 24j00T0CwRDbK-b1VG0L9XZV59xEqDk1qF8mUd0mJgjyL2Zs_ye1vA==

Redirect headers

date: Wed, 24 Nov 2021 22:51:37 GMT
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 16891
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/14474a82-4a17-4b39-9fde-c7ce7b1ea802-jumbo36x25_AP20277107883557.jpg
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: bGYb5SHvZc1AM65l4iFKujDQJ2bKrOp6LX2O75Ifxgq4hAs_UrZNxw==

GET
H2

200

68e526bc-0599-4cc0-b77f-6fd71f519379-jumbo36x25_WDaleClark.png
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/36x25/full/140/center/80/68e526bc-0599-4cc0-b77f-6fd71f519379-jumbo36x25_WDaleClark.png
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/68e526bc-0599-4cc0-b77f-6fd71f519379-jumbo36x25_WDaleClark.png

29 KB
29 KB

672ms
643ms

Image
image/png

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/68e526bc-0599-4cc0-b77f-6fd71f519379-jumbo36x25_WDaleClark.png
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: 622436be5a6168d1da9eba79583e1913e2dbd6384f45e3f8ebfd094ac0cb6b03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: a663b4a6-124e-43ce-ae59-f7db0fac3bc9
x-cache: Miss from cloudfront
content-type: image/png
x-amzn-trace-id: Root=1-619f03f5-7571f8fe0f9544306c18cc5a
x-amz-apigw-id: JV2OVE66PHcF-GA=
content-length: 29759
x-amz-cf-id: N3ndgJoRX5TkJFGdusjCm7_HRvF27Fpmgk9-z4bWHBYFaf1It-5MTw==

Redirect headers

date: Tue, 23 Nov 2021 18:46:01 GMT
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 118027
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/68e526bc-0599-4cc0-b77f-6fd71f519379-jumbo36x25_WDaleClark.png
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: eYnsnX0Z074zvw1sg7jZfWjjsAFEvLXI4XdsXUnXMIKuR3IsVJI9qg==

GET
H2

200

d1f906f1-efac-452f-9925-df4b9235fb71-jumbo36x25_AP21274679968450.jpg
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/36x25/full/140/center/80/d1f906f1-efac-452f-9925-df4b9235fb71-jumbo36x25_AP21274679968450.jpg
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/d1f906f1-efac-452f-9925-df4b9235fb71-jumbo36x25_AP21274679968450.jpg

5 KB
5 KB

510ms
482ms

Image
image/jpeg

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/d1f906f1-efac-452f-9925-df4b9235fb71-jumbo36x25_AP21274679968450.jpg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: c08962513de80c1009c8f68232bd28ee331130c0e14540a63538d9540b65648a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: fd3e8a17-8f01-4f10-8d0c-964d77d6eba3
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amzn-trace-id: Root=1-619f03f5-124d59804bbc83091c6424d0
x-amz-apigw-id: JV2OVF3BPHcF_EA=
content-length: 4839
x-amz-cf-id: awIk3BAEW-LzgmCn3PrLqT2zDR0hJw5cbTGV-MUqKhV-LuZCQaxnhA==

Redirect headers

date: Wed, 24 Nov 2021 19:51:18 GMT
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 27710
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/d1f906f1-efac-452f-9925-df4b9235fb71-jumbo36x25_AP21274679968450.jpg
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: 3Hk5BNM3Q0vOpC2wyzKqTjZzYD-VccZoM_kqQuBggvyVyYNp8YRmAA==

GET
H2

200

df086f40-2ccf-4bec-a659-8a01c3f7c366-jumbo36x25_GratitudesignsatTysonFoods.PNG
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/36x25/full/140/center/80/df086f40-2ccf-4bec-a659-8a01c3f7c366-jumbo36x25_GratitudesignsatTysonFoods.PNG
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/df086f40-2ccf-4bec-a659-8a01c3f7c366-jumbo36x25_GratitudesignsatTysonFoods.PNG

30 KB
30 KB

939ms
911ms

Image
image/png

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/df086f40-2ccf-4bec-a659-8a01c3f7c366-jumbo36x25_GratitudesignsatTysonFoods.PNG
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: 04d42f687fb9857c145ff3dd0c0775282304f39bf4881bad8677e473bf76207c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: d4affbb2-7e98-4e9c-8f16-da0100a403e0
x-cache: Miss from cloudfront
content-type: image/png
x-amzn-trace-id: Root=1-619f03f5-410865e907639727018e3dd9
x-amz-apigw-id: JV2OXGXcPHcFxKQ=
content-length: 30514
x-amz-cf-id: QkhzghkiKSj0L-y-G_tZOFQnMNi_HTt7uoY2ISt0aMyZl8LN1wyLeQ==

Redirect headers

date: Wed, 24 Nov 2021 21:23:55 GMT
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 22153
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/df086f40-2ccf-4bec-a659-8a01c3f7c366-jumbo36x25_GratitudesignsatTysonFoods.PNG
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: XGpNN6V5PjRF5jQ28dgKZIUIP1ZqOiENYigQDKg62Bdfp66aFQO9CQ==

GET
H2

200

364d9d0f-e255-4f02-a04a-aa7ea24acd5b-jumbo36x25_IMG_3343.jpg
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/36x25/full/140/center/80/364d9d0f-e255-4f02-a04a-aa7ea24acd5b-jumbo36x25_IMG_3343.jpg
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/364d9d0f-e255-4f02-a04a-aa7ea24acd5b-jumbo36x25_IMG_3343.jpg

6 KB
7 KB

934ms
920ms

Image
image/jpeg

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/364d9d0f-e255-4f02-a04a-aa7ea24acd5b-jumbo36x25_IMG_3343.jpg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: 575fed311449bc2a9fcd65ecc0a8ac99016cec1bd40a10d22f1beb4b3353c76e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: b81f1ea3-46ce-4bd8-88dc-426f17661c95
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amzn-trace-id: Root=1-619f03f5-27d1f36a2cbe2fd840a0f5e1;Sampled=0
x-amz-apigw-id: JV2OYFw3PHcFqeQ=
content-length: 6517
x-amz-cf-id: Mtxx9b5bLYFO3wNYYUzcQxYSqOLxUYUJKnoFQzxTRyAyweAX7id82g==

Redirect headers

date: Wed, 24 Nov 2021 20:22:40 GMT
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 25828
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/140/center/80/364d9d0f-e255-4f02-a04a-aa7ea24acd5b-jumbo36x25_IMG_3343.jpg
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: IfJgiurqsXGac4p8ujnPx5HeVJ-F5TO5Y9WrAqo6LlPpxDGT8Nsccw==

GET
H2

200

99a77588-a8e1-4e93-9acf-d5d9eff07cb8-jumbo36x25_signatureGettyImages.jpg
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/372/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/36x25/full/372/center/80/99a77588-a8e1-4e93-9acf-d5d9eff07cb8-jumbo36x25_signatureGettyImages.jpg
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/372/center/80/99a77588-a8e1-4e93-9acf-d5d9eff07cb8-jumbo36x25_signatureGettyImages.jpg

16 KB
16 KB

678ms
650ms

Image
image/jpeg

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/372/center/80/99a77588-a8e1-4e93-9acf-d5d9eff07cb8-jumbo36x25_signatureGettyImages.jpg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: 3f293d0825956a0c059a74fe746b2fa6d74c6a273cb3974e7f99746def0e4d00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: 9c7dab8a-b050-4593-8bbf-44b660bcc823
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amzn-trace-id: Root=1-619f03f5-7ef8dc2a4e0ffc3275adb33b
x-amz-apigw-id: JV2OVGDEvHcFcfQ=
content-length: 15900
x-amz-cf-id: pVeH6Kw32VtHdibUuwMRT0ed0zSjc9Riznt-PNy-j4c-LPg1yx1wJg==

Redirect headers

date: Thu, 25 Nov 2021 00:07:12 GMT
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 12356
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/372/center/80/99a77588-a8e1-4e93-9acf-d5d9eff07cb8-jumbo36x25_signatureGettyImages.jpg
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: 8St-EWYDfjCvt6dfCBSRxPVzgg5uiZZr1TrFDjWDY_E_48TiJ-Kk4Q==

GET
H2

200

207c57c8-6d52-4185-9cc5-2d01d427d652-jumbo36x25_BackCover.jpg
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/372/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/36x25/full/372/center/80/207c57c8-6d52-4185-9cc5-2d01d427d652-jumbo36x25_BackCover.jpg
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/372/center/80/207c57c8-6d52-4185-9cc5-2d01d427d652-jumbo36x25_BackCover.jpg

35 KB
35 KB

981ms
954ms

Image
image/jpeg

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/372/center/80/207c57c8-6d52-4185-9cc5-2d01d427d652-jumbo36x25_BackCover.jpg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: 14a402be248760efb787eb960040779d24f0b58ba8ac0793d1902741885079b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: 7ef52512-d10c-49e8-a1b3-f276920cc4f3
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amzn-trace-id: Root=1-619f03f5-1a8cfe7a2c7d6b0711c6d74c
x-amz-apigw-id: JV2OYFhEPHcFlGA=
content-length: 35795
x-amz-cf-id: Xfn0sl2sW5ADmpef9qzpkKzatigqDw8MufvYYRox5W354Ivmv1W5yg==

Redirect headers

date: Wed, 24 Nov 2021 23:40:13 GMT
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 13975
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/372/center/80/207c57c8-6d52-4185-9cc5-2d01d427d652-jumbo36x25_BackCover.jpg
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: iTrVBLcGOOYfyKMVasXNTblsJtQKwM3ZrrXX7qFOAkukG3lINlWewQ==

GET
H2

200

bcf9ed7c-6db5-425c-a4e7-bcc51f276a0f-jumbo36x25_nebraskastatefair.PNG
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/372/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/36x25/full/372/center/80/bcf9ed7c-6db5-425c-a4e7-bcc51f276a0f-jumbo36x25_nebraskastatefair.PNG
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/372/center/80/bcf9ed7c-6db5-425c-a4e7-bcc51f276a0f-jumbo36x25_nebraskastatefair.PNG

203 KB
203 KB

949ms
922ms

Image
image/png

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/372/center/80/bcf9ed7c-6db5-425c-a4e7-bcc51f276a0f-jumbo36x25_nebraskastatefair.PNG
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: a062d7051cc6c84b58658bb89fc893a33aaa612eb14d7e3a0060994ce2143efd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: 089ef7f9-c6d5-4ee6-a19d-22edab24a70e
x-cache: Miss from cloudfront
content-type: image/png
x-amzn-trace-id: Root=1-619f03f5-742d2e5615cc58d5350cdc73
x-amz-apigw-id: JV2OXH1ovHcFmww=
content-length: 207467
x-amz-cf-id: t2N8ypSK_vXerO4uugyjxCMdyZiImxy_8A0zb_FB91l2p9xZ0pHqWQ==

Redirect headers

date: Wed, 24 Nov 2021 19:20:31 GMT
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 29557
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/36x25/full/372/center/80/bcf9ed7c-6db5-425c-a4e7-bcc51f276a0f-jumbo36x25_nebraskastatefair.PNG
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: DsrChpM4ypqG_M0ux_wPZRjXX5dDKYkJ2UX5llYEiq6HvhZvJdFctA==

GET
H2

200

3863ffb5-2f13-41dd-b24e-8b6508629976-jumbo16x9_FBvsIllinois2246.jpg
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/16x9/full/210/center/80/3863ffb5-2f13-41dd-b24e-8b6508629976-jumbo16x9_FBvsIllinois2246.jpg
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/3863ffb5-2f13-41dd-b24e-8b6508629976-jumbo16x9_FBvsIllinois2246.jpg

3 KB
4 KB

794ms
780ms

Image
image/jpeg

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/3863ffb5-2f13-41dd-b24e-8b6508629976-jumbo16x9_FBvsIllinois2246.jpg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: dcb846952a4118303985e9c39216673049b039f434970ae945ccf3e0f1a5b4bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: 24e4540c-5465-4a4a-a3cc-0a995239133c
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amzn-trace-id: Root=1-619f03f5-6b1b191d583c27dc3c2bae4d
x-amz-apigw-id: JV2OYEaovHcF4DQ=
content-length: 3396
x-amz-cf-id: MN3JXD-jB56_vWBqkzXoH20BR4cXtntLH6eJhI4J9EHS3L4fywf3WQ==

Redirect headers

date: Wed, 24 Nov 2021 21:23:55 GMT
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc89.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 22153
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/3863ffb5-2f13-41dd-b24e-8b6508629976-jumbo16x9_FBvsIllinois2246.jpg
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: sn-jWDpY4gb9VQs64r6IbcczeE_RluHmd0B8H9U7pxedEmKSs4eDAQ==

GET
H2

200

90370b0d-a1c7-469b-aca8-ccd5cc2d65d7-jumbo16x9_holidayGettyImages.jpg
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/16x9/full/210/center/80/90370b0d-a1c7-469b-aca8-ccd5cc2d65d7-jumbo16x9_holidayGettyImages.jpg
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/90370b0d-a1c7-469b-aca8-ccd5cc2d65d7-jumbo16x9_holidayGettyImages.jpg

9 KB
10 KB

823ms
797ms

Image
image/jpeg

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/90370b0d-a1c7-469b-aca8-ccd5cc2d65d7-jumbo16x9_holidayGettyImages.jpg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: 120ce4b29019f9bd7fb0d265b801257858054dafe881ad1e76de0d4788f09392

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: 9c66250c-5ad6-419e-9a72-c346eb9a6108
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amzn-trace-id: Root=1-619f03f5-00cdf56856fcffd8795d97d7
x-amz-apigw-id: JV2OYGn-vHcFyOg=
content-length: 9704
x-amz-cf-id: tZBJuD0cVty2YAdY0pUEGop8-RzJndgafpZWXK5lKgm0FqTs-th9VQ==

Redirect headers

date: Wed, 24 Nov 2021 18:48:34 GMT
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 31474
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/90370b0d-a1c7-469b-aca8-ccd5cc2d65d7-jumbo16x9_holidayGettyImages.jpg
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: BQccgYQISApd1Y5Q8k9fiK_4cTELRERwjah-Udo3Mmeo9YRb_rQzxg==

GET
H2

200

427b0860-1095-4885-aa8d-8602d340f701-jumbo16x9_thanksgiving2.PNG
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/16x9/full/210/center/80/427b0860-1095-4885-aa8d-8602d340f701-jumbo16x9_thanksgiving2.PNG
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/427b0860-1095-4885-aa8d-8602d340f701-jumbo16x9_thanksgiving2.PNG

66 KB
66 KB

982ms
957ms

Image
image/png

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/427b0860-1095-4885-aa8d-8602d340f701-jumbo16x9_thanksgiving2.PNG
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: bfe4b811479f50a13ec11356357c8a6d9d5baca852664774d8316ee385052295

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: 4d5cf7a5-6765-4ad9-9437-40cf73bcdf27
x-cache: Miss from cloudfront
content-type: image/png
x-amzn-trace-id: Root=1-619f03f5-65a0748a5dddb7cc6d4bfbd9
x-amz-apigw-id: JV2OYGjtvHcFqGw=
content-length: 67590
x-amz-cf-id: Hroi75DZYGZmucyGX_k5TNYgyPlN17Tx7HcmXRieF9WsA1WsHDA-gg==

Redirect headers

date: Wed, 24 Nov 2021 19:55:25 GMT
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc89.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 27463
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/427b0860-1095-4885-aa8d-8602d340f701-jumbo16x9_thanksgiving2.PNG
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: st_JVe3HO3aZ3p0QSXJqzrb6pcKiyRrQFmEnDYEo8RZ5IxSWV0QurA==

GET
H2

200

5388e2d5-15c5-4de1-a309-25d5fd04d767-jumbo16x9_AP21316021673474.jpg
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/16x9/full/210/center/80/5388e2d5-15c5-4de1-a309-25d5fd04d767-jumbo16x9_AP21316021673474.jpg
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/5388e2d5-15c5-4de1-a309-25d5fd04d767-jumbo16x9_AP21316021673474.jpg

10 KB
10 KB

814ms
787ms

Image
image/jpeg

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/5388e2d5-15c5-4de1-a309-25d5fd04d767-jumbo16x9_AP21316021673474.jpg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: fe60ae18946407b18d4fb7dc77c1241f5894d03b812c8f0d18aa640dcea58b59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: 5e660acb-f131-4fe3-a73d-8bb7713d8deb
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amzn-trace-id: Root=1-619f03f5-6af8c70b00629a542137027f
x-amz-apigw-id: JV2OYF9hvHcFl8Q=
content-length: 9794
x-amz-cf-id: oGvtrKCpcoI_dXHBndjSF0sTh_3a5eRp1Gt3XTyBW3RfNK09IlmFTA==

Redirect headers

date: Wed, 24 Nov 2021 02:56:59 GMT
via: 1.1 86b676273517904f44af31586adb06af.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 88569
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/210/center/80/5388e2d5-15c5-4de1-a309-25d5fd04d767-jumbo16x9_AP21316021673474.jpg
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: 6z4wqnIp8H--zAwXSl4_qkDA_PkApySJFkMral8v_UQ0CDlCmx4qqg==

GET
H2 200 sbg-arrow-right_w.svg
fox42kptm.com/resources/defaults/news_3.0/icons/ui/ 956 B
1 KB 17ms
16ms Image
image/svg+xml 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox42kptm.com/resources/defaults/news_3.0/icons/ui/sbg-arrow-right_w.svg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_css/presentations-home_v1.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: 9a4c759d59afc8f3f9349d9fbe97375e757534ef4ea12f8cf6c9e5a8380dba63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_css/presentations-home_v1.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 00:11:55 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: resources
last-modified: Sun, 11 Mar 2018 16:56:10 GMT
server: openresty
age: 444072
etag: "e444cee5a0d5f4b6c037e995474c380a"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: FRA53-C1
content-type: image/svg+xml
content-length: 956
x-amz-cf-id: oOmzR7YVwyayLkgx4CXG4sxMR3VXmtA_LotMnGwtnCqakdxD1n4Zag==

GET
H2 200 more Show response
fox42kptm.com/api/rest/audience/ 20 KB
21 KB 705ms
704ms XHR
application/json 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/api/rest/audience/more?section=fox42kptm.com/news/local&limit=8
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: a70423b9dea14ebe2071eff160b1f1818366efc66abfd32773625ba0a3417243

Request headers

Accept: application/json, text/plain, */*
Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

sbg-tag-location: existing_section
date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
nmp-debug: audience
sec-gw-log-token: UNDEFINED
server: openresty
etag: 6ec510ab-4d98-11ec-a12b-0629df1e01f2
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://sinclairstoryline.com
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
access-control-allow-credentials: true
x-amz-cf-id: pVK4_iTWIZJbJOMeul-DXbYrO6dDN_atw3_MLbHCdJ92i1QpOgVsRw==
cache: 15

GET
H2 200 more Show response
fox42kptm.com/api/rest/audience/ 22 KB
23 KB 894ms
893ms XHR
application/json 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/api/rest/audience/more?section=fox42kptm.com/news/coronavirus&limit=8
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: 666fe99657e67678b048fc0b7baa44e086625a35250a16dbf7781855a8ca4a83

Request headers

Accept: application/json, text/plain, */*
Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

sbg-tag-location: existing_section
date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
nmp-debug: audience
sec-gw-log-token: UNDEFINED
server: openresty
etag: bb936c30-4d9e-11ec-a12b-0629df1e01f2
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://sinclairstoryline.com
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
access-control-allow-credentials: true
x-amz-cf-id: E6kV9kevdAn1hkw6PZfMkldyDKQF5fOUr--_i5FlTtaa2r8A6yJL-g==
cache: 15

GET
H2 200 more Show response
fox42kptm.com/api/rest/audience/ 2 KB
3 KB 481ms
477ms XHR
application/json 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/api/rest/audience/more?section=fox42kptm.com/contests&limit=8
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: 35c553f60e8b9e3514ad0f189912862f22762fbf471f6afe06e6b26a9a044f1a

Request headers

Accept: application/json, text/plain, */*
Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

sbg-tag-location: existing_section
date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: RefreshHit from cloudfront
nmp-debug: audience
sec-gw-log-token: UNDEFINED
server: openresty
etag: fb835e22-47cc-11ec-a12b-0629df1e01f2
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://sinclairstoryline.com
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
access-control-allow-credentials: true
x-amz-cf-id: 8kNfRyh4SGAkvPxHp8RS2mY3J4wfe5e-Jet9dMKvKA4C8UUVr1O7ZA==
cache: 15

GET
H2 200 sbg-search-dark.svg
fox42kptm.com/resources/defaults/news_3.0/icons/ui/ 1 KB
1 KB 13ms
9ms Image
image/svg+xml 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox42kptm.com/resources/defaults/news_3.0/icons/ui/sbg-search-dark.svg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: 0fc5c9d54edcdcb5c94263248a92aece199f5399636afd966022f13924640bf7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: resources
last-modified: Thu, 15 Mar 2018 21:32:07 GMT
server: openresty
age: 168916
etag: "862efb8df1ddd592a2c16d71d54fad00"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
date: Tue, 23 Nov 2021 04:37:52 GMT
x-amz-cf-pop: FRA53-C1
content-length: 1119
x-amz-cf-id: XfGIV81GGs_DGLhue-Lp9WS14cxwpulbgQVKD8YJwv8LIx5r_sQugA==

GET
H2 200 get-alerts Show response
fox42kptm.com/api/rest/audience/ 79 B
496 B 516ms
512ms XHR
application/json 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/api/rest/audience/get-alerts
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: 68f51e1fbda82543d971e29d3ea25f90835073e9c982067d04fac5733b288de9

Request headers

Accept: application/json, text/plain, */*
Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: http://sinclairstoryline.com
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
access-control-allow-credentials: true
nmp-debug: audience
x-amz-cf-id: hnO9m7uO7S9yskMfoP1477t7e52zgoKkO49Kv-kfy90BoTe1Z786Jg==
sec-gw-log-token: UNDEFINED

GET
H2 200 userway.svg
fox42kptm.com/resources/defaults/news_3.0/icons/accessibility/ 3 KB
4 KB 12ms
10ms Image
image/svg+xml 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox42kptm.com/resources/defaults/news_3.0/icons/accessibility/userway.svg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: d192fde99248cbe5095985187a88c3e124ea71f1dce0fdde19b3ae2770c0ae5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: Vke33eZx3chB1ZYx8SybdFl0k07rNcwU
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: resources
last-modified: Fri, 23 Jul 2021 07:44:10 GMT
server: openresty
age: 202141
etag: "f5e07e6eb0a4a03c989604e1bb1b2909"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
date: Mon, 22 Nov 2021 19:24:07 GMT
x-amz-cf-pop: FRA53-C1
content-length: 3192
x-amz-cf-id: YZ14qOAd4lPC3lHRTFRVYs9XrbeqG3pQ8wTkxDUVFJY_SGtHsuw_OA==

GET
H2 451 710259.gif
idsync.rlcdn.com/ 0
66 B 46ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/710259.gif?partner_uid=4551fec9-0502-4a64-b4b3-d45c23888c6d
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:08 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H3 200 frontEndConfig Show response
paywall-prod.appspot.com/ 198 B
179 B 928ms
910ms XHR
application/json 2a00:1450:4001:803::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paywall-prod.appspot.com/frontEndConfig
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 5427638dd31d8dae89042ad8492341301fccfb167cc07550dba4410f78c74517

Request headers

Accept: application/json, text/plain, */*
property: fox42kptm
Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
etag: W/"c6-ckxxuHQye7Rd2ethQuBljUCki4s"
server: Google Frontend
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 3141f7574752d35626b87aed72ba9964
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159

GET
H2 200 trending-stories Show response
fox42kptm.com/api/rest/audience/ 14 KB
15 KB 205ms
204ms XHR
application/json 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/api/rest/audience/trending-stories?count=5
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: f3d386571962d10f82155fd24dd1055708a5cb115ac280b1cd1b2a0936385780

Request headers

Accept: application/json, text/plain, */*
Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:08 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: http://sinclairstoryline.com
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
access-control-allow-credentials: true
nmp-debug: audience
x-amz-cf-id: UL9IGJyJ4cBWav2QFhMZ9dlygK2HWiwyr-Xsw5usowYpCd9cky1lzw==
sec-gw-log-token: UNDEFINED

GET
H2 200 more Show response
fox42kptm.com/api/rest/audience/ 80 KB
80 KB 1000ms
999ms XHR
application/json 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/api/rest/audience/more?section=fox42kptm.com/news&limit=30&type=gallery&offset=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: 5fac6f218defa6cfe11d19e05bd8872cbbd44675f378bafa65dda60d34dfdc8f

Request headers

Accept: application/json, text/plain, */*
Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

sbg-tag-location: existing_section
date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
nmp-debug: audience
sec-gw-log-token: UNDEFINED
server: openresty
etag: bc909508-4d9e-11ec-a12b-0629df1e01f2
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://sinclairstoryline.com
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
access-control-allow-credentials: true
x-amz-cf-id: 4GW75GB6-_WIoOKUh3mGdJFI8tQ57K_0rgdxmtB0JOv0vOGbfTQrng==
cache: 15

GET
H2 200 NATN1 Show response
livevideostatus.sinclairstoryline.com/status/ 270 B
565 B 59ms
11ms XHR
application/json 65.9.71.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://livevideostatus.sinclairstoryline.com/status/NATN1
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-35.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 38fee043dba7ad2970e81c27ccb3c4a58b48d7ec850023b4d43e92afa6d53f2a

Request headers

Accept: application/json, text/plain, */*
Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:00 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
age: 8
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-C1
content-length: 270
x-amz-cf-id: 6B-RWb7gjLnKovYYQ3WdQA2oPSB26xSkcNZK0C0JjFdVUh9XCYeGQQ==

GET
H2 200 NATN2 Show response
livevideostatus.sinclairstoryline.com/status/ 270 B
563 B 59ms
11ms XHR
application/json 65.9.71.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://livevideostatus.sinclairstoryline.com/status/NATN2
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-35.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 38fee043dba7ad2970e81c27ccb3c4a58b48d7ec850023b4d43e92afa6d53f2a

Request headers

Accept: application/json, text/plain, */*
Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:32:59 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
age: 9
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-C1
content-length: 270
x-amz-cf-id: GI_iqG8nhYboWm0bFN4QsBf1zH9bopmGAhaiH6qiK40Pn4KIGsVk7Q==

GET
H2 200 NATIONAL Show response
livevideostatus.sinclairstoryline.com/status/ 2 KB
917 B 59ms
12ms XHR
application/json 65.9.71.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://livevideostatus.sinclairstoryline.com/status/NATIONAL
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-35.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: e2c4cb765a538663b026164cda163328632d6b13d24ce43a4023b6fdd808d691

Request headers

Accept: application/json, text/plain, */*
Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:32:58 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
age: 10
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: T1f5-4uF61Y6uTX5WOPQEnR797L-xeEsn3a5ZXiVcbrnpiqkq6wUYg==
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)

GET
H2 200 KPTM Show response
livevideostatus.sinclairstoryline.com/status/ 2 KB
907 B 357ms
310ms XHR
application/json 65.9.71.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://livevideostatus.sinclairstoryline.com/status/KPTM
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-35.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 6e100e46d205197cd13022d52892ee4d1aac20e78634034c94948e597dff4fbc

Request headers

Accept: application/json, text/plain, */*
Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:08 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA56-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-id: uIxUjNcgGQFbebOPpFb8tJkDw1PYwOvQ6f1VXVzetF8dqJzfxiSVfg==
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)

GET
H2 200 KPTM_EVENT Show response
livevideostatus.sinclairstoryline.com/status/ 2 KB
908 B 378ms
331ms XHR
application/json 65.9.71.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://livevideostatus.sinclairstoryline.com/status/KPTM_EVENT
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-35.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: f76046f37178c842612b984195ab2cae863227142be6189f6ff6fef0280bb900

Request headers

Accept: application/json, text/plain, */*
Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:08 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA56-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-id: 2ysFRAmV4dLr5OgkQiOOwI52NSBVWEBV6nxi3vQ-O_rMsHArbwpuWQ==
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)

GET
H2 200 68132 Show response
fox42kptm.com/api/rest/audiencero/weather/zipcode/ 41 KB
42 KB 559ms
559ms XHR
application/json 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/api/rest/audiencero/weather/zipcode/68132
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: 9e4e815af21a8f370746de68547b291a17cba5a691aea0847db30daa692bf5aa

Request headers

Accept: application/json, text/plain, */*
Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: http://sinclairstoryline.com
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
access-control-allow-credentials: true
nmp-debug: weather-zip
x-amz-cf-id: a-L7ARAv51GnZth0l_AjbjjET1Lw9SKD8Zt3J5Pv8-Akvzwl_UMD0A==
sec-gw-log-token: UNDEFINED

GET
H2 200 kptm-logo.svg
fox42kptm.com/resources/assets/kptm/images/logos/ 3 KB
3 KB 14ms
13ms Image
image/svg+xml 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox42kptm.com/resources/assets/kptm/images/logos/kptm-logo.svg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: b90a8c0faed3e5c93076ab37830fdd7cbee82c46413346e74799cf6aaf740ad3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: OMJ2vfgEtLczBp1cZ.OMQS028wyRaekD
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 06:54:04 GMT
server: openresty
x-amz-cf-pop: FRA53-C1
etag: "890fad9bebc96c75a7f524747c173b27"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
date: Thu, 25 Nov 2021 03:33:08 GMT
nmp-debug: resources
content-length: 2584
x-amz-cf-id: q4DMZxkqee0Oa32jO82Km1lyOGitU0nYom22VIn29_knbIXAljknVg==

GET
H2 200 sbg-search.svg
fox42kptm.com/resources/defaults/news_3.0/icons/ui/ 1 KB
1 KB 13ms
12ms Image
image/svg+xml 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox42kptm.com/resources/defaults/news_3.0/icons/ui/sbg-search.svg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: d8d1e71ee6159ec84a633aefb3788bad72f3405de514535f38cd1aa73e11c148

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: resources
last-modified: Sun, 11 Mar 2018 16:56:10 GMT
server: openresty
age: 170485
etag: "d82c17fbf5ece578f6103a3701a7a947"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
date: Tue, 23 Nov 2021 04:11:43 GMT
x-amz-cf-pop: FRA53-C1
content-length: 1119
x-amz-cf-id: D6xvI-PzIMHIhC5p935M8Zwhtp7vY_y5g4kvPIEEIzGwnAe5AxSSlg==

GET
H2 200 sbg-account-symbol.svg
sinclairstoryline.com/resources/defaults/news_3.0/icons/ui/ 6 KB
3 KB 667ms
666ms Image
image/svg+xml 143.204.207.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinclairstoryline.com/resources/defaults/news_3.0/icons/ui/sbg-account-symbol.svg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-16.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6fbbf82797ced37ef9b7c8a66404e3348a2d73117587adacd7a0c2050543abef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
last-modified: Tue, 29 Jan 2019 22:05:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"bae82d29a42f7a9d1b79ab9fc61d3c3a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: 1pwXU229iGP6qwxHrs8VPACYTaj4fzra
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-replication-status: FAILED
content-type: image/svg+xml
x-amz-cf-id: KGAJXSeu2ahxVtZaTj0_ptbEVfOh63aA5QNUuBw0eV06l66IcXILOA==

GET
H2 200 facebook.svg
fox42kptm.com/resources/defaults/news_3.0/icons/social/ 2 KB
2 KB 13ms
12ms Image
image/svg+xml 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox42kptm.com/resources/defaults/news_3.0/icons/social/facebook.svg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: d9db9553320e13d0bbe05027a4efdcf5cb8c353b3be1c42e289982fb2d1c5f62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 19:47:29 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: resources
last-modified: Tue, 14 Nov 2017 01:23:06 GMT
server: openresty
age: 546339
etag: "56637c8edfe70b785c07a3ad97896af5"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: FRA53-C1
content-type: image/svg+xml
content-length: 1629
x-amz-cf-id: slWEJpzaP1pFsskpDIfJMXIgHtQaJ7VllPlWU_YqX1tG5qX7Qe9RaQ==

GET
H2 200 twitter.svg
fox42kptm.com/resources/defaults/news_3.0/icons/social/ 2 KB
3 KB 13ms
13ms Image
image/svg+xml 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox42kptm.com/resources/defaults/news_3.0/icons/social/twitter.svg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: 76da26f241064ccf22a24f5e2884d61afc5c67caec9389220881bda38834fdc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:42:56 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: resources
last-modified: Tue, 14 Nov 2017 01:23:06 GMT
server: openresty
age: 600612
etag: "d0b4bf919897ac74950578c41a63ccc1"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: FRA53-C1
content-type: image/svg+xml
content-length: 2202
x-amz-cf-id: lYGSAR4zItgNBRrDx_wbrtxrlYWhDck3jIDYdpYMSgHQTP5iFPJIbg==

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2439
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 25 Nov 2021 03:52:29 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=19578925&ns__t=1637811188726&ns_c=UTF-8&cv=3.5&c8=Omaha%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20KPTM&c7=https%3A%2F%2Ffox42kptm.com%2...
https://sb.scorecardresearch.com/b2?c1=2&c2=19578925&ns__t=1637811188726&ns_c=UTF-8&cv=3.5&c8=Omaha%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20KPTM&c7=https%3A%2F%2Ffox42kptm.com%...

0
222 B

10ms
10ms

Image
text/plain

13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=19578925&ns__t=1637811188726&ns_c=UTF-8&cv=3.5&c8=Omaha%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20KPTM&c7=https%3A%2F%2Ffox42kptm.com%2F&c9=
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.35.253.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:08 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: 6DSBtlccj6s04J8y_4Kke7MljYuf82wGwS5kBOYzmdeqD6ikDeUC_A==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 25 Nov 2021 03:33:08 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=19578925&ns__t=1637811188726&ns_c=UTF-8&cv=3.5&c8=Omaha%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20KPTM&c7=https%3A%2F%2Ffox42kptm.com%2F&c9=
content-length: 225
x-amz-cf-id: qZCoc1cLu3Srir-lsoH6AyxztaMWlZ0dYmzO-9AThvSlG4e-8Bx5xg==

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame F9C4 5 KB
2 KB 29ms
7ms Document
text/html 143.204.207.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-940

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.207.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-207-43.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/

Response headers

content-type: text/html; charset=UTF-8
server: nginx
last-modified: Wed, 06 Oct 2021 15:33:18 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
content-encoding: gzip
date: Thu, 25 Nov 2021 01:37:54 GMT
etag: W/"5147-1633534398000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: nfCuQUJGBgT-jUoVEIxFnRwocdvQjWaTzuiz7C2O_smDwNEE8fvisQ==
age: 6950

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
502 B 40ms
40ms Image
image/gif 13.35.253.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=sbgi.net&behavior=expressed&country=de&language=en&rand=0.6743060589407368

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.253.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-115.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:08 GMT
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-content-type-options: nosniff
timing-allow-origin: *
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
cloudfront-viewer-country-region: BE
x-amz-cf-id: mfO65IF0t-ow2fq8ZilnrZ4s80pAJ8Gexfvwpu_K4npJ3tHPj1opfA==
expires: Thu, 25 Nov 2021 04:33:08 GMT

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/fcb00c1d-07d9-47a4-95e2-e989a05d751c/ 326 B
351 B 445ms
445ms Script
application/javascript 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/fcb00c1d-07d9-47a4-95e2-e989a05d751c/lightbox.js?cb=1637811188746
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/static/lightbox_sinclair.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dd5370fed5ed11e8a260f9a9eb3f3a51cb5d06c09238c0d0410cb0c132d73c15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 24 Nov 2021 11:48:26 GMT
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 6b37d059be583752-MXP

GET
H/1.1 200
OK widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html Show response
platform.twitter.com/widgets/ Frame C4D5 319 KB
103 KB 40ms
40ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Ffox42kptm.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE7) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 619502
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 25 Nov 2021 03:33:08 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 18 Oct 2021 18:32:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CE7)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 62ms
15ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 25 Nov 2021 03:33:08 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 63 B
701 B 63ms
16ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=fox42kptm.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c0476fbaa1d24e10a759bb4779200f91331ef3af5cd1c13abd88c7e0fcb2e021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65
x-xss-protection: 0
expires: Thu, 25 Nov 2021 03:33:08 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 57 B
412 B 11ms
10ms XHR
application/json 13.32.21.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3555&u=https%3A%2F%2Ffox42kptm.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 23:36:06 GMT
via: 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront)
server: Server
age: 14222
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://fox42kptm.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
content-length: 57
x-amz-cf-id: 9vphXkvai-UJs8aStNX3tpVZCr_-R7KRt7iyWA_RI08gdC9hSEt9nA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
532 B 46ms
45ms XHR
text/javascript 13.32.21.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3555&u=https%3A%2F%2Ffox42kptm.com%2F&pid=PaSIioYNUZEGn&cb=0&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22banner_pos1_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22banner_pos2_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22banner_pos3_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22banner_pos4_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos1_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos2_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos3_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos4_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos5_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22premium_ddb_0%22%2C%22s%22%3A%5B%221570x300%22%2C%221570x30%22%2C%22970x250%22%2C%22970x90%22%5D%7D%2C%7B%22sd%22%3A%22wallpaper_ddb_0%22%2C%22s%22%3A%5B%221x1%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-201.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:08 GMT
via: 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: JYG94HZ7CJKHH1EVB1N1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: JZBE5asMq1pDYvUVVdt4KmepATvfkPZ7A1qq2oOEHSoAYPo6h5AMUw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 26ms
8ms XHR
application/javascript 13.32.21.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-201.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 24488
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Wed, 24 Nov 2021 21:21:48 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: S00Ol2rd4KKck2O7dxQOIb7HzbRA9GkESVfROpjY4DWDNPt8itn6Mw==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 19ms
19ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=240324544&t=pageview&_s=1&dl=https%3A%2F%2Ffox42kptm.com%2F&ul=en-us&de=UTF-8&dt=Omaha%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20KPTM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEIhAAAAAC~&jid=1574768578&gjid=1464263828&cid=1090439637.1637811189&tid=UA-45818038-12&_gid=292934739.1637811189&_r=1&_slc=1&cd6=home&cd1=Unregistered&cd2=Unsubscribed&cd3=1090439637.1637811189&cd4=false&cd7=standard-teaser&z=36153177

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fox42kptm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame F9C4 5 KB
2 KB 32ms
32ms Script
application/javascript 143.204.207.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-43.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 0dd36438fa18f3b2b6a01dc6a086a2a75e08d4fcb429402af280d0b66dce6c8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:08 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 15:33:34 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
etag: W/"4867-1633534414000"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: 10BfWtMjuY_5vmrD_8onMOHPEdwIKwuoOKx3ToCCbz42v63c-ByxxQ==
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
expires: Thu, 25 Nov 2021 03:33:07 GMT

GET
H2

200

ef97127f-913d-415b-9221-8d2d5b23fbb8-jumbo16x9_Groceries.png
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/351/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/16x9/full/351/center/80/ef97127f-913d-415b-9221-8d2d5b23fbb8-jumbo16x9_Groceries.png
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/351/center/80/ef97127f-913d-415b-9221-8d2d5b23fbb8-jumbo16x9_Groceries.png

184 KB
184 KB

963ms
962ms

Image
image/png

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/351/center/80/ef97127f-913d-415b-9221-8d2d5b23fbb8-jumbo16x9_Groceries.png
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: 817c551fdf2113c9157de734bc60e9587edd3f24c87ba577ba03358c99584eaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: b974c230-49d1-4aae-9038-4594096f0352
x-cache: Miss from cloudfront
content-type: image/png
x-amzn-trace-id: Root=1-619f03f5-120378330725248f5328ffc3
x-amz-apigw-id: JV2OaGQMvHcF2xQ=
content-length: 187947
x-amz-cf-id: 9KLlILj2Lhxj1CkZoMs28TarPDNNEzNtPhCwWohLOyE9R9tTS5YEwA==

Redirect headers

date: Thu, 25 Nov 2021 03:06:14 GMT
via: 1.1 cb2af39fbf29fa8b3d7f263c2b822093.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 1614
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/16x9/full/351/center/80/ef97127f-913d-415b-9221-8d2d5b23fbb8-jumbo16x9_Groceries.png
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: lf4Sge6br5V1W1of1E7VLaL0DOKIhyMnC8UPwcDkr6uLI4K6Mhge4w==

GET
H2

200

b0550d71-8cff-45b3-a54b-00419bd5b4fb-large1x1_Gov.PeteRickettsinhisoffice.jpg
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/1x1/full/100/center/80/b0550d71-8cff-45b3-a54b-00419bd5b4fb-large1x1_Gov.PeteRickettsinhisoffice.jpg
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/b0550d71-8cff-45b3-a54b-00419bd5b4fb-large1x1_Gov.PeteRickettsinhisoffice.jpg

4 KB
4 KB

782ms
781ms

Image
image/jpeg

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/b0550d71-8cff-45b3-a54b-00419bd5b4fb-large1x1_Gov.PeteRickettsinhisoffice.jpg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: be6f03278977047f971da440cf230a372a370da7d8e68532071c875ae321c031

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: 657f500c-18cf-41cf-853e-36a229d63598
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amzn-trace-id: Root=1-619f03f5-142e6dfe0ba5fc7a3410bfc8
x-amz-apigw-id: JV2OaFZhPHcFXHQ=
content-length: 3914
x-amz-cf-id: nSgqNNfguUqRE_c8GDdKGkeGm6BK48k3HFKwGpO0iDkEilZmkPLRHQ==

Redirect headers

date: Mon, 22 Nov 2021 22:48:41 GMT
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 189867
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/b0550d71-8cff-45b3-a54b-00419bd5b4fb-large1x1_Gov.PeteRickettsinhisoffice.jpg
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: IoL3u39RibWHqTEzZnYLsOEu6IU1ff-TvwFIiq6KKR-4m1m89pghyg==

GET
H2

200

0ec04194-ff9b-4fe7-9502-26336c3ed676-large1x1_KatrinaAlspaugh.png
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/1x1/full/100/center/80/0ec04194-ff9b-4fe7-9502-26336c3ed676-large1x1_KatrinaAlspaugh.png
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/0ec04194-ff9b-4fe7-9502-26336c3ed676-large1x1_KatrinaAlspaugh.png

3 KB
3 KB

763ms
761ms

Image
image/png

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/0ec04194-ff9b-4fe7-9502-26336c3ed676-large1x1_KatrinaAlspaugh.png
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: 33b47b1c5987ec20f890a4eab19bbd6c4451e30f26d1f0ac4cec9bd6a2c7548c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: ff9f8083-a877-40a6-bb19-72c414a585ca
x-cache: Miss from cloudfront
content-type: image/png
x-amzn-trace-id: Root=1-619f03f5-079c2f744a518e301d05211a
x-amz-apigw-id: JV2OaHUwvHcFl5w=
content-length: 2868
x-amz-cf-id: QyVhTCednjsXZDkiDKd52zKZ3kTXb6Ih4KUpTXmCK_sKQE22pXnZlQ==

Redirect headers

date: Thu, 25 Nov 2021 02:08:53 GMT
via: 1.1 28a7186077f9b5270d98dd053f31303f.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 5055
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/0ec04194-ff9b-4fe7-9502-26336c3ed676-large1x1_KatrinaAlspaugh.png
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: nQ8sKfiKBKX_Wb8ugMcuUhn8PO7G9FXv8fb_yfNr8PGiwOmz2S6rjw==

GET
H2

200

d1f906f1-efac-452f-9925-df4b9235fb71-large1x1_AP21274679968450.jpg
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/1x1/full/100/center/80/d1f906f1-efac-452f-9925-df4b9235fb71-large1x1_AP21274679968450.jpg
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/d1f906f1-efac-452f-9925-df4b9235fb71-large1x1_AP21274679968450.jpg

4 KB
4 KB

753ms
751ms

Image
image/jpeg

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/d1f906f1-efac-452f-9925-df4b9235fb71-large1x1_AP21274679968450.jpg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: 94db822e28e0569d6df571e95887bd3d76050edb35e04057c0000ca007e26791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: f5ef756a-0548-4ae9-ac9b-4cd40925f743
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amzn-trace-id: Root=1-619f03f5-5d6fcf1430c325387008c2fb
x-amz-apigw-id: JV2OaGO1PHcFe0w=
content-length: 3717
x-amz-cf-id: Y0KlTQJ2qq26irFaF5zl-d7I5bTa4IrNf7RHLwdysss-hBSSf3ADQA==

Redirect headers

date: Thu, 25 Nov 2021 03:06:14 GMT
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 1614
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/d1f906f1-efac-452f-9925-df4b9235fb71-large1x1_AP21274679968450.jpg
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: S5EuIqHORPShRwvUaTCauWXGdiQ-UgvWQnwKCjQhxp2JXcEx2QHCfQ==

GET
H2

200

c8ca9b8d-60f6-47d3-8925-30c3ebbc9896-large1x1_carseat.JPG
3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/
Redirect Chain

https://fox42kptm.com/resources/media2/1x1/full/100/center/80/c8ca9b8d-60f6-47d3-8925-30c3ebbc9896-large1x1_carseat.JPG
https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/c8ca9b8d-60f6-47d3-8925-30c3ebbc9896-large1x1_carseat.JPG

5 KB
5 KB

777ms
776ms

Image
image/jpeg

13.32.19.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/c8ca9b8d-60f6-47d3-8925-30c3ebbc9896-large1x1_carseat.JPG
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Server: 13.32.19.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-67.fra56.r.cloudfront.net
Software: /
Resource Hash: 2dc5049c2ba07a4136993ac241fbbda288b6ac173799103a8b180e410c216743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: a94d47d9-e899-4e33-978d-8b5dd6027255
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amzn-trace-id: Root=1-619f03f5-348b7a80780de1f318fe3415
x-amz-apigw-id: JV2OaEtbPHcFYoQ=
content-length: 4789
x-amz-cf-id: BTr4biRwl8r85tAA_FdV8C5Ci3f6BTfQqFL0AvCkn0o7WlGoPEEA2g==

Redirect headers

date: Thu, 25 Nov 2021 03:06:14 GMT
via: 1.1 56c69262ecfa7873b40572ba8a323243.cloudfront.net (CloudFront), 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: media2
server: openresty
age: 1614
x-cache: Hit from cloudfront
content-type: text/html
location: https://3gz8cg829c.execute-api.us-west-2.amazonaws.com/prod/image-renderer/1x1/full/100/center/80/c8ca9b8d-60f6-47d3-8925-30c3ebbc9896-large1x1_carseat.JPG
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: HIO50-C1, FRA53-C1
content-length: 183
x-amz-cf-id: dupgZqUNLegPfcyT5Db9INxoKNr3jqRS3eJ3FWDeNKh5qn4tXQZURg==

GET
H2 200 oLRNb5k-_bigger.jpg
pbs.twimg.com/profile_images/1032731250677542912/ 2 KB
3 KB 72ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1032731250677542912/oLRNb5k-_bigger.jpg

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669E) /

Resource Hash

32fd2722c072b41dece26bbc64f35d038fe59dc42fd50c51f436f3a27bc87066

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:08 GMT
x-content-type-options: nosniff
age: 285559
x-cache: HIT
content-length: 2261
x-response-time: 127
surrogate-key: profile_images profile_images/bucket/5 profile_images/1032731250677542912
last-modified: Thu, 23 Aug 2018 20:46:12 GMT
server: ECS (frb/669E)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5ebb4221f658aeeea8b5f1be5b823bf401b9411ff4278f6f6233403575942261
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 -gYQREGm_bigger.jpg
pbs.twimg.com/profile_images/1091749673923170309/ 3 KB
3 KB 72ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1091749673923170309/-gYQREGm_bigger.jpg

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67AA) /

Resource Hash

1c9d040f78b43556d113b558d8728eb6f25c1ab41e75b0a096a279e8e6d9c822

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:08 GMT
x-content-type-options: nosniff
age: 331204
x-cache: HIT
content-length: 3151
x-response-time: 117
surrogate-key: profile_images profile_images/bucket/9 profile_images/1091749673923170309
last-modified: Sat, 02 Feb 2019 17:24:20 GMT
server: ECS (frb/67AA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3800ed35a2bb8be68f2d513d4fb243b2e26bd041b6f8ea4f764032b6506b9aec
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 73ms
20ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-45818038-12&cid=1090439637.1637811189&jid=1574768578&gjid=1464263828&_gid=292934739.1637811189&_u=aGBAAEIgAAAAAC~&z=567624534

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Nov 2021 03:33:08 GMT
content-type: text/plain
access-control-allow-origin: https://fox42kptm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame F9C4 20 KB
5 KB 45ms
7ms Script
text/javascript 65.9.71.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-113.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Sun, 07 Nov 2021 15:50:37 GMT
content-encoding: gzip
server: nginx
age: 1510951
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-C1
timing-allow-origin: *
x-amz-cf-id: hgEBb0K3QzqlGX7XionV5qgr8r-ukpQBazvt3Ruzf8iTKv9zsQ82eQ==
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
expires: Tue, 07 Dec 2021 15:50:37 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame F9C4 3 KB
3 KB 23ms
21ms Image
image/gif 143.204.207.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.207.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-207-43.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 04:47:01 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 06 Oct 2021 15:33:18 GMT
server: nginx
age: 81967
etag: W/"2608-1633534398000"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 2608
x-xss-protection: 1; mode=block
x-amz-cf-id: Js3xRp6Ak5nwsTr0Z_FZZn48ueJK5SA-PkJu2NiKTJe293jwJri5tg==

GET
H2 200 widget_app_base_1612278999697.js Show response
sinclairstoryline.com/resources/defaults/userway/widgetapp/2021-02-02/ 77 KB
22 KB 196ms
195ms Script
application/javascript 143.204.207.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sinclairstoryline.com/resources/defaults/userway/widgetapp/2021-02-02/widget_app_base_1612278999697.js
Requested by: Host: sinclairstoryline.com
URL: https://sinclairstoryline.com/resources/defaults/userway/widget.js?2021-11-23T00-23Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-16.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1a53825329f39e7b0723e96298beb500daad40964d9dfeffbeb08d73686cfcaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
last-modified: Mon, 08 Feb 2021 18:25:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"028719a81fba10cd481f5ecc4d477fa4"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: aehjJ1q64S7GP_BXmpdj_tilaAyNMxpO
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-replication-status: FAILED
content-type: application/javascript
x-amz-cf-id: l47CabfNeazOyULcMUIYnpn1dBJPZq_Bb2o3D7N9Af2WS34OU-TxAA==

GET
H2 200 b-7b120a5-ebd334a1.js Show response
tagan.adlightning.com/sinclair/ 73 KB
28 KB 10ms
10ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-7b120a5-ebd334a1.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e66fcfb6655ac69375c24dd35af572165a73aaed333d43c51deabded43364e45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:44:13 GMT
content-encoding: gzip
age: 7253337
x-cache: Hit from cloudfront
content-length: 28199
x-amz-meta-git_commit: 7b120a5
last-modified: Wed, 11 Aug 2021 19:01:26 GMT
server: AmazonS3
etag: "1ce9d67017772e830c4282816833403a"
x-amz-version-id: 44g9Lj_ljqlpdIqVOUl.lUgQ4IUU3iUf
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: mLZyOgcfYUSydujxkgueZDNGu_yWYsWTG4QtwrbtHbce8z9v5_5ugQ==

GET
H2 200 bl-f821a95-1aae0ef7.js Show response
tagan.adlightning.com/sinclair/ 50 KB
21 KB 18ms
17ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 476c70c95b16df5cd849f9dc2b5219eee9791f602003f94b1654a9696bcaa8c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:03:29 GMT
content-encoding: gzip
age: 41381
x-cache: Hit from cloudfront
content-length: 21318
x-amz-meta-git_commit: f821a95
last-modified: Wed, 24 Nov 2021 15:50:57 GMT
server: AmazonS3
etag: "605b049b64a3dc8bedcf152efc00abe4"
x-amz-version-id: HuWSiqWAMb_raiLtURkjQJWys0W.So9B
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: DCwwRxvuEJPkeloiDxN81nN6yCL3zahY15wNTYda48dh9O5_I5WWUw==

GET
H2 200 CA997B588C0A4B4B220B823E359467E4.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame EFAF 139 KB
46 KB 13ms
13ms Document
text/html 143.204.207.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-43.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: ff7972cc3d2b673e12e2d3b4f1a3f486f8fd3e72f1358f1883e876efb25b66f4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 12 Oct 2021 02:20:41 GMT
server: nginx
etag: W/"142808-1633534414000"
last-modified: Wed, 06 Oct 2021 15:33:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: iA7O5hGZCDqDwioGrSv_spjieM-V-8RoUx6rjmP8FgvArCOrwr_d8w==
age: 3805948

GET
H2 200 712af92b1889400cb57f75ff97bb4e80.json Show response
content.uplynk.com/player/assetinfo/ 1 KB
1 KB 129ms
10ms XHR
application/json 18.194.235.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.uplynk.com/player/assetinfo/712af92b1889400cb57f75ff97bb4e80.json

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.235.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-235-83.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0b966bc976037e892dc2158feb9c4cbc51c91cab0e8a6d5e9c8cb9327674944f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-services: f09b389d15d347cbaafaee34cc7bb038
content-length: 1189
x-content-type-options: nosniff

GET
H2 200 792a2be4bc034351b29a4c742344b289.json Show response
content.uplynk.com/player/assetinfo/ 1 KB
1 KB 207ms
89ms XHR
application/json 18.194.235.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.uplynk.com/player/assetinfo/792a2be4bc034351b29a4c742344b289.json

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.235.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-235-83.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

935b2acb5a81b285744995e37cfdd065929576855c909192887a466e2f89f980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-services: c7965532d3114f54becfcec0e909bd4a
content-length: 1185
x-content-type-options: nosniff

GET
H2 200 93e719a4d46f4bdea6008243331ecf99.json Show response
content.uplynk.com/player/assetinfo/ 1 KB
1 KB 128ms
11ms XHR
application/json 18.194.235.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.uplynk.com/player/assetinfo/93e719a4d46f4bdea6008243331ecf99.json

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.235.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-235-83.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f01661990f42a31dac9f7e829f67763bc8c882a97dd978029ceaaeddfa9c98e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-services: 5a468a3eb6004f95893aa6b574f4c88d
content-length: 1208
x-content-type-options: nosniff

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 47ms
18ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-45818038-12&cid=1090439637.1637811189&jid=1574768578&_u=aGBAAEIgAAAAAC~&z=1406709322

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 46ms
18ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-45818038-12&cid=1090439637.1637811189&jid=1574768578&_u=aGBAAEIgAAAAAC~&z=1406709322

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 40ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fox42kptm.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 41ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fox42kptm.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 72ms
57ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1527982069317324&correlator=2302003267320665&output=ldjh&impl=fifs&hxva=1&scor=1981689883777326&eid=31063798%2C31060033&vrg=2021111601&ptt=17&us_privacy=1-N-&sc=1&sfv=1-0-38&ecs=20211125&iu_parts=4756%2CKPTM%2CWeb%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50&fluid=height&prev_scp=pos%3D1&eri=1&cust_params=kw%3D%255Broot%255D%26path%3D%252F%26Ref_ID%3Dfalse%26page%3Dhome&cookie_enabled=1&bc=31&abxe=1&lmt=1637811189&dt=1637811189104&dlt=1637811187613&idt=1465&frm=20&biw=1600&bih=1200&oid=2&adxs=1070&adys=1177&adks=2029745300&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ffox42kptm.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=330x30&msz=300x0&ga_vid=1090439637.1637811189&ga_sid=1637811189&ga_hid=240324544&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c9ec594b2057da7cf7b47bd8533400d1bf0fd21312a108fea0ce668ba8cb9250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9737
x-xss-protection: 0
google-lineitem-id: 4685417928
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234381034
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fox42kptm.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 31FD 6 KB
4 KB 81ms
15ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 25 Nov 2021 03:33:09 GMT
expires: Fri, 25 Nov 2022 03:33:09 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 settings Show response
syndication.twitter.com/ Frame C4D5 232 B
351 B 113ms
112ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=bb44ffe5039d2a52cd78d00c4c00b35637056ac0

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Ffox42kptm.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-response-time: 104
date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 03:33:09 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 20f9caba5cb4cfffa7ca6f8bc26525c97500b2f45463d8758cf6f0d915062dc5
content-length: 166

GET
H3 200 container.html Show response
948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B5A7 6 KB
3 KB 23ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 25 Nov 2021 03:33:09 GMT
expires: Fri, 25 Nov 2022 03:33:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 66ms
21ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffox42kptm.com%2F&domain=fox42kptm.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://fox42kptm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://fox42kptm.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1453
date: Thu, 25 Nov 2021 03:33:08 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
491 B 47ms
47ms XHR
text/javascript 13.32.21.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3555&u=https%3A%2F%2Ffox42kptm.com%2F&pid=PaSIioYNUZEGn&cb=1&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22banner_pos1_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22banner_pos2_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22banner_pos3_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22banner_pos4_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos1_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos2_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos3_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos4_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos5_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22premium_ddb_0%22%2C%22s%22%3A%5B%221570x300%22%2C%221570x30%22%2C%22970x250%22%2C%22970x90%22%5D%7D%2C%7B%22sd%22%3A%22wallpaper_ddb_0%22%2C%22s%22%3A%5B%221x1%22%5D%7D%5D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-201.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: 0T4YNQ4BS98CGY0BM4G1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 5-dUgUjC4cofBNQXiDs9I3c3GXTtx30P8vlRa_vUUNR0_CrqRX_UMg==

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffox42kptm.com%2F&domain=fox42kptm.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=mx250nw0SzMwblRpVTA0bWREeThuTmRjV0xOdnptV3hLZkZySklIcUU3elVoZVlmR0hmOGZZZzV3UVdpdW03RTlkMXhoU0xSaHg4VFFDTTJMSno2WXdPdGdaekF4NUkveUorNGdlMmpPRWFjVWtQUzcyeXptQ2ZxZEhCcm...

352 B
607 B

54ms
18ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=mx250nw0SzMwblRpVTA0bWREeThuTmRjV0xOdnptV3hLZkZySklIcUU3elVoZVlmR0hmOGZZZzV3UVdpdW03RTlkMXhoU0xSaHg4VFFDTTJMSno2WXdPdGdaekF4NUkveUorNGdlMmpPRWFjVWtQUzcyeXptQ2ZxZEhCcmYvT1BRczh5OVlRazNkUUhCWTBNQ1dKZ2dmK3VLRkhKaWZNd1BFREhYYUdCYktxdUZidTNYcmxVNEhENlJtTEkzUEtIaEpCTGZ1RmkxdGRxdmdMUHdUNHBUS2ZmcFRDMXduTjVLWTlRNmNoYUQyNlFFRTNVPXw&cppv=2

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

280ee641ac89e5552eb1710a171cef98bdd727229018325cee516c21777f467c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 25 Nov 2021 03:33:09 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2816
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 25 Nov 2021 03:33:09 GMT
location: https://mug.criteo.com/sid?cpp=mx250nw0SzMwblRpVTA0bWREeThuTmRjV0xOdnptV3hLZkZySklIcUU3elVoZVlmR0hmOGZZZzV3UVdpdW03RTlkMXhoU0xSaHg4VFFDTTJMSno2WXdPdGdaekF4NUkveUorNGdlMmpPRWFjVWtQUzcyeXptQ2ZxZEhCcmYvT1BRczh5OVlRazNkUUhCWTBNQ1dKZ2dmK3VLRkhKaWZNd1BFREhYYUdCYktxdUZidTNYcmxVNEhENlJtTEkzUEtIaEpCTGZ1RmkxdGRxdmdMUHdUNHBUS2ZmcFRDMXduTjVLWTlRNmNoYUQyNlFFRTNVPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fox42kptm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2351
content-length: 482
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
423 B 39ms
10ms XHR
application/json 3.65.202.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=5.11.0&referrer=https%3A%2F%2Ffox42kptm.com%2F&tmax=1200&us_privacy=1-N-

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.65.202.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-65-202-227.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:09 GMT
x-auction-status: 12, 12, 12, 12, 12, 12, 12, 12, 12, 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fox42kptm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
224 B 120ms
30ms XHR
text/plain 34.255.50.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=5.11.0&p=%5B%7B%22placement_id%22%3A%22banner_pos1_ddb_0%22%2C%22callback_id%22%3A%221349a5282c370ac%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%2C%22gpid%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%7D%2C%7B%22placement_id%22%3A%22banner_pos2_ddb_0%22%2C%22callback_id%22%3A%221412945518165b6%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%2C%22gpid%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%7D%2C%7B%22placement_id%22%3A%22banner_pos3_ddb_0%22%2C%22callback_id%22%3A%221530db58d7d410f%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%2C%22gpid%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%7D%2C%7B%22placement_id%22%3A%22banner_pos4_ddb_0%22%2C%22callback_id%22%3A%2216b5152b2eb46f9%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%2C%22gpid%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%7D%2C%7B%22placement_id%22%3A%22rightrail_pos1_ddb_0%22%2C%22callback_id%22%3A%22171395672cb6ac3%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%2C%22gpid%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%7D%2C%7B%22placement_id%22%3A%22rightrail_pos2_ddb_0%22%2C%22callback_id%22%3A%2218409a83cc35391%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%2C%22gpid%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%7D%2C%7B%22placement_id%22%3A%22rightrail_pos3_ddb_0%22%2C%22callback_id%22%3A%221976b78a4b708e7%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%2C%22gpid%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%7D%2C%7B%22placement_id%22%3A%22rightrail_pos4_ddb_0%22%2C%22callback_id%22%3A%2220dc58be36ac0a1%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%2C%22gpid%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%7D%2C%7B%22placement_id%22%3A%22rightrail_pos5_ddb_0%22%2C%22callback_id%22%3A%2221af19beb8eed0b%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%2C%22gpid%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%7D%2C%7B%22placement_id%22%3A%22ddb_fluid_native_0%22%2C%22callback_id%22%3A%222210d062c722b78%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B728%2C90%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%2C%22gpid%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%7D%5D&page_url=https%3A%2F%2Ffox42kptm.com%2F&bust=1637811189451&pr=&scrd=1&dnt=false&description=Fox%2042%20News%20KPTM%20provides%20coverage%20of%20local%20and%20national%20news%2C%20weather%2C%20sports%20and%20community%20events%20in%20Omaha%2C%20Nebraska%20and%20the%20surrounding%20area%2C%20including%20Lincoln%2C%20Plattsmouth%2C%20La%20Vista%2C%20Gretna%2C%20Fremont%2C%20and%20Weeping%20Water%2C%20Nebraska%20and%20Missouri%20Valley%2C%20Shelby%2C%20Atlantic%20and%20Mondamin%2C%20Iowa.&title=Omaha%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20KPTM&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=1-N-&pubcid=0bfcf228-8c60-451e-b641-3f3d9dcc12d5
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.50.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-50-161.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fox42kptm.com
pragma: no-cache
date: Thu, 25 Nov 2021 03:33:09 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
158 B 135ms
104ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ceICvyEA8r6PfxaKlId8sQ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: f3c660ca04d80091b468f29dc8c9cb4e752eadacd18877e3a880967f497f8ce3

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
158 B 134ms
104ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ceICvyEA8r6PfxaKlId8sQ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 711751f3555ab9155846f5de8f623bf9e3de1269741a2cb950c05ad8ed0d087d

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
158 B 131ms
101ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ceICvyEA8r6PfxaKlId8sQ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 8ea43335dc94e0ada00ddd00c636d2983e2c0043bb4df43bc08b5ac570c7a93c

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
148 B 129ms
99ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ceICvyEA8r6PfxaKlId8sQ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 6013188062afe55b4a50915b11d01808bc95d29d299220b9b89abbb74558fac7

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
158 B 128ms
99ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cg8vSWEA8r6PfxaKlId8sQ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 4e091da68339fd6b7f7ca42df9e3dbf53a837f0ef32bacb17742e2ca24ffbddf

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
297 B 128ms
98ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cg8vSWEA8r6PfxaKlId8sQ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: b4308b9b075d8615c9e76ba6406d865c6549f2d1a7b3696349470b9d96ee6280

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
149 B 129ms
100ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cg8vSWEA8r6PfxaKlId8sQ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 15430b52f661c0271a6c6802e1f229ee9e3ddfad9623a42588409cf95514518e

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
158 B 151ms
122ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cg8vSWEA8r6PfxaKlId8sQ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 5e7c983088d395b1a25c01cacef5283c7356ad97c5c3ecee3fd7a979496d1afd

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
149 B 128ms
100ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cg8vSWEA8r6PfxaKlId8sQ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 7cc58adc8ecabe2ea73b9cfc0e472a8c60eb41d75c0bc654bc7258cf6335b2f7

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
158 B 133ms
104ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cLSdvgEA8r6PfxaKlId8sQ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 57a600a18f19717a838ee820b63b66605d0b3a50a05827f3cfcb32ebf15cf6f7

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
695 B 45ms
16ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:09 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b252c813-ec55-440a-a5ae-df704b2343ed
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fox42kptm.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 5 KB
5 KB 121ms
81ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699ea017878f00893f039210d01f0&pos=8a9690af017878eec666f03c1b8301e7&cmd=bid&secure=1&us_privacy=1-N-
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 2d34ba9ee7c5e42341d4a70ddd29c009a8975c4d117f0c52265a9dda8e3d0d9c

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
content-length: 4801

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 5 KB
5 KB 116ms
76ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699ea017878f00893f039210d01f0&pos=8a9690af017878eec666f03c1b8301e7&cmd=bid&secure=1&us_privacy=1-N-
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 68e0359be4cbaa6fe1d22baf25f2684cca0cebbceebabae197e6ccf1109915c0

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
content-length: 4808

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 5 KB
5 KB 115ms
76ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699ea017878f00893f039210d01f0&pos=8a9690af017878eec666f03c1b8301e7&cmd=bid&secure=1&us_privacy=1-N-
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 676f7b715b4c4944692171609508b30e0124cb994cd3ab8e394a1c4cbedd38aa

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
content-length: 4774

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 5 KB
5 KB 117ms
78ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699ea017878f00893f039210d01f0&pos=8a9690af017878eec666f03c1b8301e7&cmd=bid&secure=1&us_privacy=1-N-
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 2b2c984f6febcdd38cced2bed82da66afd53fe43ff586c7bfcc09a8dae926826

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
content-length: 4799

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 5 KB
5 KB 111ms
72ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699ea017878f00893f039210d01f0&pos=8a9699ea017878f00893f03c1c8a01f2&cmd=bid&secure=1&us_privacy=1-N-
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 139f9ba8a050f184cfd22f16ea49a30549ea4c349c2ddc09eb61e81661f4fc6e

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
content-length: 4812

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 5 KB
5 KB 119ms
80ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699ea017878f00893f039210d01f0&pos=8a9699ea017878f00893f03c1c8a01f2&cmd=bid&secure=1&us_privacy=1-N-
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 00bc8a85240fb0337553fe6c639ced752f1f83b46b27c7557aac08a6d9caedc7

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
content-length: 4795

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 5 KB
5 KB 142ms
104ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699ea017878f00893f039210d01f0&pos=8a9699ea017878f00893f03c1c8a01f2&cmd=bid&secure=1&us_privacy=1-N-
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: ff0b50aa9d66c87474cd02cdf57ed20e6a0c3420bc4cf67b746c59cd7a8f1711

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
content-length: 4784

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 5 KB
5 KB 117ms
79ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699ea017878f00893f039210d01f0&pos=8a9699ea017878f00893f03c1c8a01f2&cmd=bid&secure=1&us_privacy=1-N-
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 1d30ca142cfa226f9c955a34a60da4dba25ead05fc1aa0644a7e6dc5e6839bda

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
content-length: 4827

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 5 KB
5 KB 117ms
79ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699ea017878f00893f039210d01f0&pos=8a9699ea017878f00893f03c1c8a01f2&cmd=bid&secure=1&us_privacy=1-N-
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 03944ee7cc2e2f7544aaaf9febc807126c7ec200fa9d6b7036bbcdf7db6b4cc0

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
content-length: 4838

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 5 KB
5 KB 125ms
87ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699ea017878f00893f039210d01f0&pos=8a96954f017878eeca52f03c29a10275&cmd=bid&secure=1&us_privacy=1-N-
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: a9c59d51083802014df87619ce5aeb2e2f82d91ebf35af1a59ca03a3999fed5c

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
content-length: 4777

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 345 B
459 B 40ms
17ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU34Q8WJ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: af3bbe3b3568532ce4c68624b1e4691878e581efcb11506b01da4d6e7b597951

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://fox42kptm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
330 B 44ms
14ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=471829&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2267f220ee02184a7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ffox42kptm.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A10%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A10%2C%22ren%22%3Afalse%2C%22version%22%3A%225.11.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22682848c5ca43ca1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22471829%22%2C%22dfp_ad_unit_code%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22692b62e3e2154a2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22471829%22%2C%22dfp_ad_unit_code%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22701a98563364e3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22471829%22%2C%22dfp_ad_unit_code%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2271dfea39dc2129e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22471829%22%2C%22dfp_ad_unit_code%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2272667ef74619f44%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22471830%22%2C%22dfp_ad_unit_code%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22471830%22%2C%22dfp_ad_unit_code%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2274c063fa34afa09%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22471830%22%2C%22dfp_ad_unit_code%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22471830%22%2C%22dfp_ad_unit_code%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22767877fa37441cf%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22471830%22%2C%22dfp_ad_unit_code%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22471830%22%2C%22dfp_ad_unit_code%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22786b693cd77b93a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22471830%22%2C%22dfp_ad_unit_code%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22804adf80ecd815f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22471830%22%2C%22dfp_ad_unit_code%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2282fc504a90d0c73%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22471844%22%2C%22dfp_ad_unit_code%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22471844%22%2C%22dfp_ad_unit_code%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22471844%22%2C%22dfp_ad_unit_code%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22471844%22%2C%22dfp_ad_unit_code%22%3A%22%2F4756%2FKPTM%2FWeb%2Fhome%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221-N-%22%7D%7D%7D
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 186000bd4fb01115e66c6e5ac7cb466e1a4187d7d201b13410263566df451985

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:09 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.21], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://fox42kptm.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Thu, 25 Nov 2021 03:33:09 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 1 KB
7 KB 355ms
332ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21162&site_id=302914&zone_id=1524280%3B1524280%3B1524280%3B1524280%3B1524282%3B1524282%3B1524282%3B1524282%3B1524282%3B1524306&size_id=2%3B2%3B2%3B2%3B15%3B15%3B15%3B15%3B15%3B15&alt_size_ids=%3B%3B%3B%3B10%3B10%3B10%3B%3B%3B2%2C10%2C43&p_pos=%3B%3B%3B%3Batf%3Batf%3Batf%3Batf%3Batf%3B&us_privacy=1-N-&eid_pubcid.org=0bfcf228-8c60-451e-b641-3f3d9dcc12d5%5E1&rf=https%3A%2F%2Ffox42kptm.com%2F&tg_i.aupname=KPTM%26banner_pos%26page%3Dhome%3BKPTM%26banner_pos%26page%3Dhome%3BKPTM%26banner_pos%26page%3Dhome%3BKPTM%26banner_pos%26page%3Dhome%3BKPTM%26rightrail_pos%26page%3Dhome%3BKPTM%26rightrail_pos%26page%3Dhome%3BKPTM%26rightrail_pos%26page%3Dhome%3BKPTM%26rightrail_pos%26page%3Dhome%3BKPTM%26rightrail_pos%26page%3Dhome%3BKPTM&tg_i.dfp_ad_unit_code=4756%2FKPTM%2FWeb%2Fhome&tg_i.pbadslot=4756%2FKPTM%2FWeb%2Fhome&tk_flint=dmpbjs_v5.11.0&x_source.tid=0ed80112-344d-464b-86da-3de06f594e2c%3B53bffb77-d565-47ca-aef1-142bd86310f9%3B7d82a71b-b8a4-4306-883b-16fb8f589688%3B0dc0b59b-d4c7-4261-b527-9c2f804099e4%3B48dce3d0-20f8-4404-b68e-18f7c1eac8c8%3Be95daf44-429c-4e01-a619-c88a3221ffd9%3B147b75fc-d3bf-47be-820e-c615fd8c6ebd%3Bc0923893-d531-4183-8989-a60c24856acf%3Be147963e-25a0-4250-bd52-4c02722a43d6%3B71fe075b-cb5f-454b-84bb-5e15570c07a7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=10&rand=0.15571961537099344
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 122276ca8230bb00fa32559bfe6f888ed1c536a6575858a675100e557ab26aa0

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:09 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://fox42kptm.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 502
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
282 B 95ms
50ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.11.0&cb=36368956024
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Nov 2021 03:33:08 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fox42kptm.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 sbg-close.svg
fox42kptm.com/resources/defaults/news_3.0/icons/ui/ 1 KB
2 KB 10ms
9ms Image
image/svg+xml 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox42kptm.com/resources/defaults/news_3.0/icons/ui/sbg-close.svg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/assets/2021-11-23T00-23Z/fox42kptm/compiled_js/presentations-home_v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: eb4775fadba6859bd69502e772f42d17aae221eb24dc8be4e847cdbbfd31c098

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: resources
last-modified: Sun, 11 Mar 2018 16:56:10 GMT
server: openresty
age: 603962
etag: "120168deaffeb1a397296772b42407c9"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
date: Thu, 18 Nov 2021 03:47:07 GMT
x-amz-cf-pop: FRA53-C1
content-length: 1166
x-amz-cf-id: wEi0mCEjlHXSv4oFPB22mxCgwroW7vkTf6JAMFHlbr4DUlRwn06y7A==

POST
H2 200 Y5xBOvHNhv Show response
api.userway.org/api/tunings/ 804 B
721 B 573ms
188ms XHR
application/json 34.208.254.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/Y5xBOvHNhv
Requested by: Host: sinclairstoryline.com
URL: https://sinclairstoryline.com/resources/defaults/userway/widgetapp/2021-02-02/widget_app_base_1612278999697.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.254.20 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-254-20.us-west-2.compute.amazonaws.com
Software: _ / Express
Resource Hash: cfdb022fd7d694f61dc18a47a238d4fa426881f58a9a8f61adb0359d75e14773

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
etag: W/"324-mgA2jLp9eAnlJ2pNCzi53yzBfDE"
server: _
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0
access-control-allow-headers: *
expires: Thu, 25 Nov 2021 03:33:09 GMT

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/fcb00c1d-07d9-47a4-95e2-e989a05d751c/ 660 KB
139 KB 36ms
36ms Script
application/javascript 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/fcb00c1d-07d9-47a4-95e2-e989a05d751c/user.js?cb=637716545887014387
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/fcb00c1d-07d9-47a4-95e2-e989a05d751c/lightbox.js?cb=1637811188746
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09338ee5014029f9ba791425877e033156dedf8d3132ac2ee7596406553bb69d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: iJunESI8yBha77lPYf3HnA==
age: 230164
cf-polished: origSize=1131005
last-modified: Tue, 31 Aug 2021 16:30:41 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: da93d925-d01e-0029-1a95-df6e72000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 6b37d05e7aee3752-MXP
expires: Fri, 25 Nov 2022 03:33:09 GMT

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame F9C4 969 B
832 B 82ms
81ms XHR
application/json 143.204.207.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.207.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-207-43.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

edb378ec33f8cd7235d0d1451912782c10e64b73851b8005987dfbb2b24b0a1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: CA997B588C0A4B4B220B823E359467E4
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 462
x-xss-protection: 1; mode=block
x-amz-cf-id: Tg10N_-yuDVX6h1LVN6NAEXerUDExpNo5jhVBKwvB1JfZNBUOt2CgQ==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame F9C4 48 B
391 B 81ms
80ms XHR
application/json 143.204.207.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.207.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-207-43.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

42481511adf1c3dcd5054828d69fd9c04236381d7e9d4485385df5b11e9b145a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: CA997B588C0A4B4B220B823E359467E4
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
content-disposition: attachment
content-length: 48
x-xss-protection: 1; mode=block
x-amz-cf-id: EwQ-JpTl-KvI-562Z8qc9gWWXxR3-luVD-3K_HMcChHq0BIyzP_dJw==

GET
H2 200 bl-f821a95-1aae0ef7.js Show response
tagan.adlightning.com/sinclair/ Frame B5A7 50 KB
21 KB 12ms
11ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Requested by: Host: 948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com
URL: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 476c70c95b16df5cd849f9dc2b5219eee9791f602003f94b1654a9696bcaa8c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:03:29 GMT
content-encoding: gzip
age: 41381
x-cache: Hit from cloudfront
content-length: 21318
x-amz-meta-git_commit: f821a95
last-modified: Wed, 24 Nov 2021 15:50:57 GMT
server: AmazonS3
etag: "605b049b64a3dc8bedcf152efc00abe4"
x-amz-version-id: HuWSiqWAMb_raiLtURkjQJWys0W.So9B
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: EDV8NtMYwL53LKn6XCCN6ctsaazAeos9Y2Uxw5J_pZv9CoScOcBRmw==

GET
H2 200 b-7b120a5-ebd334a1.js Show response
tagan.adlightning.com/sinclair/ Frame B5A7 73 KB
28 KB 13ms
11ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-7b120a5-ebd334a1.js
Requested by: Host: 948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com
URL: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e66fcfb6655ac69375c24dd35af572165a73aaed333d43c51deabded43364e45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:44:13 GMT
content-encoding: gzip
age: 7253337
x-cache: Hit from cloudfront
content-length: 28199
x-amz-meta-git_commit: 7b120a5
last-modified: Wed, 11 Aug 2021 19:01:26 GMT
server: AmazonS3
etag: "1ce9d67017772e830c4282816833403a"
x-amz-version-id: 44g9Lj_ljqlpdIqVOUl.lUgQ4IUU3iUf
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: nl0eOBVAMBYFUrQ6Wl_h7GNSVfPvzDG9zrz5uLL-L4Thf7F02OzGmw==

GET
H3 200 css
fonts.googleapis.com/ Frame B5A7 4 KB
499 B 36ms
19ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,300italic,300,400italic,700,700italic

Requested by

Host: 948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com
URL: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

334e714a1c5ebefb28783d1c809dda2a01b916554121e92067a2e41417cd10a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 02:29:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Nov 2021 03:33:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Nov 2021 03:33:09 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B5A7 22 KB
7 KB 40ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com
URL: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 15:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44229
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 24 Nov 2022 15:16:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B5A7 664 B
355 B 33ms
17ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400&lang=de

Requested by

Host: 948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com
URL: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 03:33:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Nov 2021 03:33:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Nov 2021 03:33:09 GMT

GET
H3 200 16674339623651514693
tpc.googlesyndication.com/simgad/ Frame B5A7 10 KB
10 KB 25ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16674339623651514693?

Requested by

Host: 948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com
URL: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853f9fdf83f9d5ecb1d56969d822dca5775cafb0aaf2ba6278b7f18fadc50809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 20:22:43 GMT
x-content-type-options: nosniff
age: 25827
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10214
x-xss-protection: 0
last-modified: Thu, 24 May 2018 21:24:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 20:22:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B5A7 119 KB
36 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com
URL: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Nov 2021 03:33:09 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/sinclairgamdisplay488716798718/ Frame B5A7 297 KB
101 KB 65ms
18ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/sinclairgamdisplay488716798718/moatad.js
Requested by: Host: 948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com
URL: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 18482c4dca61963f3d8a1051c1dd614a6965ca11d0bc91f0e4177b3b8e807ee2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:46:55 GMT
server: AmazonS3
x-amz-request-id: PW6DW83E825GE3N7
etag: "9916f5d8e07e94c1b954389710ee0308"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7730
accept-ranges: bytes
content-length: 102917
x-amz-id-2: 71l7PZ4opcBn6mPpG0IjrF4M4EoH3Eq5QffNTPhWy9deCNd0GFKbLBfvd/ESHEWi+sZEoT792wY=

GET
H2 200 streaming.js Show response
fox42kptm.com/resources/video/players/prod/dist/1.4.18/ 17 KB
18 KB 19ms
17ms Script
application/javascript 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/resources/video/players/prod/dist/1.4.18/streaming.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: 223e564c5a92fbff310e212a8078d54df643e38ee0738c8cc2a3813f34602bd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 04:08:09 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: resources
last-modified: Tue, 02 Nov 2021 21:29:43 GMT
server: openresty
age: 84300
etag: "88abdab25e4e2a3185f650706f715870"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: GaHgluStCo7aRtYkBAur63UuOCBKPlL2
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
content-length: 17534
x-amz-cf-id: kHE8sam5skCx2ZcFTSK-q1dduxfwS7Krj-PNYBVstbEkZn07g7PKQA==

GET
H2 200 analytics.js Show response
fox42kptm.com/resources/video/players/prod/dist/1.4.18/ 22 KB
23 KB 16ms
15ms Script
application/javascript 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/resources/video/players/prod/dist/1.4.18/analytics.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: fbb195c5c276b127f061ac0a2b22f1ff2c917f478b258bcafe2d14e11abe94c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: Mcd3nY17MeWc24Z85.AgrfLlUFDWJaEg
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: resources
last-modified: Tue, 02 Nov 2021 21:29:43 GMT
server: openresty
age: 169319
etag: "85116b55076e3bba0e8dd7a282425635"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
date: Tue, 23 Nov 2021 04:31:09 GMT
x-amz-cf-pop: FRA53-C1
content-length: 22847
x-amz-cf-id: dc0ajq6SaaYhyXwL2vrBFDAoiXwQlnnrSrEKCMm3mqab5Ts-Zm67aQ==

GET
H2 200 adbreaks.js Show response
fox42kptm.com/resources/video/players/prod/dist/1.4.18/ 24 KB
25 KB 15ms
15ms Script
application/javascript 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/resources/video/players/prod/dist/1.4.18/adbreaks.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: 88a1b92604994e0900cf90574f215104db18a2d4d81f28f6a28439df345f1cfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: G_OJa6MdCNoLkEJTwnXHxpxTB1HJdXui
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
nmp-debug: resources
last-modified: Tue, 02 Nov 2021 21:29:43 GMT
server: openresty
age: 194197
etag: "823aa11f0cc31cfe25e5da74de20f50e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
date: Mon, 22 Nov 2021 21:36:32 GMT
x-amz-cf-pop: FRA53-C1
content-length: 24866
x-amz-cf-id: NydokZfPW6d-IOfgufUU61Xgt_MO7UOWOVbGDhgX9nefclW0lSClDw==

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 53ms
18ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1011
date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame F9C4 28 KB
7 KB 83ms
82ms Stylesheet
text/css 143.204.207.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/EuPreferenceManager.css
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-43.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 75b9505ae007f8cc3bc1c5858b2010548ad36d39f1720b71be444a6238b4b8ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 15:33:18 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
etag: W/"28907-1633534398000"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: iAeAbS32bPiiVbssw6nBWVpkg_2VUpZ6wmMyyh3Llas-73gsybeGXg==
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
expires: Thu, 25 Nov 2021 03:33:08 GMT

GET
H2 200 10.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/CA997B588C0A4B4B220B823E359467E4/ Frame F9C4 252 KB
86 KB 8ms
8ms XHR
application/javascript 143.204.207.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/CA997B588C0A4B4B220B823E359467E4/10.cache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-43.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: d367560de53d283557b5b465ecb65c8527f73106b5435a42c630aa96223aec7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 02:20:29 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 15:33:34 GMT
server: nginx
age: 3805960
etag: W/"258117-1633534414000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: TpW-F8HDzGHTo_ZJXj7lu33VHuP-rgKjimaJGjw0JFMJyHck3mXMgw==
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 40ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fox42kptm.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 40ms
17ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fox42kptm.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 275 KB
22 KB 98ms
98ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1527982069317324&correlator=3895927636330997&output=ldjh&impl=fifs&hxva=1&scor=1981689883777326&eid=31063798%2C31060033&vrg=2021111601&ptt=17&us_privacy=1-N-&sc=1&sfv=1-0-38&ecs=20211125&iu_parts=4756%2CKPTM%2CWeb%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%2C728x90%2C728x90%2C728x90%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%2C300x250%2C1570x300%7C1570x30%7C970x250%7C970x90%2C1x1&prev_scp=pos%3D1%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_format_onemobile%3Dbanner%26hb_size_onemobile%3D728x90%26hb_pb_onemobile%3D0.06%26hb_adid_onemobile%3D115692479534703f%26hb_bidder_onemobile%3Donemobile%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.06%26hb_adid%3D115692479534703f%26hb_bidder%3Donemobile%7Cpos%3D2%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_format_onemobile%3Dbanner%26hb_size_onemobile%3D728x90%26hb_pb_onemobile%3D0.03%26hb_adid_onemobile%3D110bb7062e2587a2%26hb_bidder_onemobile%3Donemobile%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.03%26hb_adid%3D110bb7062e2587a2%26hb_bidder%3Donemobile%7Cpos%3D3%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_format_onemobile%3Dbanner%26hb_size_onemobile%3D728x90%26hb_pb_onemobile%3D0.03%26hb_adid_onemobile%3D109290319d5b1d4e%26hb_bidder_onemobile%3Donemobile%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.03%26hb_adid%3D109290319d5b1d4e%26hb_bidder%3Donemobile%7Cpos%3D4%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_format_onemobile%3Dbanner%26hb_size_onemobile%3D728x90%26hb_pb_onemobile%3D0.05%26hb_adid_onemobile%3D1110b0f6132f8a62%26hb_bidder_onemobile%3Donemobile%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.05%26hb_adid%3D1110b0f6132f8a62%26hb_bidder%3Donemobile%7Cpos%3D1%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_format_onemobile%3Dbanner%26hb_size_onemobile%3D300x250%26hb_pb_onemobile%3D0.06%26hb_adid_onemobile%3D108e35f230033104%26hb_bidder_onemobile%3Donemobile%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.06%26hb_adid%3D108e35f230033104%26hb_bidder%3Donemobile%7Cpos%3D2%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_format_onemobile%3Dbanner%26hb_size_onemobile%3D300x250%26hb_pb_onemobile%3D0.06%26hb_adid_onemobile%3D114736778583d2bb%26hb_bidder_onemobile%3Donemobile%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.06%26hb_adid%3D114736778583d2bb%26hb_bidder%3Donemobile%7Cpos%3D3%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_format_onemobile%3Dbanner%26hb_size_onemobile%3D300x250%26hb_pb_onemobile%3D0.06%26hb_adid_onemobile%3D117f8811405fa96b%26hb_bidder_onemobile%3Donemobile%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.06%26hb_adid%3D117f8811405fa96b%26hb_bidder%3Donemobile%7Cpos%3D4%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_format_onemobile%3Dbanner%26hb_size_onemobile%3D300x250%26hb_pb_onemobile%3D0.06%26hb_adid_onemobile%3D112ec9922b9ccf2a%26hb_bidder_onemobile%3Donemobile%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.06%26hb_adid%3D112ec9922b9ccf2a%26hb_bidder%3Donemobile%7Cpos%3D5%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_format_onemobile%3Dbanner%26hb_size_onemobile%3D300x250%26hb_pb_onemobile%3D0.05%26hb_adid_onemobile%3D113b3e0e0a8eda1a%26hb_bidder_onemobile%3Donemobile%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D113b3e0e0a8eda1a%26hb_bidder%3Donemobile%7Cpos%3Dpremium%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=kw%3D%255Broot%255D%26path%3D%252F%26Ref_ID%3Dfalse%26page%3Dhome&cookie=ID%3Dc4a219663db19303-227fd509fbcb0006%3AT%3D1637811189%3AS%3DALNI_Mb68iIzM76ba8FR54aQP1csQ1kkaQ&bc=31&abxe=1&lmt=1637811189&dt=1637811189861&dlt=1637811187613&idt=1465&frm=20&biw=1600&bih=1200&oid=2&adxs=429%2C429%2C429%2C429%2C1070%2C1070%2C1070%2C-9%2C-9%2C215%2C0&adys=1665%2C3353%2C4239%2C5719%2C323%2C1808%2C4382%2C-9%2C-9%2C75%2C60&adks=3599507207%2C2190889768%2C2311480919%2C2328692226%2C3875038693%2C1759223194%2C1115631983%2C2790357192%2C25268480%2C3689519078%2C473740472&ucis=2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ffox42kptm.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x116%7C1200x116%7C1200x116%7C1200x116%7C330x277%7C330x277%7C330x277%7C0x-1%7C0x-1%7C1170x0%7C1600x0&msz=728x101%7C728x101%7C728x101%7C728x101%7C300x277%7C300x277%7C300x277%7C0x-1%7C0x-1%7C1170x0%7C1600x0&psts=AGkb-H-tCfcYqJQLqZhhAbdPPi0ouyvIGmkTG25j3YFzB8uNVhocvSIuGPNf77zRpJ2CRZIxyp9MsCEnQn_og5aQJ3RDZoSIp3sPd2z8UPU-qSKu1aK06Q&ga_vid=1090439637.1637811189&ga_sid=1637811189&ga_hid=240324544&ga_fc=true&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C2%2C2%2C0%2C0&ohw=728%2C728%2C728%2C728%2C300%2C300%2C300%2C0%2C0%2C0%2C0&btvi=1%7C2%7C3%7C4%7C0%7C5%7C6%7C-1%7C-1%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c011bc89c5839a113b0f09412af6280479f84abc823e76e37cb21a4d651d8c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22021
x-xss-protection: 0
google-lineitem-id: 4685377161,4685377161,4685377161,4685377161,4685377161,4685377161,4685377161,4685377161,4685377161,4685114612,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234256527,138234303065,138234256398,138234302969,138234303071,138234303014,138234303008,138234303023,138234256608,138234302420,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fox42kptm.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 23ms
23ms Stylesheet
text/css 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637660242412713823
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Nov 2021 03:33:09 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 230161
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: ce6f0881-001e-0046-2295-dfc6a6000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 6b37d060cce03752-MXP
expires: Fri, 25 Nov 2022 03:33:09 GMT

GET
H/1.1 200
OK z Show response
lightboxapi.azurewebsites.net/z9gd/43146/fox42kptm.com/jsonp/ 538 B
781 B 538ms
128ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/43146/fox42kptm.com/jsonp/z?cb=1637811189885&callback=jQuery1710008456272599345338_1637811189873&_=1637811189886
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/fcb00c1d-07d9-47a4-95e2-e989a05d751c/user.js?cb=637716545887014387
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 74f967717ac927fe03ed9999063845f1f2725fc8f124de73a19d43816c1223b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 03:33:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
259 B 27ms
26ms Image
image/gif 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1637811189878&h=fox42kptm.com&e=p&u=43146
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Nov 2021 03:33:09 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1726058
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: a6738c5e-201e-00df-52f5-370495000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b37d060dcf13752-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B5A7 0
0 42ms
42ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvouvm915nXzzMV1I2MGbmXRIHVWyO8XOfMeaZbWaJ-hZWMSAarY0Rup6zMPLrjztrNbPNyQyYVFftAAFF8sjCjexYyNU5f51AeUBCQ8uL0MZRW8iAVpAlxAKNj9USefyIwprX2g6HkVBi2kNs5E0mOc5w3W6uPoPT4XkryG6u4qB2PkEZs12urHTbL-feCuf1GLrhwdnd_bHlvxAWaTu538SwdQ1wzbEEDR_i5_BS_i5XYzqmYQzw8BNT34xLJI8t4QRArDL-4BQkEaLrsfOIBzqioMPMq-KIZBygaOgNinIV4vuyO8A&sai=AMfl-YSm_8HX_ZKBlCRpiGyO_nKUXI7oIQkhl7d6x9OFBrt7HRA3wqW9LvtrjiEY0Yj-qPSzxU1a6s6-fD_dzyBGrsQUTyE2LbOm-dPptGdOOqdOjc9puAM0vJqkf4M64178&sig=Cg0ArKJSzDAXZpsgz-ezEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com
URL: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame B5A7 23 KB
23 KB 26ms
11ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,300,400italic,700,700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 20:12:18 GMT
x-content-type-options: nosniff
age: 26452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 20:12:18 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ Frame B5A7 22 KB
22 KB 22ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,300,400italic,700,700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 20:12:20 GMT
x-content-type-options: nosniff
age: 112850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 20:12:20 GMT

GET
H2 200 KPTM Show response
livevideostatus.sinclairstoryline.com/status/ 2 KB
909 B 8ms
8ms Fetch
application/json 65.9.71.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://livevideostatus.sinclairstoryline.com/status/KPTM
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/video/players/prod/dist/1.4.18/streaming.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-35.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 6e100e46d205197cd13022d52892ee4d1aac20e78634034c94948e597dff4fbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:08 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
age: 2
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: eicykuooVSFaskhDkUrcoL_cTPilv_FsuNn_3C30d53fCLlIlE2sSg==
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B5A7 0
0 57ms
42ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujA8O_yjxgRmWRZIQq0sfk2WxZBqms8bZG0eZsWNsSI0edhd2OnZC8kMGmat2U7G3TBjfROYDKIo46SbEgZh8o4JeN9wrR9RJ5k8l5EE0O-ZxZyV0aD3jRmFRWn-HSgt3DP3VrT191gqsEcrKkqqXQVTcNB7dNyT3_5W_kQ1ji7zG_qiUfcxgA4s2xLynAXfNY2EfGxf68kABKYxfxLMabRj6Ev6EWxhtW34qRcPkR7pqozBRHmko4mMrPxldo5UYbTX57mYkMLuerX173Sajl9Bw0iuCP_9MPYMxG58GUuLO-_H-OV_sc&sai=AMfl-YSYGhgEcCWAoC_lKULQTM6s4VkE9Afa8JvOjllAtnrQtixcOGrlPGgUSp6VJR60KbWDyylAsKuniForcpG41YwROU_57ndf-PFgQCB5jIl1bKwTTmB6U6Fp4efjpo_n&sig=Cg0ArKJSzAQY5C_rQ7UaEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 25 Nov 2021 03:33:10 GMT

GET
DATA 200
OK truncated
/ Frame B5A7 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16e29d9fe81196624faea40b1f29e577ab936910831a6252458b38bb29671c8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ Frame B5A7 43 B
260 B 27ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=SINCLAIR_GAM_DISPLAY1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&ra=1&pxm=&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Ffox42kptm.com&lp=https%3A%2F%2Ffox42kptm.com&t=1637811190283&de=993355233502&m=0&ar=553ffc12ef5-clean&iw=321a0a7&q=2&cb=0&ym=0&cu=1637811190283&ll=2&lm=1&ln=1&em=0&en=0&d=92725138%3A2316137404%3A4685417928%3A138234381034&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=0&ii=3&bo=84109138&bd=97476178&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&gw=sinclairgamdisplay488716798718&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A738%3A738%3A0%3A0&fs=195402&na=1055958277&cs=0
Requested by: Host: 948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com
URL: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:10 GMT

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/CA997B588C0A4B4B220B823E359467E4/ Frame F9C4 19 KB
8 KB 8ms
8ms XHR
application/javascript 143.204.207.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/CA997B588C0A4B4B220B823E359467E4/1.cache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-43.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 13b64eac810929d5c8a140f9a28ebec23c9b985399aa87e63789e68978751d0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 02:20:41 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 15:33:34 GMT
server: nginx
age: 3805949
etag: W/"19640-1633534414000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: aOaTTC25wblWKjnR3XrjujPB7_N87ssNbDWZp5mf43aOIIxxJigLCw==
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 KPTM Show response
livevideostatus.sinclairstoryline.com/status/ 2 KB
902 B 7ms
7ms Fetch
application/json 65.9.71.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://livevideostatus.sinclairstoryline.com/status/KPTM
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/video/players/prod/dist/1.4.18/streaming.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-35.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 6e100e46d205197cd13022d52892ee4d1aac20e78634034c94948e597dff4fbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:08 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
age: 2
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: TMI3p33fxwR2-4HnsE0bXCC4OeEp90TMT0S6MhHDYDQAivv4nLBBFQ==
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)

GET
H2 200 bl-f821a95-1aae0ef7.js Show response
tagan.adlightning.com/sinclair/ Frame F418 50 KB
21 KB 9ms
8ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 476c70c95b16df5cd849f9dc2b5219eee9791f602003f94b1654a9696bcaa8c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:03:29 GMT
content-encoding: gzip
age: 41382
x-cache: Hit from cloudfront
content-length: 21318
x-amz-meta-git_commit: f821a95
last-modified: Wed, 24 Nov 2021 15:50:57 GMT
server: AmazonS3
etag: "605b049b64a3dc8bedcf152efc00abe4"
x-amz-version-id: HuWSiqWAMb_raiLtURkjQJWys0W.So9B
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: AdWDZs4RsRt87nw_exatx5ytfoUhhDuGZ9gzazEpOrmeX9Gq1FnooQ==

GET
H2 200 b-7b120a5-ebd334a1.js Show response
tagan.adlightning.com/sinclair/ Frame F418 73 KB
28 KB 10ms
9ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-7b120a5-ebd334a1.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e66fcfb6655ac69375c24dd35af572165a73aaed333d43c51deabded43364e45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:44:13 GMT
content-encoding: gzip
age: 7253338
x-cache: Hit from cloudfront
content-length: 28199
x-amz-meta-git_commit: 7b120a5
last-modified: Wed, 11 Aug 2021 19:01:26 GMT
server: AmazonS3
etag: "1ce9d67017772e830c4282816833403a"
x-amz-version-id: 44g9Lj_ljqlpdIqVOUl.lUgQ4IUU3iUf
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: e02EHkMkq-M0Xw5WP1_4gvNU0tEvyGIc77NJ5IvgwGikccVTmlNd-g==

GET
H3 200 16450079897291089245
tpc.googlesyndication.com/simgad/ Frame F418 71 KB
71 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16450079897291089245

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f515ad567c75d7f715bfb4e0cf1555fe91cad82d403e2d89fd7b0ee3d574162a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:40:28 GMT
x-content-type-options: nosniff
age: 507162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73122
x-xss-protection: 0
last-modified: Thu, 24 May 2018 21:05:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Nov 2022 06:40:28 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame F418 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 03:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F418 119 KB
36 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Nov 2021 03:33:10 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/sinclairgamdisplay488716798718/ Frame F418 297 KB
101 KB 24ms
24ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/sinclairgamdisplay488716798718/moatad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 18482c4dca61963f3d8a1051c1dd614a6965ca11d0bc91f0e4177b3b8e807ee2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:46:55 GMT
server: AmazonS3
x-amz-request-id: PW6DW83E825GE3N7
etag: "9916f5d8e07e94c1b954389710ee0308"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7729
accept-ranges: bytes
content-length: 102917
x-amz-id-2: 71l7PZ4opcBn6mPpG0IjrF4M4EoH3Eq5QffNTPhWy9deCNd0GFKbLBfvd/ESHEWi+sZEoT792wY=

GET
H2 200 bl-f821a95-1aae0ef7.js Show response
tagan.adlightning.com/sinclair/ Frame 1578 50 KB
21 KB 13ms
13ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 476c70c95b16df5cd849f9dc2b5219eee9791f602003f94b1654a9696bcaa8c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:03:29 GMT
content-encoding: gzip
age: 41382
x-cache: Hit from cloudfront
content-length: 21318
x-amz-meta-git_commit: f821a95
last-modified: Wed, 24 Nov 2021 15:50:57 GMT
server: AmazonS3
etag: "605b049b64a3dc8bedcf152efc00abe4"
x-amz-version-id: HuWSiqWAMb_raiLtURkjQJWys0W.So9B
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 2sCN_h8H0MawceAscYsvekcYNuFCMmniyB1QZs5FfE7aPjdIEWqikQ==

GET
H2 200 b-7b120a5-ebd334a1.js Show response
tagan.adlightning.com/sinclair/ Frame 1578 73 KB
28 KB 14ms
14ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-7b120a5-ebd334a1.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e66fcfb6655ac69375c24dd35af572165a73aaed333d43c51deabded43364e45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:44:13 GMT
content-encoding: gzip
age: 7253338
x-cache: Hit from cloudfront
content-length: 28199
x-amz-meta-git_commit: 7b120a5
last-modified: Wed, 11 Aug 2021 19:01:26 GMT
server: AmazonS3
etag: "1ce9d67017772e830c4282816833403a"
x-amz-version-id: 44g9Lj_ljqlpdIqVOUl.lUgQ4IUU3iUf
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: OV9vU-0BBaGqU8VtQcuJgDoPgs3ryum75RSroVQQo5606IZEIiUhcA==

GET
H3 200 15907125647384796734
tpc.googlesyndication.com/simgad/ Frame 1578 9 KB
9 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15907125647384796734

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11594dc2e8e18000fe2fbfc2d1b982f2663b86872cb3c08dcb139e982ab335d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 11:00:14 GMT
x-content-type-options: nosniff
age: 59576
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9327
x-xss-protection: 0
last-modified: Thu, 24 May 2018 21:06:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 11:00:14 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1578 2 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 03:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1578 119 KB
36 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Nov 2021 03:33:10 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/sinclairgamdisplay488716798718/ Frame 1578 297 KB
101 KB 30ms
30ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/sinclairgamdisplay488716798718/moatad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 18482c4dca61963f3d8a1051c1dd614a6965ca11d0bc91f0e4177b3b8e807ee2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:46:55 GMT
server: AmazonS3
x-amz-request-id: PW6DW83E825GE3N7
etag: "9916f5d8e07e94c1b954389710ee0308"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7729
accept-ranges: bytes
content-length: 102917
x-amz-id-2: 71l7PZ4opcBn6mPpG0IjrF4M4EoH3Eq5QffNTPhWy9deCNd0GFKbLBfvd/ESHEWi+sZEoT792wY=

GET
H2 200 cookie_iframe.html Show response
prefmgr-cookie.truste-svc.net/cookie_js/ Frame 4557 5 KB
2 KB 305ms
99ms Document
text/html 34.195.72.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http://sbgi.net/privacy-policy&irm=undefined&from=https://consent.trustarc.com/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.72.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-72-147.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
etag: W/"5014-1597208285000"
last-modified: Wed, 12 Aug 2020 04:58:05 GMT
content-encoding: gzip

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame F9C4 627 B
637 B 81ms
78ms XHR
application/json 143.204.207.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.207.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-207-43.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

2e578b8901bc4b1b3a6aca07e22e4c843356c51b37400ae8276d1396b3eb578d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: CA997B588C0A4B4B220B823E359467E4
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 277
x-xss-protection: 1; mode=block
x-amz-cf-id: 3NH3VzX3acu2Wxn2zGfRU-Hxk9CPvNlG_eIiZ2QsIloi8-qvgDAPjQ==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame F9C4 13 KB
4 KB 81ms
80ms XHR
application/json 143.204.207.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.207.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-207-43.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

aecdfb202cfb299b55a857255a27871a3009a9e16d849a08698f52916870d064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: CA997B588C0A4B4B220B823E359467E4
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 4097
x-xss-protection: 1; mode=block
x-amz-cf-id: 7j1sc8qk-w0nhr7wXvGdmSJ5Cxwh41bguF4w7LnqN6TseDHeoLKMzg==

GET
H2 200 pixel.gif
px.moatads.com/ Frame B5A7 43 B
260 B 19ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F16674339623651514693%3F&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-lVeP6LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-93xD4bI%2F0rYACQ%3D%3D&sc=1&os=1-Bg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=0&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=75&w=75&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Ffox42kptm.com&lp=https%3A%2F%2Ffox42kptm.com&t=1637811190283&de=993355233502&cu=1637811190283&m=61&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=91&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A738%3A738%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=0&of=0&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=46&cd=0&ah=46&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685417928%3A138234381034&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=2091133953&cs=0
Requested by: Host: 948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com
URL: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:10 GMT

GET
H2 200 bl-f821a95-1aae0ef7.js Show response
tagan.adlightning.com/sinclair/ Frame 8D6E 50 KB
21 KB 7ms
7ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 476c70c95b16df5cd849f9dc2b5219eee9791f602003f94b1654a9696bcaa8c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:03:29 GMT
content-encoding: gzip
age: 41382
x-cache: Hit from cloudfront
content-length: 21318
x-amz-meta-git_commit: f821a95
last-modified: Wed, 24 Nov 2021 15:50:57 GMT
server: AmazonS3
etag: "605b049b64a3dc8bedcf152efc00abe4"
x-amz-version-id: HuWSiqWAMb_raiLtURkjQJWys0W.So9B
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: ssnMObGJEbqi_VYb3XSVjSFp_gLa-7yz_70yWZk-WNS_5Fz3VDl4_Q==

GET
H2 200 b-7b120a5-ebd334a1.js Show response
tagan.adlightning.com/sinclair/ Frame 8D6E 73 KB
28 KB 7ms
6ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-7b120a5-ebd334a1.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e66fcfb6655ac69375c24dd35af572165a73aaed333d43c51deabded43364e45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:44:13 GMT
content-encoding: gzip
age: 7253338
x-cache: Hit from cloudfront
content-length: 28199
x-amz-meta-git_commit: 7b120a5
last-modified: Wed, 11 Aug 2021 19:01:26 GMT
server: AmazonS3
etag: "1ce9d67017772e830c4282816833403a"
x-amz-version-id: 44g9Lj_ljqlpdIqVOUl.lUgQ4IUU3iUf
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 3JgcSdmHQeQ6G8iZgeTWkpcUTc29Fu_XJ8rGRPlBiNdPgBbWHh351w==

GET
H3 200 2675212623827525160
tpc.googlesyndication.com/simgad/ Frame 8D6E 89 KB
89 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2675212623827525160

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b92be55685dabbeab0642b2d4f213e49fe809398e1388205161a4c926de2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:53:08 GMT
x-content-type-options: nosniff
age: 506402
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91251
x-xss-protection: 0
last-modified: Thu, 24 May 2018 21:05:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Nov 2022 06:53:08 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 8D6E 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 03:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D6E 119 KB
36 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Nov 2021 03:33:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8D6E 0
0 44ms
24ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRA3E-E76v3zDCicMzYNW3pyGLtwSTp6Zr3Jld4BXBx60InSrwxPCF87JLbIbF3LXIN628l
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/sinclairgamdisplay488716798718/ Frame 8D6E 297 KB
101 KB 20ms
19ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/sinclairgamdisplay488716798718/moatad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 18482c4dca61963f3d8a1051c1dd614a6965ca11d0bc91f0e4177b3b8e807ee2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:46:55 GMT
server: AmazonS3
x-amz-request-id: PW6DW83E825GE3N7
etag: "9916f5d8e07e94c1b954389710ee0308"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7729
accept-ranges: bytes
content-length: 102917
x-amz-id-2: 71l7PZ4opcBn6mPpG0IjrF4M4EoH3Eq5QffNTPhWy9deCNd0GFKbLBfvd/ESHEWi+sZEoT792wY=

GET
H2 200 bl-f821a95-1aae0ef7.js Show response
tagan.adlightning.com/sinclair/ Frame CC2F 50 KB
21 KB 8ms
6ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 476c70c95b16df5cd849f9dc2b5219eee9791f602003f94b1654a9696bcaa8c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:03:29 GMT
content-encoding: gzip
age: 41382
x-cache: Hit from cloudfront
content-length: 21318
x-amz-meta-git_commit: f821a95
last-modified: Wed, 24 Nov 2021 15:50:57 GMT
server: AmazonS3
etag: "605b049b64a3dc8bedcf152efc00abe4"
x-amz-version-id: HuWSiqWAMb_raiLtURkjQJWys0W.So9B
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: AXyeDu2Lpq7HfGbzrLiqSgStb4gZa8bfQlWVxo6FUZXBXROT2foG_A==

GET
H2 200 b-7b120a5-ebd334a1.js Show response
tagan.adlightning.com/sinclair/ Frame CC2F 73 KB
28 KB 9ms
7ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-7b120a5-ebd334a1.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e66fcfb6655ac69375c24dd35af572165a73aaed333d43c51deabded43364e45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:44:13 GMT
content-encoding: gzip
age: 7253338
x-cache: Hit from cloudfront
content-length: 28199
x-amz-meta-git_commit: 7b120a5
last-modified: Wed, 11 Aug 2021 19:01:26 GMT
server: AmazonS3
etag: "1ce9d67017772e830c4282816833403a"
x-amz-version-id: 44g9Lj_ljqlpdIqVOUl.lUgQ4IUU3iUf
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: DAcmSRa3gKqnFYp4_wNJNYzu4wfl31NSdDqUNwh4FnSNu4L0LzF8oA==

GET
H3 200 15907125647384796734
tpc.googlesyndication.com/simgad/ Frame CC2F 9 KB
9 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15907125647384796734

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11594dc2e8e18000fe2fbfc2d1b982f2663b86872cb3c08dcb139e982ab335d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 11:00:14 GMT
x-content-type-options: nosniff
age: 59576
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9327
x-xss-protection: 0
last-modified: Thu, 24 May 2018 21:06:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 11:00:14 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame CC2F 2 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 03:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC2F 119 KB
36 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Nov 2021 03:33:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CC2F 0
0 40ms
25ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTfgYrHS1xA3FOKUd60JabMqkuxzaTkIzxwfH9qV0eokGAzrAIVQByYVpptKeGztUDThVGN
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/sinclairgamdisplay488716798718/ Frame CC2F 297 KB
101 KB 21ms
20ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/sinclairgamdisplay488716798718/moatad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 18482c4dca61963f3d8a1051c1dd614a6965ca11d0bc91f0e4177b3b8e807ee2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:46:55 GMT
server: AmazonS3
x-amz-request-id: PW6DW83E825GE3N7
etag: "9916f5d8e07e94c1b954389710ee0308"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7729
accept-ranges: bytes
content-length: 102917
x-amz-id-2: 71l7PZ4opcBn6mPpG0IjrF4M4EoH3Eq5QffNTPhWy9deCNd0GFKbLBfvd/ESHEWi+sZEoT792wY=

GET
H2 200 bl-f821a95-1aae0ef7.js Show response
tagan.adlightning.com/sinclair/ Frame 08CF 50 KB
21 KB 10ms
6ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 476c70c95b16df5cd849f9dc2b5219eee9791f602003f94b1654a9696bcaa8c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:03:29 GMT
content-encoding: gzip
age: 41382
x-cache: Hit from cloudfront
content-length: 21318
x-amz-meta-git_commit: f821a95
last-modified: Wed, 24 Nov 2021 15:50:57 GMT
server: AmazonS3
etag: "605b049b64a3dc8bedcf152efc00abe4"
x-amz-version-id: HuWSiqWAMb_raiLtURkjQJWys0W.So9B
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: B62Z0zMyMRhg5Uf0fzyfffZUowi2wGPqLlfAbg3ew5MNnSVxKo4rog==

GET
H2 200 b-7b120a5-ebd334a1.js Show response
tagan.adlightning.com/sinclair/ Frame 08CF 73 KB
28 KB 10ms
7ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-7b120a5-ebd334a1.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e66fcfb6655ac69375c24dd35af572165a73aaed333d43c51deabded43364e45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:44:13 GMT
content-encoding: gzip
age: 7253338
x-cache: Hit from cloudfront
content-length: 28199
x-amz-meta-git_commit: 7b120a5
last-modified: Wed, 11 Aug 2021 19:01:26 GMT
server: AmazonS3
etag: "1ce9d67017772e830c4282816833403a"
x-amz-version-id: 44g9Lj_ljqlpdIqVOUl.lUgQ4IUU3iUf
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: mscjpHAjOtZ4JVeTMW1kVDIcpySNAC_i4JAg6Ibtuj2YYcxvez0CEA==

GET
H3 200 3223866404663009991
tpc.googlesyndication.com/simgad/ Frame 08CF 160 KB
161 KB 12ms
10ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3223866404663009991

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96bcf5ffac4c621f4077f7cf6908bc24d37274cc8dfd5e254e8779a2b5d0218a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 20:07:50 GMT
x-content-type-options: nosniff
age: 113120
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164331
x-xss-protection: 0
last-modified: Thu, 24 May 2018 21:05:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Nov 2022 20:07:50 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 08CF 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 03:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 08CF 119 KB
36 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Nov 2021 03:33:10 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/sinclairgamdisplay488716798718/ Frame 08CF 297 KB
101 KB 28ms
25ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/sinclairgamdisplay488716798718/moatad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 18482c4dca61963f3d8a1051c1dd614a6965ca11d0bc91f0e4177b3b8e807ee2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:46:55 GMT
server: AmazonS3
x-amz-request-id: PW6DW83E825GE3N7
etag: "9916f5d8e07e94c1b954389710ee0308"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7729
accept-ranges: bytes
content-length: 102917
x-amz-id-2: 71l7PZ4opcBn6mPpG0IjrF4M4EoH3Eq5QffNTPhWy9deCNd0GFKbLBfvd/ESHEWi+sZEoT792wY=

GET
H2 200 bl-f821a95-1aae0ef7.js Show response
tagan.adlightning.com/sinclair/ Frame DBC3 50 KB
21 KB 8ms
5ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 476c70c95b16df5cd849f9dc2b5219eee9791f602003f94b1654a9696bcaa8c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:03:29 GMT
content-encoding: gzip
age: 41382
x-cache: Hit from cloudfront
content-length: 21318
x-amz-meta-git_commit: f821a95
last-modified: Wed, 24 Nov 2021 15:50:57 GMT
server: AmazonS3
etag: "605b049b64a3dc8bedcf152efc00abe4"
x-amz-version-id: HuWSiqWAMb_raiLtURkjQJWys0W.So9B
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: NyMqVDRvO8Q58mnhVd2YKobLavhw_PfiVPNx_KoFxxeZedhXuaXYcw==

GET
H2 200 b-7b120a5-ebd334a1.js Show response
tagan.adlightning.com/sinclair/ Frame DBC3 73 KB
28 KB 10ms
6ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-7b120a5-ebd334a1.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e66fcfb6655ac69375c24dd35af572165a73aaed333d43c51deabded43364e45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:44:13 GMT
content-encoding: gzip
age: 7253338
x-cache: Hit from cloudfront
content-length: 28199
x-amz-meta-git_commit: 7b120a5
last-modified: Wed, 11 Aug 2021 19:01:26 GMT
server: AmazonS3
etag: "1ce9d67017772e830c4282816833403a"
x-amz-version-id: 44g9Lj_ljqlpdIqVOUl.lUgQ4IUU3iUf
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: tu0j78WxQ0-08EccUO0LC63N4XDD4rlZ2AEttnb9VWQJNU1VxSg--A==

GET
H3 200 10643163527454411975
tpc.googlesyndication.com/simgad/ Frame DBC3 10 KB
10 KB 20ms
18ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10643163527454411975

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01b71a031909d51853eafb724e1949dc67c0cb02201d724455d0800ab6375c25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 20:04:09 GMT
x-content-type-options: nosniff
age: 113341
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10341
x-xss-protection: 0
last-modified: Thu, 24 May 2018 21:06:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Nov 2022 20:04:09 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame DBC3 2 KB
1 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 03:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DBC3 119 KB
36 KB 36ms
33ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Nov 2021 03:33:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DBC3 0
0 32ms
24ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5Odb8KdbSi6b1F-oaCG7__uGQy07uh0JyQ6IBlWNni8r2u0o8oZ8LyaxuJClBsdEyvGpA
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/sinclairgamdisplay488716798718/ Frame DBC3 297 KB
101 KB 35ms
31ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/sinclairgamdisplay488716798718/moatad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 18482c4dca61963f3d8a1051c1dd614a6965ca11d0bc91f0e4177b3b8e807ee2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:46:55 GMT
server: AmazonS3
x-amz-request-id: PW6DW83E825GE3N7
etag: "9916f5d8e07e94c1b954389710ee0308"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7729
accept-ranges: bytes
content-length: 102917
x-amz-id-2: 71l7PZ4opcBn6mPpG0IjrF4M4EoH3Eq5QffNTPhWy9deCNd0GFKbLBfvd/ESHEWi+sZEoT792wY=

GET
H2 200 bl-f821a95-1aae0ef7.js Show response
tagan.adlightning.com/sinclair/ Frame 3922 50 KB
21 KB 13ms
6ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 476c70c95b16df5cd849f9dc2b5219eee9791f602003f94b1654a9696bcaa8c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:03:29 GMT
content-encoding: gzip
age: 41382
x-cache: Hit from cloudfront
content-length: 21318
x-amz-meta-git_commit: f821a95
last-modified: Wed, 24 Nov 2021 15:50:57 GMT
server: AmazonS3
etag: "605b049b64a3dc8bedcf152efc00abe4"
x-amz-version-id: HuWSiqWAMb_raiLtURkjQJWys0W.So9B
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: fnCWr_FpYbSro1NKzf04gTQ7gebVcjLmqmbAig9y_OSK2a6i2Wm5kw==

GET
H2 200 b-7b120a5-ebd334a1.js Show response
tagan.adlightning.com/sinclair/ Frame 3922 73 KB
28 KB 16ms
3ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-7b120a5-ebd334a1.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e66fcfb6655ac69375c24dd35af572165a73aaed333d43c51deabded43364e45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:44:13 GMT
content-encoding: gzip
age: 7253338
x-cache: Hit from cloudfront
content-length: 28199
x-amz-meta-git_commit: 7b120a5
last-modified: Wed, 11 Aug 2021 19:01:26 GMT
server: AmazonS3
etag: "1ce9d67017772e830c4282816833403a"
x-amz-version-id: 44g9Lj_ljqlpdIqVOUl.lUgQ4IUU3iUf
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: ANsjR0AfiXu1b-toNGI0KlDcnsjOILZmJoTigIoTjZ3803yDrdKvCA==

GET
H3 200 4273576272102842184
tpc.googlesyndication.com/simgad/ Frame 3922 145 KB
145 KB 21ms
18ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4273576272102842184

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59995cfe0635bdbc4a449abbefe936c2d096988500a712e9b3a19e7450c0de72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:41:29 GMT
x-content-type-options: nosniff
age: 78701
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148595
x-xss-protection: 0
last-modified: Thu, 24 May 2018 21:04:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 05:41:29 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 3922 2 KB
1 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 03:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3922 119 KB
36 KB 39ms
35ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Nov 2021 03:33:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3922 0
0 29ms
25ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgYczfvtoy1G4XVFA5yBiFpz0HrYuQMWOMZhfAoTi79xdR6kDWrsaPpiMuNXhz-23_r0Fm
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/sinclairgamdisplay488716798718/ Frame 3922 297 KB
101 KB 44ms
32ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/sinclairgamdisplay488716798718/moatad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 18482c4dca61963f3d8a1051c1dd614a6965ca11d0bc91f0e4177b3b8e807ee2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:46:55 GMT
server: AmazonS3
x-amz-request-id: PW6DW83E825GE3N7
etag: "9916f5d8e07e94c1b954389710ee0308"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7729
accept-ranges: bytes
content-length: 102917
x-amz-id-2: 71l7PZ4opcBn6mPpG0IjrF4M4EoH3Eq5QffNTPhWy9deCNd0GFKbLBfvd/ESHEWi+sZEoT792wY=

GET
H2 200 bl-f821a95-1aae0ef7.js Show response
tagan.adlightning.com/sinclair/ Frame AF15 50 KB
21 KB 21ms
6ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 476c70c95b16df5cd849f9dc2b5219eee9791f602003f94b1654a9696bcaa8c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:03:29 GMT
content-encoding: gzip
age: 41382
x-cache: Hit from cloudfront
content-length: 21318
x-amz-meta-git_commit: f821a95
last-modified: Wed, 24 Nov 2021 15:50:57 GMT
server: AmazonS3
etag: "605b049b64a3dc8bedcf152efc00abe4"
x-amz-version-id: HuWSiqWAMb_raiLtURkjQJWys0W.So9B
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: lQRrlwP82Sc8Iff9yMzinGXCxcyLgeBwWr0dH9-rE22GywQo2Btjag==

GET
H2 200 b-7b120a5-ebd334a1.js Show response
tagan.adlightning.com/sinclair/ Frame AF15 73 KB
28 KB 26ms
7ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-7b120a5-ebd334a1.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e66fcfb6655ac69375c24dd35af572165a73aaed333d43c51deabded43364e45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:44:13 GMT
content-encoding: gzip
age: 7253338
x-cache: Hit from cloudfront
content-length: 28199
x-amz-meta-git_commit: 7b120a5
last-modified: Wed, 11 Aug 2021 19:01:26 GMT
server: AmazonS3
etag: "1ce9d67017772e830c4282816833403a"
x-amz-version-id: 44g9Lj_ljqlpdIqVOUl.lUgQ4IUU3iUf
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: dC5-ta1-kP2YJlYFfqAeDuDWXKAKp8MTN-MZv_TKj_mkzZLMY2P_KQ==

GET
H3 200 4047310643164758190
tpc.googlesyndication.com/simgad/ Frame AF15 79 KB
79 KB 35ms
26ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4047310643164758190

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b4f4b370a2e53166e0b2bc151ace1925abab5585de6a19c2bf71263c04e0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:59:06 GMT
x-content-type-options: nosniff
age: 120844
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81075
x-xss-protection: 0
last-modified: Thu, 24 May 2018 21:05:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Nov 2022 17:59:06 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame AF15 2 KB
1 KB 34ms
25ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 03:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF15 119 KB
36 KB 48ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Nov 2021 03:33:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AF15 0
0 30ms
21ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQE9N_47Iu7_SG5tPyZXUrEF_B9dOFkeIbP47NZZm1Rj2qkR4TU-DVUvZ2Iu4RR9u60vc-B
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/sinclairgamdisplay488716798718/ Frame AF15 297 KB
101 KB 42ms
24ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/sinclairgamdisplay488716798718/moatad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 18482c4dca61963f3d8a1051c1dd614a6965ca11d0bc91f0e4177b3b8e807ee2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:46:55 GMT
server: AmazonS3
x-amz-request-id: PW6DW83E825GE3N7
etag: "9916f5d8e07e94c1b954389710ee0308"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7729
accept-ranges: bytes
content-length: 102917
x-amz-id-2: 71l7PZ4opcBn6mPpG0IjrF4M4EoH3Eq5QffNTPhWy9deCNd0GFKbLBfvd/ESHEWi+sZEoT792wY=

GET
H2 200 bl-f821a95-1aae0ef7.js Show response
tagan.adlightning.com/sinclair/ Frame 7DB2 50 KB
21 KB 25ms
8ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 476c70c95b16df5cd849f9dc2b5219eee9791f602003f94b1654a9696bcaa8c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:03:29 GMT
content-encoding: gzip
age: 41382
x-cache: Hit from cloudfront
content-length: 21318
x-amz-meta-git_commit: f821a95
last-modified: Wed, 24 Nov 2021 15:50:57 GMT
server: AmazonS3
etag: "605b049b64a3dc8bedcf152efc00abe4"
x-amz-version-id: HuWSiqWAMb_raiLtURkjQJWys0W.So9B
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: pwNbh-6Nw_CQUqJQw45lMXuwSaOpxIc1UtVTCcRBCsZyGIU3bJPEBQ==

GET
H2 200 b-7b120a5-ebd334a1.js Show response
tagan.adlightning.com/sinclair/ Frame 7DB2 73 KB
28 KB 22ms
5ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-7b120a5-ebd334a1.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e66fcfb6655ac69375c24dd35af572165a73aaed333d43c51deabded43364e45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:44:13 GMT
content-encoding: gzip
age: 7253338
x-cache: Hit from cloudfront
content-length: 28199
x-amz-meta-git_commit: 7b120a5
last-modified: Wed, 11 Aug 2021 19:01:26 GMT
server: AmazonS3
etag: "1ce9d67017772e830c4282816833403a"
x-amz-version-id: 44g9Lj_ljqlpdIqVOUl.lUgQ4IUU3iUf
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 7Wx-eWjiHGTGbmgjYUKlkMAx2rj7shA8i-7jLThz7If_4k1Xni1Q-Q==

GET
H3 200 6403702872632055968
tpc.googlesyndication.com/simgad/ Frame 7DB2 102 KB
103 KB 35ms
29ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6403702872632055968

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ccf45d87848931d93f80bcf785ac3434fa66944f048171efa055935400120a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 11:16:09 GMT
x-content-type-options: nosniff
age: 58621
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104935
x-xss-protection: 0
last-modified: Thu, 24 May 2018 21:05:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 11:16:09 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 7DB2 2 KB
1 KB 34ms
29ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 03:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7DB2 119 KB
36 KB 42ms
36ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Nov 2021 03:33:10 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/sinclairgamdisplay488716798718/ Frame 7DB2 297 KB
101 KB 43ms
27ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/sinclairgamdisplay488716798718/moatad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 18482c4dca61963f3d8a1051c1dd614a6965ca11d0bc91f0e4177b3b8e807ee2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:46:55 GMT
server: AmazonS3
x-amz-request-id: PW6DW83E825GE3N7
etag: "9916f5d8e07e94c1b954389710ee0308"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7729
accept-ranges: bytes
content-length: 102917
x-amz-id-2: 71l7PZ4opcBn6mPpG0IjrF4M4EoH3Eq5QffNTPhWy9deCNd0GFKbLBfvd/ESHEWi+sZEoT792wY=

GET
H2 200 bl-f821a95-1aae0ef7.js Show response
tagan.adlightning.com/sinclair/ Frame AD8E 50 KB
21 KB 23ms
9ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/bl-f821a95-1aae0ef7.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 476c70c95b16df5cd849f9dc2b5219eee9791f602003f94b1654a9696bcaa8c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:03:29 GMT
content-encoding: gzip
age: 41382
x-cache: Hit from cloudfront
content-length: 21318
x-amz-meta-git_commit: f821a95
last-modified: Wed, 24 Nov 2021 15:50:57 GMT
server: AmazonS3
etag: "605b049b64a3dc8bedcf152efc00abe4"
x-amz-version-id: HuWSiqWAMb_raiLtURkjQJWys0W.So9B
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: iY8pHhS6cUVRM6gFXsT6vZZqBbzRQ-ER8DpJI6onx2QqV1yqMrZsjA==

GET
H2 200 b-7b120a5-ebd334a1.js Show response
tagan.adlightning.com/sinclair/ Frame AD8E 73 KB
28 KB 23ms
2ms Script
application/javascript 65.9.71.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-7b120a5-ebd334a1.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e66fcfb6655ac69375c24dd35af572165a73aaed333d43c51deabded43364e45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 04:44:13 GMT
content-encoding: gzip
age: 7253338
x-cache: Hit from cloudfront
content-length: 28199
x-amz-meta-git_commit: 7b120a5
last-modified: Wed, 11 Aug 2021 19:01:26 GMT
server: AmazonS3
etag: "1ce9d67017772e830c4282816833403a"
x-amz-version-id: 44g9Lj_ljqlpdIqVOUl.lUgQ4IUU3iUf
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: RYDcK45i8vFYKrOOL1pxtz22-deFSB3T1GkH6z4ISk13_59McwKTPg==

GET
H3 200 10946030100290503645
tpc.googlesyndication.com/simgad/ Frame AD8E 10 KB
10 KB 35ms
23ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10946030100290503645

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fca3582f673d514334ce9ad28afa43d1af5505f56e04a29f92e8f316f6b2daac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 23:21:31 GMT
x-content-type-options: nosniff
age: 101499
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10710
x-xss-protection: 0
last-modified: Thu, 24 May 2018 20:46:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Nov 2022 23:21:31 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame AD8E 2 KB
1 KB 34ms
23ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 03:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD8E 119 KB
36 KB 46ms
35ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Nov 2021 03:33:10 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/sinclairgamdisplay488716798718/ Frame AD8E 297 KB
101 KB 40ms
19ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/sinclairgamdisplay488716798718/moatad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 18482c4dca61963f3d8a1051c1dd614a6965ca11d0bc91f0e4177b3b8e807ee2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:10 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:46:55 GMT
server: AmazonS3
x-amz-request-id: PW6DW83E825GE3N7
etag: "9916f5d8e07e94c1b954389710ee0308"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7729
accept-ranges: bytes
content-length: 102917
x-amz-id-2: 71l7PZ4opcBn6mPpG0IjrF4M4EoH3Eq5QffNTPhWy9deCNd0GFKbLBfvd/ESHEWi+sZEoT792wY=

GET
H2 200 get
consent.trustarc.com/ Frame F9C4 3 KB
4 KB 7ms
7ms Image
image/png 13.35.253.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/get?name=trustarc-without-truste-logo-xs.png
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-115.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: a7f60c416ef0c514645c9bc69a03326657377f6678019cf7e6a8e813a6606ebb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Wed, 24 Nov 2021 09:15:06 GMT
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
server: nginx
age: 65884
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
content-length: 3312
x-amz-cf-id: zye03y2YjGsXpVyTG_VJSNb5wQthXV0ETvNA6KGwjdj1SxS9gN5-tQ==
expires: Fri, 24 Dec 2021 09:15:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F418 0
0 42ms
42ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHHy5dIvMVRv3HigkSkkwIj4PHrOVMk7b28blU4upU7vXBYcVnKBWQEGO6CO5QJdR57mGboPd3DODWfWpi_5XWK4sDanq0IjVUjDLlkZnblsWyE_AqF_Ph1nFcyF-krADPtdJZEWuafTlzVDy7GXCOUH4e-SahjinLuVyrcilEgOq7TWxI4DO4IplfvOU2mGFlEztdLMA1ZyEyYY40TGw45y5Yf6XFMkk7M8ny26m4o-CoEbHv-rBTLg69-g9vri15PzMO-m3u-iltKd6kbJuwNa-6nMHVIH9TgQE8tzrYV5eSeQ&sig=Cg0ArKJSzGuDaD0EY3YCEAE&uach_m=[UACH]&adurl=

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1578 0
0 52ms
51ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1ePzp6Ryh2JrUb2yBv3LvNK6tlZEBRhRa4Uyg53W9_ur6PNo8FMj6ePByFN_zUTZ0TdHIpY_6b7Hby8fLR3QFf5Q87t9lmmSTZp4YHvHp2eM-lRs0-LP-UMEi9Yf6_KKVs_2r7a9g-wsyi5zQhc9C-X80EPhbjJCHWUglHLLl5jqSiY6urXx5sxHMNaTpCmTZW7mNXLoARgDw0oZWWyA1NCV18NKmzg4VKdTl6bJQfWO3tL9HeCkYRVaPzLvNmdJ-K2mr_6FI7HgCEMHMmZ0PE_hEW-AGVE-doAEDAr1V7-zFug&sig=Cg0ArKJSzCELwZEdWt3CEAE&uach_m=[UACH]&adurl=

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F418 0
0 43ms
43ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8YKwHpMovKXGvD-nXZexFMmOLWKv-D-8IX9le5tkb8iI6UC_UPj1YAt6uG5UZ9KUWu2q8DHwbXHvGbOSqwCdvxkfmUGrMS4aKYxdqLHh3b4C7cxfRJAhu9LWZBrzrCF6rOxULq1k2DRowX9v8bhjU-oyCjkjeG_yshZVR4cva67WonD3wYRhekkHX5E5uinVDgJYVa6DTPrBEiv3uF2GlMalWVy_Dp1XSKpTeja5ZaB14vDAUSFSlNRcIEFRfSYG7WQuMllbTZQLutH3b1zMrnbQtbEd_SHanRZV5nzsNJnNdzlNL&sig=Cg0ArKJSzD1BqPucUk0fEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 25 Nov 2021 03:33:11 GMT

GET
DATA 200
OK truncated
/ Frame F418 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f4433ffa0e14d736310bc827eb2e6460081c6b997e6c92833ad73c6cfac5293

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=SINCLAIR_GAM_DISPLAY1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1637811191074&de=10752978503&m=0&ar=553ffc12ef5-clean&iw=321a0a7&q=2&cb=0&ym=0&cu=1637811191074&ll=2&lm=0&ln=1&em=0&en=0&d=92725138%3A2316137404%3A4685377161%3A138234256527&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&bo=84109138&bd=97476178&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&gw=sinclairgamdisplay488716798718&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2382%3A2800%3A0%3A2735&fs=195402&na=1777038006&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1578 0
0 43ms
42ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfPwLm8HU23muaXFAp6CUqqsC0GfNPoEQlZ7ii5iotqvRiyYyH-DCmBDlmtqRfD0oIGUxe_QJ38yErf7IJ5nrCLjuBA8MClMBE-tvcOnDvGYNEk8K9gVDbSf2LWbh9hpouUKOoXNBQj8_V4RQpLCNx5S8dXFYO5qIcjY4PNYATSYuhZVjx9MJ9oe6nhRP2R0aY0Si9xUCp7MBxAH84aCaU2P1gAD07jCH9iB_VmWjnPXSILsNVacAxSUAn6s0kQBsKwJ21SQKSs-fOtzm0zbwvSxO_VrTEsuqTCiaMbdR0jgbzJ5ud&sig=Cg0ArKJSzJvEoa_yVChOEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 25 Nov 2021 03:33:11 GMT

GET
DATA 200
OK truncated
/ Frame 1578 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 377e109ab82564e1f37538bbdf6fd833456f496947382279930dbb151abd3eb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 publishertag.prebid.105.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 75ms
22ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:11 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:30 GMT
server: nginx
etag: W/"6034e04e-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Nov 2021 03:33:11 GMT

GET
H2 200 body_wh.svg
sinclairstoryline.com/resources/defaults/userway/widgetapp/images/ 931 B
1 KB 218ms
218ms Image
image/svg+xml 143.204.207.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinclairstoryline.com/resources/defaults/userway/widgetapp/images/body_wh.svg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-16.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:12 GMT
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
last-modified: Mon, 08 Feb 2021 18:25:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "2ec2767a3bb93656fb9b75c893d7be75"
x-cache: Miss from cloudfront
x-amz-version-id: nQl5sRsEJEbheL_iOJ7wYUJYmVz__yDQ
x-amz-replication-status: FAILED
x-amz-meta-version-id: qAnohPBcCxyocXuHNNF_62TLMlyHrvhl
accept-ranges: bytes
content-type: image/svg+xml
content-length: 931
x-amz-cf-id: -RxNzMoioJpXRB6sif7R_LdOUEoib_9ApY_65pzsqHHUs5VZ99nnNA==
x-amz-meta-replication-status: FAILED

GET
H2 200 spin_wh.svg
sinclairstoryline.com/resources/defaults/userway/widgetapp/images/ 2 KB
1 KB 655ms
655ms Image
image/svg+xml 143.204.207.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinclairstoryline.com/resources/defaults/userway/widgetapp/images/spin_wh.svg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-16.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-encoding: gzip
last-modified: Mon, 08 Feb 2021 18:25:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: L9ua6mJmNKU5KfZ4zE7wO9MNRc6jAUEg
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-replication-status: FAILED
x-amz-meta-version-id: 4vPru6ViciXxe4dOepcM1VHca3QQzOez
content-type: image/svg+xml
x-amz-cf-id: 2U6g43wzOOWmN1gHTCkKEvbfWHCyen-d1oMsEevoJi-VppHbyHzr_g==
x-amz-meta-replication-status: FAILED

GET
H2 200 pixel.gif
px.moatads.com/ Frame B5A7 43 B
260 B 19ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-lVeP6LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-93xD4bI%2F0rYACQ%3D%3D&sc=1&os=1-Bg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=85&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=75&w=75&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Ffox42kptm.com&lp=https%3A%2F%2Ffox42kptm.com&t=1637811190283&de=993355233502&cu=1637811190283&m=1268&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=91&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A738%3A738%3A1276%3A934&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1259&cd=46&ah=1259&am=46&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685417928%3A138234381034&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1027188598&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:11 GMT

GET
H2 200 4.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/CA997B588C0A4B4B220B823E359467E4/ Frame F9C4 41 KB
13 KB 8ms
8ms XHR
application/javascript 143.204.207.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/CA997B588C0A4B4B220B823E359467E4/4.cache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-43.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: dca9b65504d9a14428e18225397c1ec1aacd0a4a06001311c425deb8fb3fa7b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 01:18:16 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 15:33:34 GMT
server: nginx
age: 1131295
etag: W/"41615-1633534414000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: qBJY_7p4m2vzYVV_UCSfxHQgP_k4Tzx2OxHns-U5UBnSQJxEc6tpDA==
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D6E 0
0 42ms
42ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEVN2n3s8-diGfU53nceonWX1uEjyxR4WNJFywizJzAvNgIKUFGJZJcXyqYK96XftPcPHMmX9nVXEXofNFvlpuiBIME4WgRtMcwB9cUDk_ZIHWiemA1FmmUNe5ABnbM0GH2onQROhNl102smn60ygRzVb_uqSOlSZ9o9L9peYY2w7kdqAd9ShxoNszk32XpKmPASoJQ61AKGqJpTneGPslsDA5nl1XIgCx4unuhiFIgwqYfv1EUSK-zhcdx_GN3qtjl5_gVRturaQ6SFaKNXbVVMlAFHuyYk2WPi6GZ3z3mxKw9g&sig=Cg0ArKJSzKTuAxWo9m3WEAE&uach_m=[UACH]&adurl=

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 08CF 0
0 43ms
43ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssf7oCF9wVGaiJBzi1WSLSeuRb2RzHl0mmVI42OX2-esWIhNDU7N3It7kkcJHoscjCaqXuAAIdNfmTrLanpNoNouzoiLNEc6vteUetWiU0CcgQDJdeR-oudRjR49qr0aqwGMfyb7bB-z6NwnyXZV7ftq-mtdD44B8vKxazOhJ3Raq9buw-yYyzYosBJ3MaWL_kmAhWz9pWdrkr_TSyIXAjcfls-rE2Zsy4l7u5iSgO-sDkf_QXFS_2TwJZniVUtFpdoAP_VpJFSV9IknSaTYVemcq8uSbUKMefOsCRPQ9JxARP-lw&sig=Cg0ArKJSzJ6Yrip6hTrMEAE&uach_m=[UACH]&adurl=

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CC2F 0
0 43ms
42ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjXhI3cPIymKwx-IOCbVZmFmo4dTRYPLrW2k_Sml_lZR3fGWoWDewBjcVyQy4R7QNtbpf3cNnt5BSI3CnemvT3EKs0CJKlHLlUl-U8lp6eHZZsoIFBiwNRWzZycg0QQ_Ab5EOWSQoFitYGmuLBij0SWo-JMiSiIqKtxLLjujEAS7GoxemAFALFqtKQWMSMzjZSaya_J1IURcTurEnE83GHTw8vGYUu-qgWyOlJ1PGc3xFiMf_8O-ypxnpYNE0X9r2klgjFOeIdBSTM_6ykF7T4fH6vq8L-NHOLDlqebjRzTAiodA&sig=Cg0ArKJSzKnuh0a7xn8wEAE&uach_m=[UACH]&adurl=

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CC2F 0
0 44ms
44ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7w7I_lfubiJKIh-EWTTYRpmwAKgg2sdDmZmez-TyrpBbHEq7Ax6CtPhQwXA5Tkvy0I6pfkOVvZBULezgnw_If_2liBvEE6Zn6HzeL_0jkPSLvGeuaQohb5WTH4wSFOR_L0DtwBWal1AfdlGnXW33UAsU6XQG8z9k3PVUCLBcSvym2PwgaXkYl7WzkFdg7D1Uw-4XzQ9qqfwP3Lglm2E1KvnNIrdzgl3jdqmIXDSG3BMAxbgEgU3XRoI0i53LaabWnbxzH7sLAiD5GxIN1ZcirEDlYySMQo18kwuqLczXsjcBOrjOf&sig=Cg0ArKJSzJ8c2PFPrycgEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 25 Nov 2021 03:33:11 GMT

GET
DATA 200
OK truncated
/ Frame CC2F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4019c33e479980518d178e228bf20e95d179354a519c8ed590ca2f08d17986f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D6E 0
0 44ms
44ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvr2pmhAf8iwlEzJs2h6bQbjynNwBJs1f9CUbUOnSorX3Q8LWeqD-e0PiFEMOS6zXGN0A2KUtw-qj782FM30pP15alHtBScrpg87AQrin08XtDozWUUGpKVMtJhBLlIFQyosvjOv1KKx57AGk-UwV9w7cYDGbYr3GuejKMX8MI5lIItgBwWck06VRff4-oPw4vvECdAhMoPsvc-FuVE7BrWrh5jstfrdWhr87d38xclEG50MdH5R3i7xa7vOXU0RNK5Tc3Ph-FiLV-6CIdCpGIFGRDkzs0RlvcNhag0Vayjew0Yx4c&sig=Cg0ArKJSzN1ev6gzpWd4EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 25 Nov 2021 03:33:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 08CF 0
0 42ms
42ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPms3Fer4vs467nafDEo4EDb4mIM74aymi76MKgrt957S7p6adYRTlYt8YOuo8qH4Gl19tatATydwZ80KZo1guJZ7B7XLjGkmOAvfdS5M71wFLFHDViCo2Y_2s1rZCiXxYNqgNpxPldZeA_ds7rxsOMgP88eeIjE5hiff7Jkz_2S-6bYKN5TOaY-ghlXcFARDX9WJ0EYxCmr37jdk7YVxcnsbBeo_oH_DvXGqZ44xtUNPrF2bU46kwjkiQmeoeLcaQzelPowf7kRTeTH2UDfAEKAUSekLnd4i1csTBGjjNWHzzdOGp&sig=Cg0ArKJSzJuzR9EeVeMcEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 25 Nov 2021 03:33:11 GMT

GET
DATA 200
OK truncated
/ Frame 8D6E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7f6c71c3e607139537b1095cd5b7109640b8e52abc2c5fbcd1d769ba10968c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 08CF 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8277844693f0dc8ecd76e2300fafb759c8d40380b7067849fcced7547c0b7e01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DBC3 0
0 42ms
41ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3L4xiQTfJd7LBMfVEtZUXWB1wpCn1JlrSiWb5yCpxYO1XCpOyTohLrQv93PtvYSU3UxZCECcNoZ_xPR6BmRCc1HeP9HqWrkmo6dohtWuw01_Mhgp2W-iwyj0S-W27UY6DIja6nv-WaHZPh9AbKA8AJpRuUYKplWZmt7HwByjY3SR8mdwlHeXpH37tB9J8BMxL6esDoY_B5dOb4ATGbIyAs9V2dYyjdgXCoktU2p6ERwZbAQhbcXfuCDhpYKJ8gbNd3QBrwus-f848qIIoYE74WjmdRvZMDHYTEsbXSHYrThq2Sg&sig=Cg0ArKJSzPfhhf0VCHhCEAE&uach_m=[UACH]&adurl=

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3922 0
0 46ms
45ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssiY7mTsBTtr-Vk3slqGn7DiZmY5yJEROWywMknNfT75YBp0G__nsmAkOcJGvn_ZP4h1YL_OlSTFotI4st3_1ArZSxy_ILZtG9qTSyQmJZiohIIJUuS3klyU3nas-nYRPtpcbm_B8vLhab0B3vwWLwfUOqO4faO8PNOg8jIJcR7jEnHHLCQEWtEMtjzjZsJZtv9PTfnos1NQP8Jq17QVQYK1rkOzMIasHzXi3DEvohhm_pN5SrVEWxLYLVTTc2eKo8gGve7rislabG22tm2KDXisZwjJzT4mF1EB_3vjnYRiZdlxA&sig=Cg0ArKJSzB5oussH_zq7EAE&uach_m=[UACH]&adurl=

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7DB2 0
0 43ms
43ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQ_KgnAzPhm4SKJJ_htZ2mG5TVtoJt5e_eGtHz_PbLCQZfGSxzIQWvcRc-yYYX8nvim_PrQEXwdpGppTkg-BZ3gCwFSEgtHvjwjbn7wFDiqKSMji9-8lctoVDQRKPJqcKxJ3pQFytwRFKPWaJuThoJXLBaNf96_yDWFh2xdFdOZn0D-n5K0LfS0TlWWq8usLzaz0utFPvl-WjoE9Fv3dq2Y_KiW8yeyCQKvmjN-XvkOkhrGNFjGWJ2ZAdpQ_jGDhjZOwXCC5RHtI3ehKy0AKmFbUND6nLbD2mz-OwCUHlF8uYn_Q&sig=Cg0ArKJSzM1xZxu82m1aEAE&uach_m=[UACH]&adurl=

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AF15 0
0 43ms
43ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1ExfINqDsJLsw-BSw73Imm0ODsqPSX-mWxstNVTeKxsmhnQ0xdyRxvEzMT3KPBeZR8AMhRgM2F5fx2Hnl0tGVBcAhy8j48Q-q0VGWgrM_sSA1Zpks3yBx1kUMyt_wUlbfx2EfvWkitP8ebMSoKvsaopXJN-f2T031HSQKY4YAEUL4Faz3cdkPOn_MvEKR6kNDQCpduTGgh-05STrEs8w0OcPvj337erjo6r59EobQCHWDrnSxMWs_WQcBQSAcBUnW99a3Gt4ukTHzr1a8Ov5E-sn9RvObid__acreVR19O2om5Q&sig=Cg0ArKJSzLOAmuUtuOWmEAE&uach_m=[UACH]&adurl=

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AF15 0
0 45ms
45ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQKRyMr15LmYdhO0vEsUAsqdyEsbNmXGUzqgfsXqXB5TPZSZC_hJunvAl-HMF9EjLvhtmv94YP_7w65aFJYsWbTR5p1lvAvD-_5XK-KYCYLE_UAgipLlMRU4XOVBVnRp5k09x8pfR025ZCeQBJx0hu31mmfl07PhvgnDsra7A2NmCc7PzEjkmi3eJVeOBK1azFegU4qiir6rQKIwv0vaQiiS_sY7fYqtT9XElLTczjdsurkYUtlvg3k9p70TC9Mg01rTasGLCO2N5_Q-FKqOWaj9MX8g5uVQv87Ujm0jbKTunh6LMs&sig=Cg0ArKJSzHw5we0vOHAhEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 25 Nov 2021 03:33:12 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7DB2 0
0 41ms
41ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhIMuFt3o_KMcDlEpND-jLrKONfhfgbGx8psBS0-kAc-GqaAH2b4L1WTl0bKFDM-HhSWEOTZXhpC_Dll4tpYqLa5oiWjJ75UVkGQIa7ezX2x9VFintv9H8VHvCTMWPFQgZRUF5foIA3zdcJi7FlJTnIDpqrHYgcZfN-jbCY4LVVI3pRyxgFdWiiy3XcFUgNzjwDvUImdhawE0JBRaLxtWoRLTYQyUgPS2Pvu7mwTINPDUbd30phdTAjn7oIs-BD-aBaxNWPIWHqzQGyUlPuTZvnZSxHykiVHnWin38J3LgO6swAqyE&sig=Cg0ArKJSzGH3bLDQqUzsEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 25 Nov 2021 03:33:12 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DBC3 0
0 43ms
42ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunDDsygRgDNtmawPMgBdMImZP5g4pvoHNNLVzzUtDLNs91eECuGbkqiytwfHq-z5wFVoSNoJO9UCFU7uZ8t4chUM3a3C8Xx82r5rqp8nx9S2gM0kPO9iP1qRsh-kXlH_WBnlLi-N-WUGDsOf-bZzGlrRb6r8KIWu2gKy0_5QT1xlrsyPUQi0ron8BqHJlDW31JJ7DrI2VBBSJx7WbbZHADMAwqLMLlwqE1Iyis_7EuNHF30eSiHOxxP5f5LpPp3Ij-i51QOuw43Dw4ZDMpK-r0RoTsMA_LgKlhj3WghJ9M2RTOp9ad&sig=Cg0ArKJSzLQc8qOxOiwlEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 25 Nov 2021 03:33:12 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD8E 0
0 45ms
44ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_Vn1nqYOcbNtrh65tW78aLW-4hTj5N7AorN6yR8MkJXylwV1AkZo7IC9FjoRAeufsS111PwnYHNcavVPRXIIFoe5B3GIGh0Jr3onH5ENkE5SARbnDxm7uc5CduqQiEUxTsDPhrdWVa7o9bL0JVqQuJW0FWTAHzyjX1fwJGyibGsKC4aQtcejlCpll47Ei9MaTlm-FUEJVe0BBOfMjsbudNfYin4qrDRPHzWL7iAIRv-BifSLL9OAY2KGRWN28g8aiV5TR7bGCHr0_7uz1_n_iINDUS3k6GrheA3wYBbre7TP-wA&sig=Cg0ArKJSzE_6fxSMLm1iEAE&uach_m=[UACH]&adurl=

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame DBC3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84593b643ad8e34437641db1db204c4e99e042ed617d6933bcf394a49fb2ce23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AF15 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea8c07566d4c0ba76f0589bb0e027743d5015725ad5b102e464bd32a708472a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7DB2 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2616211e97e18cfe624d453f597a83d457a997382f3b65f8a39968a6724ce681

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3922 0
0 42ms
42ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTVSLeO_4YpI_aTjtjwJWHBAEKiy5zfSqMWsANT7wC3tknswXIEUqMPe7JECIiIus7mOhC2I9h7kvxGn8f50eFZv5okmRRwF2QtmZJtHR75Sf65H2quvWFBD0M2PD70qDJ-OLOPWSfDW2zCvC8TtBuHZnJ0CvcuNsHXzyLEK7821QhacJp5aSbt05tzn33_j5SAJicE74jb9tSst6Zh9GvxO3tcxusV9vLVsu5FB6poM5cYike7ifDOiGfUl21NYwX-5oqQbje0sZ1WvyZ1-eLxAXhW2sIK_vLp1B0SVBUD_aX09vp&sig=Cg0ArKJSzGIofPj_TP-UEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 25 Nov 2021 03:33:12 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD8E 0
0 42ms
41ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssi8vHjcvSQjzAsV2BL7oulhJF7Pxnhsdf6y98pVFIrBXvr-iSlUpWt2DItF77bsEfQT-FBDjUBczfuSRGhgsjyJSrFLTebK0R9xuyxIZsQImWFrH5qcs5zktveBIIW3fWs1J_X9oyoZu0hKOMKOEZMvEGL_7gxERK7ZS6PhoYy6yzfCVQMm78FL-hFLhdDIJrlmgTjLx9W5IduMzJ8A4QkcEhToYoT7PL0H1bXgGDbg604sRD8NxqV-nc8CQfq-C78cn7J7XJrjEbbaALUjdEll3Wst10_jaiTS4e7aKlHiroUcAyc&sig=Cg0ArKJSzPDVLFs2SF3aEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 25 Nov 2021 03:33:12 GMT

GET
DATA 200
OK truncated
/ Frame 3922 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 463cc89f03205b5bb20f6d5e5b874747f06d4858e55cf4bec0c2690e64361ee0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 client.js Show response
z.moatads.com/px2/ Frame FF9B 93 KB
30 KB 19ms
18ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/px2/client.js
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/sinclairgamdisplay488716798718/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: fe9f552df0e8a872c973b46223bd382ce28cb2e6c7469226a8eb9858693076c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:12 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 22:42:32 GMT
server: AmazonS3
x-amz-request-id: DWBPD63N95KAXKE8
etag: "7fa6e538ba40a1e363179416bf15c87f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=19284
accept-ranges: bytes
content-length: 30805
x-amz-id-2: FoBVNlkzRDHW00FKc0Mu/1KAEulRHUQzFPvyj/CPcEke421mV3yHlbTDngHQecf1O739XhLK0Ww=

GET
DATA 200
OK truncated
/ Frame AD8E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c082f2c16c3e756f1fc08eaefd1a445c072472569fc54e1591922b27a4f984cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F16450079897291089245&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811191074&de=10752978503&cu=1637811191074&m=34&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6982&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2382%3A2800%3A0%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=24&cd=0&ah=24&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234256527&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=997802875&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:12 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame F9C4 3 KB
3 KB 7ms
7ms Image
image/gif 143.204.207.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.207.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-207-43.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 04:47:01 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 06 Oct 2021 15:33:18 GMT
server: nginx
age: 81971
etag: W/"2608-1633534398000"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 2608
x-xss-protection: 1; mode=block
x-amz-cf-id: eryjA5pcrTpzY6YeqGWjvmyHvqPAXWS9s5CnV2cHdf4ssQDYgEF08Q==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame F9C4 2 KB
1 KB 32ms
32ms XHR
application/json 143.204.207.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.207.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-207-43.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

925ae0d0c7c41fafa49d576fdfaca95edbd8f4fb79b55a8af058be1cc13a73d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: CA997B588C0A4B4B220B823E359467E4
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 25 Nov 2021 03:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 740
x-xss-protection: 1; mode=block
x-amz-cf-id: QR62CrRrMSm8D2OrC4-5RAkP0yY0ahRexAS0u1NzuDUcWYqa6lJypw==

GET
H2 200 get
consent.trustarc.com/ Frame F9C4 21 KB
22 KB 7ms
7ms Image
image/svg+xml 13.35.253.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/get?name=SBG_logo.svg
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-115.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 5c7356876ee608f5a196f1e886f6c01fce8fae3a9aa490992100d2e6e70cef4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Wed, 24 Nov 2021 09:59:27 GMT
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
server: nginx
age: 63225
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
content-length: 21695
x-amz-cf-id: vqDtvcSdEAIg93Helx4_hd5YlUZXCWNCGrfdC-HQhTrgEf05-1F-hg==
expires: Fri, 24 Dec 2021 09:59:27 GMT

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame F9C4 932 KB
170 KB 127ms
127ms XHR
application/json 143.204.207.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.207.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-207-43.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

668404093a4a51813e674557aecd06ef4f575204cdcc789d346f3c0c25b29441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: CA997B588C0A4B4B220B823E359467E4
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 25 Nov 2021 03:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 173757
x-xss-protection: 1; mode=block
x-amz-cf-id: 0V61hk71o3rmWaA3MRChoaMaUqX8fkcuzmgPyw1sJA9nc646AoD55g==

GET
H2 200 switchbg.png
consent-pref.trustarc.com/images/ Frame F9C4 1 KB
1 KB 7ms
7ms Image
image/png 143.204.207.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/switchbg.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/EuPreferenceManager.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.207.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-207-43.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/EuPreferenceManager.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 18:45:38 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 06 Oct 2021 15:33:18 GMT
server: nginx
age: 31670
etag: W/"1068-1633534398000"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 1068
x-xss-protection: 1; mode=block
x-amz-cf-id: XswbbseIVwePXrwVYl3KZRePbQUCEpbEbvdkNY6Sxps0UveE5SgKjg==

GET
H2 200 loader.gif
consent-pref.trustarc.com/images/ Frame F9C4 2 KB
2 KB 7ms
7ms Image
image/gif 143.204.207.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loader.gif

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.207.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-207-43.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:16:52 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 06 Oct 2021 15:33:18 GMT
server: nginx
age: 107623
etag: W/"1737-1633534398000"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 1737
x-xss-protection: 1; mode=block
x-amz-cf-id: tOnRKat14jBgwpdQto8f-8rzK3cWT1MYulOiROmJ3Jk-Q-c3zqL1pA==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=SINCLAIR_GAM_DISPLAY1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1637811191487&de=859523853146&m=0&ar=553ffc12ef5-clean&iw=321a0a7&q=5&cb=0&ym=0&cu=1637811191487&ll=2&lm=0&ln=1&em=0&en=0&d=92725138%3A2316137404%3A4685377161%3A138234303065&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&bo=84109138&bd=97476178&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&gw=sinclairgamdisplay488716798718&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2382%3A2800%3A0%3A2735&fs=195402&na=2017407929&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:12 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 60ms
21ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:12 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Nov 2021 03:33:12 GMT

HEAD
H2 200 / Show response
fox42kptm.com/ Frame FF9B 0
532 B 15ms
15ms XHR
text/html 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/px2/client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:07 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
host-sni: fox42kptm.com
age: 5
sbgi-rendertime: Nov-25-2021 03:33:07
x-cache: Hit from cloudfront
sbgi-protocol: https
sbgi-realpath: /renderer/fox42kptm/
server: openresty
etag: bac54cb0-4d9e-11ec-a12b-0629df1e01f2
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: http://sinclairstoryline.com
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
access-control-allow-credentials: true
if-none-match: bac54cb0-4d9e-11ec-a12b-0629df1e01f2
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 5K0sGFJ6U7CPqFgoENec3hOqtnl2nB3QgxGytZcMXrnvsosObyWFRA==

GET
H2 500 favicon.ico Show response
fox42kptm.com/ Frame FF9B 5 KB
5 KB 564ms
564ms XHR
text/html 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/favicon.ico
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/px2/client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: acf420f9a65af4977e71d32cc44df81652b0376d148a88bb6b007ad7d962ac87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:13 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA53-C1
etag: 2c612c81-f661-415b-9e46-733fb874b807
x-cache: Error from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: http://sinclairstoryline.com
access-control-allow-credentials: true
if-none-match: 2c612c81-f661-415b-9e46-733fb874b807
content-length: 4938
x-amz-cf-id: LrOT8vKFeliGPQGP0ABjKcoWvkjthF6uyAFkKNlJl2wwuNUsO0SLqA==

GET
H2 200 robots.txt Show response
fox42kptm.com/ Frame FF9B 22 B
407 B 9ms
9ms XHR
text/plain 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fox42kptm.com/robots.txt
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/px2/client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: 61411f402b0f939f459ffad4d23216797c70ce495b146ce3d64d4dc91c900e00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
last-modified: Wed, 24 Oct 2018 16:42:34 GMT
server: openresty
age: 85214
etag: "55651dba61189b0aa31d63c22fe2ca86"
x-cache: Hit from cloudfront
content-type: text/plain
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
date: Wed, 24 Nov 2021 03:52:57 GMT
x-amz-cf-pop: FRA53-C1
content-length: 22
x-amz-cf-id: 1S8cuo75IEEIuZjSXdlg9ipNrqciN-5QuIbYnOpIkFahI9UVPGiEFg==

POST
H/1.1 200
OK pixel.gif
px2.moatads.com/ Frame FF9B 43 B
600 B 454ms
243ms Ping
image/gif 52.90.100.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://px2.moatads.com/pixel.gif?v=23&i=SINCLAIR_GAM_DISPLAY1PX2&commit=c64ebad7029-clean&t=1637811192721&id=856431009538
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/px2/client.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.90.100.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-100-71.compute-1.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:13 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.14.0
Access-Control-Allow-Methods: HEAD, GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 pixel.gif
px2m.moatads.com/ Frame FF9B 43 B
260 B 33ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px2m.moatads.com/pixel.gif?e=0&t=1637811192721&de=856431009538&e=36&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=SINCLAIR_GAM_DISPLAY1PX2&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1637811192504&de=896223166012&m=0&ar=553ffc12ef5-clean&iw=321a0a7&q=24&cb=0&ym=0&cu=1637811192504&ll=2&lm=0&ln=1&em=0&en=0&d=92725138%3A2316137404%3A4685377161%3A138234303008&hv=Standard%20Image%20Ad%20finding%20&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&bo=84109138&bd=97476178&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&gw=sinclairgamdisplay488716798718&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2382%3A2800%3A0%3A2735&fs=195402&na=1979150932&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:13 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:13 GMT

GET
H/1.1 200
OK pixel.gif
dsa.moatads.com/ Frame FF9B 43 B
419 B 87ms
15ms Image
image/gif 2a02:26f0:6c00:298::3350
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsa.moatads.com/pixel.gif?e=0&t=1637811192721&de=856431009538&e=36&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=SINCLAIR_GAM_DISPLAY1PX2&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1637811192504&de=896223166012&m=0&ar=553ffc12ef5-clean&iw=321a0a7&q=24&cb=0&ym=0&cu=1637811192504&ll=2&lm=0&ln=1&em=0&en=0&d=92725138%3A2316137404%3A4685377161%3A138234303008&hv=Standard%20Image%20Ad%20finding%20&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&bo=84109138&bd=97476178&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&gw=sinclairgamdisplay488716798718&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2382%3A2800%3A0%3A2735&fs=195402&na=1979150932&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:298::3350 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:13 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 25 Nov 2021 03:33:13 GMT

GET
H2 200 googima.js Show response
ssl.p.jwpcdn.com/player/plugins/googima/v/8.9.0/ 73 KB
22 KB 37ms
7ms Script
text/plain 2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/plugins/googima/v/8.9.0/googima.js
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/video/players/prod/player-configs/vendor/jwplayer/8.22.1/jwplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd6156a8a107fa2543d0762db84dde2af3cf7e840d49bdcfcf383f4350e8fab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-encoding: gzip
age: 5454055
x-cache: HIT
content-length: 21760
via: 1.1 varnish
x-served-by: cache-fra19132-FRA
last-modified: Tue, 29 Jun 2021 20:50:11 GMT
server: AmazonS3
x-timer: S1637811194.589559,VS0,VE0
etag: "88cac071caa078b8b36a66d4f51f9cdc"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 40862

GET
H2 200 jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.22.1/ 58 KB
17 KB 43ms
14ms Script
application/javascript 2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/jwpsrv.js
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/video/players/prod/player-configs/vendor/jwplayer/8.22.1/jwplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82e587ecca54057eabad78bed2d89c2fb8f4118c3504e6f096215cb72868913e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-encoding: gzip
age: 271
x-cache: HIT
content-length: 17499
via: 1.1 varnish
x-served-by: cache-fra19132-FRA
last-modified: Thu, 30 Sep 2021 15:17:56 GMT
server: AmazonS3
x-timer: S1637811194.589747,VS0,VE0
etag: "fd28c0166cd7029ddfb10e5953b3f7f2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, immutable
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 jwplayer.core.js Show response
ssl.p.jwpcdn.com/player/v/8.22.1/ 136 KB
39 KB 58ms
30ms Script
application/javascript 2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/jwplayer.core.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5101ef76f58efef9653f8e786e41d45dd72e2eb14cbeca4b88552da6ce33e8db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-encoding: gzip
age: 376315
x-cache: HIT
content-length: 39496
via: 1.1 varnish
x-served-by: cache-fra19132-FRA
last-modified: Thu, 09 Sep 2021 21:52:51 GMT
server: AmazonS3
x-timer: S1637811194.589840,VS0,VE1
etag: "ec9361d67c3c10a7f2cc8b68204e2cd0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 provider.hlsjs.js Show response
ssl.p.jwpcdn.com/player/v/8.22.1/ 409 KB
113 KB 41ms
14ms Script
application/javascript 2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0cd5e3c675698217d56a25f6b53d3afcabfca740a6630f702b21b001d1f7e5eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-encoding: gzip
age: 6585557
x-cache: HIT
content-length: 115623
via: 1.1 varnish
x-served-by: cache-fra19132-FRA
last-modified: Thu, 09 Sep 2021 21:52:53 GMT
server: AmazonS3
x-timer: S1637811194.589688,VS0,VE0
etag: "ea4b658d8c1347363fbb3f823fdba8ee"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 87

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F15907125647384796734&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811191487&de=859523853146&cu=1637811191487&m=6&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6982&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2382%3A2800%3A0%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2&cd=0&ah=2&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234303065&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1014268736&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:13 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:13 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 08CF 42 B
497 B 53ms
29ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuF6XqIXz8AVApCSX3-ta0Etb4yRAzlVL-MlTIswCffMB9CQGjCRiGStBCJodssXNj_1UA-QJn4X53GyovKlSmQFgOtjwSWSUyEnkeTWbn1-A6ual9c&sig=Cg0ArKJSzDA5-kcFOOI8EAE&id=lidar2&mcvt=1516&p=573,1070,1173,1370&mtos=1516,1516,1516,1516,1516&tos=1516,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3875038693&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637811190426&rpt=1510&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie_inneriframe.html Show response
consent-pref.trustarc.com/ Frame ED6E 2 KB
1 KB 8ms
7ms Document
text/html 143.204.207.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/cookie_inneriframe.html

Requested by

Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http://sbgi.net/privacy-policy&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.207.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-207-43.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://prefmgr-cookie.truste-svc.net/

Response headers

content-type: text/html; charset=UTF-8
server: nginx
last-modified: Wed, 06 Oct 2021 15:33:18 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
content-encoding: gzip
date: Wed, 24 Nov 2021 15:23:14 GMT
etag: W/"2008-1633534398000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: xT2yHTRBKl3MIugUEEjCFp6BCwBnJrP5ogRosyteU3KV5qxj2bpZzw==
age: 43799

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AD8E 42 B
108 B 62ms
50ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFHNfpWEeA-hrJDjssqI6StUlqlmBccsfy6gaiM938e8Jo_4G9tdpSkqUOo5dvw0JGUf6l6Rjnda5mB2dStnOgo2QrHSHNbQgDLUOn47HBM3J1LnzP&sig=Cg0ArKJSzLda6XHcVJ0xEAE&id=lidar2&mcvt=1006&p=75,315,325,1285&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3689519078&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637811190444&rpt=2030&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=SINCLAIR_GAM_DISPLAY1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1637811191940&de=668786883775&m=0&ar=553ffc12ef5-clean&iw=321a0a7&q=8&cb=0&ym=0&cu=1637811191940&ll=2&lm=0&ln=1&em=0&en=0&d=92725138%3A2316137404%3A4685377161%3A138234256398&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&bo=84109138&bd=97476178&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&gw=sinclairgamdisplay488716798718&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2382%3A2800%3A0%3A2735&fs=195402&na=1689968904&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:13 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:13 GMT

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/383/1/7PM7oxuhHq/ Frame 9BD7
Redirect Chain

https://acuityplatform.com/Adserver/nai?action_id=3&participant_id=383&rd=https://preferences-mgr.truste.com&nocache=0.05544559979310515
https://preferences-mgr.truste.com/token/383/1/7PM7oxuhHq/

554 B
778 B

102ms
102ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/383/1/7PM7oxuhHq/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 7a2bd83af49958ed394143b196de5a93f85b0d856c2bacffebbcb98db39cee6d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 554
date: Thu, 25 Nov 2021 03:33:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: ab35jyumt30G1qbPpL7qsrdj1yWto-Fq2GXr7BHEy4tYlt3jktMY2g==

Redirect headers

P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Pragma: no-cache
Location: https://preferences-mgr.truste.com/token/383/1/7PM7oxuhHq/
Content-Length: 0
Date: Thu, 25 Nov 2021 03:33:13 GMT

GET
H2

200

adelphic Show response
preferences-mgr.truste.com/token/642/1/ Frame ACB2
Redirect Chain

https://my.ipredictive.com/optout/aboutads?action_id=3&participant_id=642&rd=https://preferences-mgr.truste.com&nocache=0.22171448604303445
https://preferences-mgr.truste.com/token/642/1/adelphic

550 B
784 B

7ms
7ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/642/1/adelphic
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 2fc144fae13962c0d391f4a75a0ec528c0aadd48b23acfdb0f296ffd7d339adc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Wed, 24 Nov 2021 05:53:26 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 9Vl1Q1OOvLq5mWVM7SDtAN__BmGKx50Rz_dH-3pTkR8TPd45yzLy9A==
age: 77988

Redirect headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-length: 0
location: https://preferences-mgr.truste.com/token/642/1/adelphic
server: Apache-Coyote/1.1
p3p: CP="NOI PSA OUR"

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/569/1/bluecava-csrf/ Frame 39C1
Redirect Chain

https://preferences.bluecava.com/daa/optout.ashx?action_id=3&participant_id=569&rd=https://preferences-mgr.truste.com/&nocache=0.7879256006682422
https://preferences-mgr.truste.com/token/569/1/bluecava-csrf/

560 B
793 B

7ms
7ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/569/1/bluecava-csrf/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ea946decdf3bce71e1bd43c48939d8a0bc62ea7fe1e6d3850bcdb941b669b959

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 560
date: Wed, 24 Nov 2021 11:04:36 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: VUIZ_LGYOJcG0i6o9_3vpCEGHhdgO81C9Lzx5r8ebzAWHG29o1kZQA==
age: 59318

Redirect headers

server: nginx/1.21.3
date: Thu, 25 Nov 2021 03:33:13 GMT
content-type: text/html; charset=ISO-8859-1
content-length: 0
cache-control: no-cache, no-store
expires: -1
location: https://preferences-mgr.truste.com/token/569/1/bluecava-csrf/
p3p: policyref="https://www.bluecava.com/w3c/p3p.xml",CP="NON DSP COR LAW ADM DEV PSAo PSDi CONi TELi OUR SAM BUS UNI PRE COM"
pragma: no-cache
strict-transport-security: max-age=31536000

GET
H/1.1

200
OK

master-opt-out Show response
ad.amgdgt.com/ads/ Frame 6F2C
Redirect Chain

https://ad.amgdgt.com/ads/nai-coop-opt-out?action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.5122424896491129
https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.5122424896491129

2 KB
2 KB

103ms
103ms

Document
text/html

3.222.114.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.5122424896491129
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.114.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-114-14.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cb0ee978a5f405613d3a7b8cb59d2e104ddcd57bff70ae2044fe47546089c138

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

Cache-Control: no-cache, no-store
Content-Type: text/html
Date: Thu, 25 Nov 2021 03:33:13 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: Apache-Coyote/1.1
Content-Length: 1699
Connection: keep-alive

Redirect headers

Cache-Control: no-cache, no-store
Date: Thu, 25 Nov 2021 03:33:14 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.5122424896491129
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: Apache-Coyote/1.1
Content-Length: 0
Connection: keep-alive

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/713/1-2/ Frame AA81
Redirect Chain

https://r.turn.com/r/optout?action_id=3&participant_id=713&rd=https://preferences-mgr.truste.com&nocache=0.6035997644404021
https://preferences-mgr.truste.com/token/713/1-2/

550 B
784 B

59ms
9ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/713/1-2/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: d9802af64401b98446e9674c0f11b5944c2eeb0d513bf444679e7707114286ae

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Wed, 24 Nov 2021 10:49:05 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: SAB-qmv1OcZ5i7t1XnP4HvDlTDgRFZnSzFjBXmsCy3MOruS1LCVKFg==
age: 60248

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
location: https://preferences-mgr.truste.com/token/713/1-2/
content-length: 0
date: Thu, 25 Nov 2021 03:33:13 GMT

GET
H2

200

1-0 Show response
preferences-mgr.truste.com/token/816/ Frame 310B
Redirect Chain

https://app.link/nai-optout?action_id=3&participant_id=816&rd=https://preferences-mgr.truste.com&nocache=0.0441222278973723
https://preferences-mgr.truste.com/token/816/1-0

550 B
784 B

20ms
19ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/816/1-0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 117420691b3b16ce517a899de4b81d60830ae1e8e772fd4d5d1411f30892739e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Wed, 24 Nov 2021 08:35:38 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: oHtgbkO_JxJwJwcZz0qC62irynQgSrNjDQPIV8fU0wgXlAY7DTmX-g==
age: 68256

Redirect headers

content-type: text/html; charset=utf-8
content-length: 140
location: https://preferences-mgr.truste.com/token/816/1-0
server: openresty
date: Thu, 25 Nov 2021 03:33:14 GMT
x-powered-by: Express
p3p: This is not a valid P3P header.
vary: Accept
x-cache: Miss from cloudfront
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 3sGpPYcO693ZQwhKvWjpx7ZAOpET2WsAh2oQnwUgGu66lQ6jYazerg==

GET
H/1.1

200
OK

ad_retarget_global_opt_out Show response
www.shopzilla.com/ Frame 290E
Redirect Chain

https://www.shopzilla.com/opt_out_external?action_id=3&participant_id=611&rd=https://preferences-mgr.truste.com&nocache=0.5073654726964438
https://www.shopzilla.com/ad_retarget_global_opt_out?isExternalOptOut=true&rd=https://preferences-mgr.truste.com&action_id=3&participant_id=611&token=920231623462061194

2 KB
1 KB

298ms
298ms

Document
text/html

192.138.218.136
SHOPZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shopzilla.com/ad_retarget_global_opt_out?isExternalOptOut=true&rd=https://preferences-mgr.truste.com&action_id=3&participant_id=611&token=920231623462061194
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.138.218.136 , United States, ASN14332 (SHOPZILLA, US),
Reverse DNS: shopzilla.com
Software: nginx/1.16.0 /
Resource Hash: 84bd266ecc3691e0abd6751b9ca11b3631bdfa80a9ed5655cc687b587c0ecaef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

Server: nginx/1.16.0
Date: Thu, 25 Nov 2021 03:33:14 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store
Content-Language: de-DE
Content-Encoding: gzip

Redirect headers

Server: nginx/1.16.0
Date: Thu, 25 Nov 2021 03:33:14 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
Location: https://www.shopzilla.com/ad_retarget_global_opt_out?isExternalOptOut=true&rd=https://preferences-mgr.truste.com&action_id=3&participant_id=611&token=920231623462061194
Accept-Ranges: bytes

GET
H2

200

/ Show response
preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/ Frame 5140
Redirect Chain

https://ad.wsod.com/coop_api/?action_id=3&participant_id=407&rd=https://preferences-mgr.truste.com/&nocache=0.2012291816839138
https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/

546 B
779 B

9ms
9ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 2ef794e6984277c05c475b8eef5d63fefef122b5277c4ae2a642d1be51061a58

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Wed, 24 Nov 2021 04:00:11 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: eYerl3GAaLk9b03oVZTW_ChpEgNayaPxDdzHXsmxtw1ylHMfhR7OXQ==
age: 84783

Redirect headers

Server: nginx
Date: Thu, 25 Nov 2021 03:33:14 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Location: https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/

GET
H2

200

1 Show response
preferences-mgr.truste.com//token/742/ Frame D671
Redirect Chain

https://optout.parrable.com/iba?action_id=3&participant_id=742&rd=https://preferences-mgr.truste.com/&nocache=0.9865990052656808
https://preferences-mgr.truste.com//token/742/1

546 B
779 B

9ms
9ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/742/1
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ce06a9b8b1ccf8870a3448248824625feeb2d735e9e200903760fc9e3fcd09de

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Wed, 24 Nov 2021 08:38:44 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: otjnZnA9DpxvZrxKvJ8mli4rT7PAZBz85BNonWTcQnr9SH1s6wxdgg==
age: 68070

Redirect headers

Server: nginx
Date: Thu, 25 Nov 2021 03:33:13 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 138
Connection: keep-alive
X-Powered-By: Express
Location: https://preferences-mgr.truste.com//token/742/1
Vary: Accept
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: Origin, Content-Type, Accept

GET
H2

200

0 Show response
preferences-mgr.truste.com/token/519/1/ Frame 6E46
Redirect Chain

https://s.thebrighttag.com/api/privacy/3fLGmeU/nai?action_id=3&participant_id=519&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6490295423221435
https://preferences-mgr.truste.com/token/519/1/0

536 B
770 B

28ms
10ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/519/1/0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 6e60407537ae8be31f1c4776a6e6ff512a603ef7a1fabc8f6386ff2410b16d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 536
date: Wed, 24 Nov 2021 11:04:36 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 6mqnran3jfM_KbDThN6K0j6-YEptVNNkG7C7Z_45sO3DpVPmnZZdjQ==
age: 59317

Redirect headers

Server: nginx
Date: Thu, 25 Nov 2021 03:33:13 GMT
Content-Length: 0
Connection: keep-alive
Location: https://preferences-mgr.truste.com/token/519/1/0
X-BT-RequestId: 6ba67560-4da0-11ec-860d-0000ac15088a
P3P: CP=NOI DSP COR NID

GET
H2

200

csrf Show response
preferences-mgr.truste.com/token/747/1-0/ Frame C284
Redirect Chain

https://optout.bigsea.weborama.com/optout?action_id=3&participant_id=747&rd=https://preferences-mgr.truste.com&nocache=0.52841101491288
https://preferences-mgr.truste.com/token/747/1-0/csrf

546 B
778 B

7ms
7ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/747/1-0/csrf
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: efec5394dfd449bbe933fad5abd3dc6991d17596494f4cd12990a8e35b33e3f9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Wed, 24 Nov 2021 04:47:44 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: A8mtSaeGziSC4x3LYvmVuBuMhX2qooFUfjSP_pL0sef1zw8DWoo4rw==
age: 81929

Redirect headers

Date: Thu, 25 Nov 2021 03:33:13 GMT
Location: https://preferences-mgr.truste.com/token/747/1-0/csrf
P3P: CP="This is not a valid P3P header"
Content-Length: 0
Connection: keep-alive

GET
H2

200

/ Show response
preferences-mgr.truste.com//token/620/1/77390c34-2e5c-42ae-8cc9-c945aa5e5514/ Frame BE8E
Redirect Chain

https://optout.1up.com/opt-out/request?action_id=3&participant_id=620&rd=https://preferences-mgr.truste.com/&nocache=0.9747481164126433
https://preferences-mgr.truste.com//token/620/1/77390c34-2e5c-42ae-8cc9-c945aa5e5514/

546 B
771 B

102ms
102ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/620/1/77390c34-2e5c-42ae-8cc9-c945aa5e5514/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: acadc483823f0bda4e13cace25b1517433b89c19ca0f698c081b25ae430bf22a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Thu, 25 Nov 2021 03:33:14 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: lUXTUEk-O6ztdZy4cfvqWPITbFDvgh2ou6z0Dfn-aMl6kf1rKbgl4A==

Redirect headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://preferences-mgr.truste.com//token/620/1/77390c34-2e5c-42ae-8cc9-c945aa5e5514/
p3p: CP="ALL DSP COR NID"

GET
H2

200

/ Show response
preferences-mgr.truste.com//token/619/1/5c789485-af43-4eb6-8dfd-3b4aed85a105/ Frame EFD8
Redirect Chain

https://optout.askmen.com/opt-out/request?action_id=3&participant_id=619&rd=https://preferences-mgr.truste.com/&nocache=0.5473102269759003
https://preferences-mgr.truste.com//token/619/1/5c789485-af43-4eb6-8dfd-3b4aed85a105/

546 B
773 B

100ms
100ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/619/1/5c789485-af43-4eb6-8dfd-3b4aed85a105/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 732df32633d6e55d5baca102d68498795eb3144a96b648a2f1b32a38bbe003c6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Thu, 25 Nov 2021 03:33:14 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: vUi0ginVMASZNdmHRyyQUIgJqiEII423ZHVRxZBLQq8nS_DIWz6BdQ==

Redirect headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://preferences-mgr.truste.com//token/619/1/5c789485-af43-4eb6-8dfd-3b4aed85a105/
p3p: CP="ALL DSP COR NID"

GET
H2

200

/ Show response
preferences-mgr.truste.com//token/615/1/15a1cb3a-46f3-4cb3-8e87-b8ee5b97e78d/ Frame A558
Redirect Chain

https://optout.extremetech.com/opt-out/request?action_id=3&participant_id=615&rd=https://preferences-mgr.truste.com/&nocache=0.7428351397390511
https://preferences-mgr.truste.com//token/615/1/15a1cb3a-46f3-4cb3-8e87-b8ee5b97e78d/

546 B
772 B

104ms
103ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/615/1/15a1cb3a-46f3-4cb3-8e87-b8ee5b97e78d/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 2843712ac403a32be4c341bb7c60675b498655f203e493ca1e8a93b2eac7af86

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Thu, 25 Nov 2021 03:33:14 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: kxjNyeuTXNM4Yz9oRXiEJ9SXLswtfQzO94jgJkHdlHOw-x8t_SkTBA==

Redirect headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://preferences-mgr.truste.com//token/615/1/15a1cb3a-46f3-4cb3-8e87-b8ee5b97e78d/
p3p: CP="ALL DSP COR NID"

GET
H2

200

/ Show response
preferences-mgr.truste.com//token/632/1/3cc2f022-3b32-4426-8bc3-3f1fc93df57c/ Frame EE0F
Redirect Chain

https://optout.ziffdavis.com/opt-out/request?action_id=3&participant_id=632&rd=https://preferences-mgr.truste.com/&nocache=0.5101008045659947
https://preferences-mgr.truste.com//token/632/1/3cc2f022-3b32-4426-8bc3-3f1fc93df57c/

546 B
771 B

99ms
99ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/632/1/3cc2f022-3b32-4426-8bc3-3f1fc93df57c/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 25c21e0a7fc331878dae05799b69c882c10476b5e5bf148435bff06a6252766f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Thu, 25 Nov 2021 03:33:14 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: PAFwLauG1Hgzoctp9Ba5k3FKtgyESeEyLqOxK3Wv70Ip_c_YYxeEdQ==

Redirect headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://preferences-mgr.truste.com//token/632/1/3cc2f022-3b32-4426-8bc3-3f1fc93df57c/
p3p: CP="ALL DSP COR NID"

GET
H2

200

/ Show response
preferences-mgr.truste.com//token/618/1/3772b3b8-c5e3-4fef-b398-a28e147aa9a2/ Frame CE35
Redirect Chain

https://optout.ign.com/opt-out/request?action_id=3&participant_id=618&rd=https://preferences-mgr.truste.com/&nocache=0.6359066508982756
https://preferences-mgr.truste.com//token/618/1/3772b3b8-c5e3-4fef-b398-a28e147aa9a2/

546 B
772 B

100ms
100ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/618/1/3772b3b8-c5e3-4fef-b398-a28e147aa9a2/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 87b9620cdeb2e8f5290bca816d5f1abce8bb49098ba10bd1a689a5fb39538ef4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Thu, 25 Nov 2021 03:33:14 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: NheXFtEJzFvA3TIgvs1iBIBV9ESU3joEVDcgIBWwCfx_Y1F1bbwEEw==

Redirect headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://preferences-mgr.truste.com//token/618/1/3772b3b8-c5e3-4fef-b398-a28e147aa9a2/
p3p: CP="ALL DSP COR NID"

GET
H2

200

/ Show response
preferences-mgr.truste.com//token/614/1/86b674ad-04fc-40e5-ae9a-a8f27a0101c0/ Frame CC93
Redirect Chain

https://optout.pcmag.com/opt-out/request?action_id=3&participant_id=614&rd=https://preferences-mgr.truste.com/&nocache=0.9003283708094316
https://preferences-mgr.truste.com//token/614/1/86b674ad-04fc-40e5-ae9a-a8f27a0101c0/

546 B
771 B

102ms
101ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/614/1/86b674ad-04fc-40e5-ae9a-a8f27a0101c0/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: d1747371ac7a368af8b35604943d76958bab1b84d493de7810f29606851872a2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Thu, 25 Nov 2021 03:33:14 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 29gpDi-zUtdkeBWtM0Lg9uTLoYGUjffhGn_xfbvp1CK4ypVdyWdPQg==

Redirect headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://preferences-mgr.truste.com//token/614/1/86b674ad-04fc-40e5-ae9a-a8f27a0101c0/
p3p: CP="ALL DSP COR NID"

GET
H2

200

/ Show response
preferences-mgr.truste.com//token/631/1/0f1500c8-de2b-4c4a-a374-1b9f9dff2556/ Frame 7B5A
Redirect Chain

https://optout.techbargains.com/opt-out/request?action_id=3&participant_id=631&rd=https://preferences-mgr.truste.com/&nocache=0.5713093089586712
https://preferences-mgr.truste.com//token/631/1/0f1500c8-de2b-4c4a-a374-1b9f9dff2556/

546 B
773 B

101ms
101ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/631/1/0f1500c8-de2b-4c4a-a374-1b9f9dff2556/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ad157ab2481c1f1e9007ca715f4fe5958882ce313c4da54a0bb8d2d3d92392f3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Thu, 25 Nov 2021 03:33:14 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 1zuPW6bvFuQJ1FF4Lw1IQcQhLYwAXENOn3wyLyM4YMQFq66yPEFK9Q==

Redirect headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://preferences-mgr.truste.com//token/631/1/0f1500c8-de2b-4c4a-a374-1b9f9dff2556/
p3p: CP="ALL DSP COR NID"

GET
H2

200

/ Show response
preferences-mgr.truste.com//token/626/1/810ba329-2b88-4349-8868-680b9956c8f0/ Frame 22FE
Redirect Chain

https://optout.toolbox.com/opt-out/request?action_id=3&participant_id=626&rd=https://preferences-mgr.truste.com/&nocache=0.0960841684763718
https://preferences-mgr.truste.com//token/626/1/810ba329-2b88-4349-8868-680b9956c8f0/

546 B
770 B

106ms
105ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/626/1/810ba329-2b88-4349-8868-680b9956c8f0/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 8f02b086ae10817306381794d9ae4915e388ff25714fdeafbf3eadc082713004

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Thu, 25 Nov 2021 03:33:14 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: A6Bs1pcxEPngGc0Xubk5HcUMg02p6HnB9-brvzHH3vOh_G-pab8x6A==

Redirect headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://preferences-mgr.truste.com//token/626/1/810ba329-2b88-4349-8868-680b9956c8f0/
p3p: CP="ALL DSP COR NID"

GET
H2

200

/ Show response
preferences-mgr.truste.com//token/627/1/d7c9032e-41b5-470b-9893-04a465d42aeb/ Frame FF25
Redirect Chain

https://optout.ugo.com/opt-out/request?action_id=3&participant_id=627&rd=https://preferences-mgr.truste.com/&nocache=0.09539134180976716
https://preferences-mgr.truste.com//token/627/1/d7c9032e-41b5-470b-9893-04a465d42aeb/

546 B
771 B

102ms
101ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/627/1/d7c9032e-41b5-470b-9893-04a465d42aeb/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: faf40543efacdbf4318a567a333a74945b3cfaeaf0b18936df96364c23ef41dc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Thu, 25 Nov 2021 03:33:14 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: id82jJa3zjaeqNW8xWGKXsReCCyN7o0zjlpJJGgluhcwaBWbHGTZKQ==

Redirect headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://preferences-mgr.truste.com//token/627/1/d7c9032e-41b5-470b-9893-04a465d42aeb/
p3p: CP="ALL DSP COR NID"

GET
H2

200

/ Show response
preferences-mgr.truste.com//token/633/1/e9b5e344-76fb-4aa0-adc2-01fd185ed25e/ Frame 9C72
Redirect Chain

https://optout.zdbb.net/opt-out/request?action_id=3&participant_id=633&rd=https://preferences-mgr.truste.com/&nocache=0.3738021102073448
https://preferences-mgr.truste.com//token/633/1/e9b5e344-76fb-4aa0-adc2-01fd185ed25e/

546 B
771 B

100ms
100ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/633/1/e9b5e344-76fb-4aa0-adc2-01fd185ed25e/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e399ff2d1a1b7c69334b72baafddeb0025a90631c22a4753b4add046f33ad597

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Thu, 25 Nov 2021 03:33:14 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: vAUYzsCIYA1djTwkqbnS4sxmV9brlKAUh9UbEDozOeWRNdPtWz499Q==

Redirect headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://preferences-mgr.truste.com//token/633/1/e9b5e344-76fb-4aa0-adc2-01fd185ed25e/
p3p: CP="ALL DSP COR NID"

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/258/1/a3f6adda113dadec/ Frame E0ED
Redirect Chain

https://optout.33across.com/api/?action_id=3&participant_id=258&rd=https://preferences-mgr.truste.com&nocache=0.6986973234581877
https://preferences-mgr.truste.com/token/258/1/a3f6adda113dadec/

566 B
792 B

102ms
102ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/258/1/a3f6adda113dadec/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: a88729490d645d909004158dd2832d5ecdc19d6cd04f57a74b098c4769ff5622

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 566
date: Thu, 25 Nov 2021 03:33:14 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: rUp5wNg-Vw-RRRhxFgNb0Z8PGNKCT1q2PO6DjlvTHipEbqF2-mWR5w==

Redirect headers

date: Thu, 25 Nov 2021 03:33:13 GMT
server: Apache
x-powered-by: PHP/5.4.40
expires: Tue, 01 Jan 1980 1:00:00 GMT
last-modified: Thu, 25 Nov 2021 03:33:14 GMT
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
pragma: no-cache
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://preferences-mgr.truste.com/token/258/1/a3f6adda113dadec/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20
content-type: text/html; charset=UTF-8

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/488/1/4846e59b55089f84/ Frame 0CF4
Redirect Chain

https://optout.tynt.com/api/?action_id=3&participant_id=488&rd=https://preferences-mgr.truste.com&nocache=0.6475121121320722
https://preferences-mgr.truste.com/token/488/1/4846e59b55089f84/

566 B
792 B

106ms
106ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/488/1/4846e59b55089f84/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: bc23626caae4dd3025c1a82883f4b580e3d8b6cab3f84c654cce95cf53002f2f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 566
date: Thu, 25 Nov 2021 03:33:14 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: PhqIabHP3QmLSv9depGZJE4nypqWwaYryjhlT6U56YMiYdHljTUmzA==

Redirect headers

date: Thu, 25 Nov 2021 03:33:13 GMT
server: Apache
x-powered-by: PHP/5.4.40
expires: Tue, 01 Jan 1980 1:00:00 GMT
last-modified: Thu, 25 Nov 2021 03:33:13 GMT
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
pragma: no-cache
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://preferences-mgr.truste.com/token/488/1/4846e59b55089f84/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20
content-type: text/html; charset=UTF-8

GET
H2

200

1637811193835 Show response
preferences-mgr.truste.com/token/512/1/ Frame 4E4F
Redirect Chain

https://www.demdex.net/daa/daa_opt.html?action_id=3&participant_id=512&rd=https://preferences-mgr.truste.com&nocache=0.08834838937129663
https://preferences-mgr.truste.com/token/512/1/1637811193835

560 B
785 B

102ms
102ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/512/1/1637811193835
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: f993782969cba41ff529396a8fed592db2783e0c056c0586976fa8294089118a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 560
date: Thu, 25 Nov 2021 03:33:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: JZhIXij6peeRExSEdtKgU8T1RmfKxB0m-rEob642Zmmb9OuXqzdTCg==

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v019-0da93e24d.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://preferences-mgr.truste.com/token/512/1/1637811193835
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: VdmStbGPRrU=
Content-Length: 0
Connection: keep-alive

GET
H2

200

1 Show response
preferences-mgr.truste.com/token/768/ Frame DD58
Redirect Chain

https://optout.alphonso.tv/optout_v1?action_id=3&participant_id=768&rd=https://preferences-mgr.truste.com&nocache=0.7515458405110695
https://preferences-mgr.truste.com/token/768/1

546 B
780 B

11ms
11ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/768/1
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 1b26143b592dd06b2c5f2dd1a0f15d4879ba64ba9a1eddcb7f467523f7b39e9f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Wed, 24 Nov 2021 08:36:07 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: nNZr4hDtmlND8bD4Dapcv7QMNMwEOMVhAZgqnowy7MLucIZVsMXrJQ==
age: 68227

Redirect headers

X-Powered-By: Express
Access-Control-Allow-Origin: *
Vary: Origin, Accept, Accept-Encoding
Location: https://preferences-mgr.truste.com/token/768/1
Content-Type: text/html; charset=utf-8
Content-Length: 136
Date: Thu, 25 Nov 2021 03:33:14 GMT

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/559/1-0/243369891/ Frame 98F5
Redirect Chain

https://apolloprogram.io/optout?action_id=3&participant_id=559&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.44956453420591114
https://preferences-mgr.truste.com/token/559/1-0/243369891/

556 B
781 B

116ms
116ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/559/1-0/243369891/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e35910df757863c460f6faffe46d44544502942a15ba44ea322f3ac44a1b80e8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 556
date: Thu, 25 Nov 2021 03:33:14 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: aluyekKphpC5APtlInBkZQ3eSIM-HljOUxVB89nykjPB0lS3LHA81w==

Redirect headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-type: text/html; charset=utf-8
content-length: 162
location: https://preferences-mgr.truste.com/token/559/1-0/243369891/
x-powered-by: Express
vary: Accept

GET
H2

200

1-0 Show response
preferences-mgr.truste.com/token/823/ Frame 9C9E
Redirect Chain

https://optout.audrte.com/nai?action_id=3&participant_id=823&rd=https://preferences-mgr.truste.com&nocache=0.6705308076131347
https://preferences-mgr.truste.com/token/823/1-0

550 B
785 B

10ms
10ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/823/1-0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 29816cc3512902f26770316cc67521dffa419f59ecdecd0403b2f45085d0e410

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Wed, 24 Nov 2021 08:38:44 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: XDO6DgVIa7UXLFemZLWIJkQXNy-_5JdXEEFA7YVmq4bAzCK2f5-qgQ==
age: 68070

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Date: Thu, 25 Nov 2021 03:33:14 GMT
Location: https://preferences-mgr.truste.com/token/823/1-0
P3P: policyref=/w3c/p3p.xml, CP= DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT NAV OTC STA
Server: nginx/1.18.0
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Content-Length: 0
Connection: keep-alive

GET
H2

200

0b9490d1f38e Show response
preferences-mgr.truste.com/token/781/1/ Frame F601
Redirect Chain

https://optout.prod.bidr.io/optout?action_id=3&participant_id=781&rd=https://preferences-mgr.truste.com/&nocache=0.6998410725971513
https://preferences-mgr.truste.com/token/781/1/0b9490d1f38e

558 B
792 B

7ms
7ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/781/1/0b9490d1f38e
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 689f4dd61366a881d6a75acc4c31898ef6a848977c3de9a66f4b22652a779787

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 558
date: Wed, 24 Nov 2021 07:53:56 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 5Dm95VALNzQ4pURi6KgRBcXnaTr9SxQyVitOqIPBmUphMQDcnOB3nw==
age: 70757

Redirect headers

content-type: text/plain
Date: Thu, 25 Nov 2021 03:33:13 GMT
location: https://preferences-mgr.truste.com/token/781/1/0b9490d1f38e
p3p: We do not support P3P; our privacy policy is at https://www.beeswax.com/privacy.html
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 15
Connection: keep-alive

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/ Frame 3808
Redirect Chain

https://ml314.com/daaoptout.ashx?action_id=3&participant_id=718&rd=https://preferences-mgr.truste.com&nocache=0.5973914267406821
https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/

574 B
808 B

7ms
7ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 67175599b4bdf8d3df9fa17e11d12ea2396ad2f6997a70b44e701966b930ec8f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 574
date: Wed, 24 Nov 2021 13:02:06 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: V28hzA8XJgWGTziC2FRlqJIXry_8ZOFfQsdM1vSsq6QAVx0AkxhaCA==
age: 52267

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Date: Thu, 25 Nov 2021 03:33:13 GMT
Expires: 0
Location: https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/
P3P: CP="ALL DSP COR NID"
Pragma: no-cache
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 185
Connection: keep-alive

GET
H2

200

1-0 Show response
preferences-mgr.truste.com/token/853/ Frame 4455
Redirect Chain

https://privacy.britepool.com/status?action_id=3&participant_id=853&rd=https://preferences-mgr.truste.com&nocache=0.020557663645805357
https://preferences-mgr.truste.com/token/853/1-0

550 B
782 B

41ms
10ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/853/1-0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 5806773f18317b321e2273de086de3226e179984b87254e3706adcf1514a5a42

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Wed, 24 Nov 2021 20:47:06 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: vfZq1HZs3z9fMkxvSCPcfGNL1Fg-ArQst-mKbbm56sm0JtrpS8BsAg==
age: 24367

Redirect headers

content-length: 0
location: https://preferences-mgr.truste.com/token/853/1-0
server: CloudFront
date: Thu, 25 Nov 2021 03:33:13 GMT
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: flbQ-VBupn6CC-K8Tej9cK6US1jZ7qKKTDxgn7cqEGwALFLisO2AYw==

GET
H2

200

253614 Show response
preferences-mgr.truste.com//token/392/1/ Frame 6044
Redirect Chain

https://optout.crsspxl.com/opt-out.php?action_id=3&participant_id=392&rd=https://preferences-mgr.truste.com/&nocache=0.7105913349751052
https://preferences-mgr.truste.com//token/392/1/253614

546 B
778 B

7ms
7ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/392/1/253614
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: bc1f23151d099b4b2db6c4fe9b1adf9c5e81941fc4a37c00b2dd3f038de0ce6a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Wed, 24 Nov 2021 07:32:39 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 5L-MY_mbv_M1PKkGhTiMaUaY9irImHEWo6tVvbIT-3U_m8_34iqK7g==
age: 72035

Redirect headers

Date: Thu, 25 Nov 2021 03:33:13 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
X-Powered-By: PHP/5.4.16
Location: https://preferences-mgr.truste.com//token/392/1/253614
Content-Length: 0
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/762/1-0/ Frame 1920
Redirect Chain

https://segments.company-target.com/dnt?action_id=3&participant_id=762&rd=https://preferences-mgr.truste.com&nocache=0.9928813346327054
https://preferences-mgr.truste.com/token/762/1-0/

550 B
783 B

7ms
7ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/762/1-0/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 862dc87fba8cf3233eedca7a7b8a3f4a99659743c06233a59193251e0cc63887

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Wed, 24 Nov 2021 19:03:02 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: RN_cXWGfX8IB4d5Y6RD0vte1ONWsRIdYLLJfquf2aAvSlnGTbTxf9w==
age: 30611

Redirect headers

Content-Length: 0
Connection: keep-alive
Date: Thu, 25 Nov 2021 03:33:13 GMT
trace-id: f0e28885f51b0ddd
Vary: Origin
Location: https://preferences-mgr.truste.com/token/762/1-0/
X-Cache: Miss from cloudfront
Via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: pOWFfPkePZFIRb6A7Y0D6ppSM9gB-09qf-VASuF8gLTUCSLCm2c3Dw==

GET
H2

200

0-0 Show response
preferences-mgr.truste.com/token/818/ Frame 049F
Redirect Chain

https://optout.emxdgt.com/?action_id=3&participant_id=818&rd=https://preferences-mgr.truste.com&nocache=0.8215778589199099
https://preferences-mgr.truste.com/token/818/0-0

550 B
783 B

7ms
7ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/818/0-0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 651a3f637e9b66415561faf14bb192a719fdfe3537f51235c533ad81accdb663

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Wed, 24 Nov 2021 19:52:35 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Wjy0YeSuir9r9zTMUMPJz39OVLqru3g_48FEqlCclF6trfWRIFWhYQ==
age: 27638

Redirect headers

Server: nginx/1.10.3 (Ubuntu)
Date: Thu, 25 Nov 2021 03:33:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 140
Connection: keep-alive
X-Powered-By: Express
Vary: Origin, Accept
Location: https://preferences-mgr.truste.com/token/818/0-0

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/804/2/AFT-j8gAAAAAYZ8LAbeuwfUdVK0-XPS0GQASM015t_bK/ Frame D7F2
Redirect Chain

https://googleads.g.doubleclick.net/ads/preferences/naioptout?action_id=3&participant_id=804&rd=https://preferences-mgr.truste.com&nocache=0.9016897430021813
https://adssettings.google.com/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYZ8LAbeuwfUdVK0-XPS0GQASM015t_bK&aboutads_sess=ACi0TCiC7Sh0KqWKbyNfUOJkaW1...
https://adssettings.google.de/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYZ8LAbeuwfUdVK0-XPS0GQASM015t_bK&aboutads_sess=ACi0TCiC7Sh0KqWKbyNfUOJkaW1O...
https://preferences-mgr.truste.com/token/804/2/AFT-j8gAAAAAYZ8LAbeuwfUdVK0-XPS0GQASM015t_bK/

622 B
846 B

101ms
101ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/804/2/AFT-j8gAAAAAYZ8LAbeuwfUdVK0-XPS0GQASM015t_bK/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 572c935c696b68b7c657d15677c7022588c488d4af15fe0d356a44428615af50

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 622
date: Thu, 25 Nov 2021 03:33:14 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 5w1r5wDaU0g6ElxB2wapRpbtmbbVZ4Osh90h6T08pFZiQA3fFw7RGA==

Redirect headers

content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 25 Nov 2021 03:33:13 GMT
location: https://preferences-mgr.truste.com/token/804/2/AFT-j8gAAAAAYZ8LAbeuwfUdVK0-XPS0GQASM015t_bK/
content-security-policy: script-src 'report-sample' 'nonce-yc0kr1JXRrZ1Wq4xTifNDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AdsSettingsUi/cspreport;worker-src 'self' script-src 'nonce-yc0kr1JXRrZ1Wq4xTifNDA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/AdsSettingsUi/cspreport require-trusted-types-for 'script';report-uri /_/AdsSettingsUi/cspreport
cross-origin-resource-policy: same-site
report-to: {"group":"AdsSettingsUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AdsSettingsUi/external"}]}
cross-origin-opener-policy: same-origin-allow-popups; report-to="AdsSettingsUi"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

29c20b7f96c7d51421db9667dc879d78 Show response
preferences-mgr.truste.com/token/789/1/ Frame CF65
Redirect Chain

https://pxl.iqm.com/api/v1/twb/opt_out?action_id=3&participant_id=789&rd=https://preferences-mgr.truste.com&nocache=0.9324879470229022
https://preferences-mgr.truste.com/token/789/1/29c20b7f96c7d51421db9667dc879d78

598 B
832 B

9ms
9ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/789/1/29c20b7f96c7d51421db9667dc879d78
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 5fb0ea7e01964dc13d2c981f435a2df1a29c30a01fe28c4b492529223fee7db6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 598
date: Wed, 24 Nov 2021 13:13:19 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: ysh_40YybqM1yPvyV8XaPym-KNM2VYWqEpXYvAVB_KnKZOQpq2B88Q==
age: 51595

Redirect headers

server: nginx
date: Thu, 25 Nov 2021 03:33:13 GMT
content-type: text/html
content-length: 0
p3p: CP="Read P3P privacy-policy! https://iqm.com/privacy-policy for more info."
location: https://preferences-mgr.truste.com/token/789/1/29c20b7f96c7d51421db9667dc879d78
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

wgPseVarXSJp5xk7RGyogcBmx Show response
preferences-mgr.truste.com/token/848/1/ Frame 7BE5
Redirect Chain

https://casalemedia.com/privacy/optout?action_id=3&participant_id=848&rd=https://preferences-mgr.truste.com&nocache=0.7028909602996218
https://preferences-mgr.truste.com/token/848/1/wgPseVarXSJp5xk7RGyogcBmx

584 B
809 B

109ms
109ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/848/1/wgPseVarXSJp5xk7RGyogcBmx
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ecb6ebb1700464c207c4c28b402577b9d788982af13e836953bbff4334e36242

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 584
date: Thu, 25 Nov 2021 03:33:14 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 76mqg6z1-V1s40ZUFcjsbmJHxBLZwEj9dZctPWoybD75c_CeVvLlCw==

Redirect headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-type: text/html
content-length: 0
location: https://preferences-mgr.truste.com/token/848/1/wgPseVarXSJp5xk7RGyogcBmx
p3p: NOI DSP COR DEVa TAIa OUR BUS UNI
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/321/1/17d55278aca/ Frame 5F60
Redirect Chain

https://dts.innovid.com/dnt/?action_id=3&participant_id=321&rd=https://preferences-mgr.truste.com&nocache=0.4430482593245135
https://preferences-mgr.truste.com/token/321/1/17d55278aca/

556 B
781 B

102ms
102ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/321/1/17d55278aca/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 03e6aac9f14d2f1b650df0e30be4d6924f576c9c41b8f1841283dc54645f7a48

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 556
date: Thu, 25 Nov 2021 03:33:14 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: G5yBZm-eiuAosvM76So-fstXbvwzPoaUONhzsELCEjFVHRMv_L_rVw==

Redirect headers

Date: Thu, 25 Nov 2021 03:33:14 GMT
Location: https://preferences-mgr.truste.com/token/321/1/17d55278aca/
P3P: CP='NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA'
Request-Time: 0
Content-Length: 0
Connection: keep-alive

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/641/1/bf2a3ed4-5444-4599-b0d2-bcc9f33609a4/ Frame 733A
Redirect Chain

https://partner.knorex.com/oba/api/aboutads?action_id=3&participant_id=641&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.30323297494755774
https://preferences-mgr.truste.com/token/641/1/bf2a3ed4-5444-4599-b0d2-bcc9f33609a4/

606 B
831 B

100ms
100ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/641/1/bf2a3ed4-5444-4599-b0d2-bcc9f33609a4/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4b94847ef580334d4bcaae0148436bc6e12152469c341bcee3ec1d592e53a3f0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 606
date: Thu, 25 Nov 2021 03:33:14 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 3mj27ptvib2xyZNoVTtw01hVvFdSuwvXaGwF00KtUJMYOlC183FR9g==

Redirect headers

date: Thu, 25 Nov 2021 03:33:14 GMT
location: https://preferences-mgr.truste.com/token/641/1/bf2a3ed4-5444-4599-b0d2-bcc9f33609a4/
server: nginx/1.21.3
p3p: CP="This is not a P3P policy!"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

iD73m9npAf Show response
preferences-mgr.truste.com//token/366/1-0/ Frame E39E
Redirect Chain

https://pixel.rubiconproject.com/oba/optout/?action_id=3&participant_id=366&rd=https://preferences-mgr.truste.com/&nocache=0.8326122657985939
https://preferences-mgr.truste.com//token/366/1-0/iD73m9npAf

550 B
775 B

136ms
103ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/366/1-0/iD73m9npAf
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: f140c4cd7825b747d157f267381a775239cb0e5c709f3d45fc39377bf2254043

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Thu, 25 Nov 2021 03:33:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: g3XivAoguVrRUHuqE-PoJyYrF55595TBf9njyAfhSaIWRyYxAiKDdg==

Redirect headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Location: https://preferences-mgr.truste.com//token/366/1-0/iD73m9npAf
content-length: 0

GET
H/1.1 200
OK nai.php Show response
www.mathtag.com/ Frame 07E8 284 B
786 B 312ms
97ms Document
text/html 74.121.140.207
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mathtag.com/nai.php?action_id=3&participant_id=807&rd=https://preferences-mgr.truste.com/&nocache=0.2896592405775855
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.121.140.207 Reston, United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: d4308680be7f4855f994d8eba727aa7bef52d421cbe9cd3e85ad44e404a0ed97

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

Server: nginx
Date: Thu, 25 Nov 2021 03:35:22 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 238
Connection: keep-alive
Keep-Alive: timeout=360
Referrer-Policy: no-referrer-when-downgrade
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/755/3/ Frame 0B8E
Redirect Chain

https://jadserve.postrelease.com/naioptout?action_id=3&participant_id=755&rd=https://preferences-mgr.truste.com&nocache=0.7483754309738488
https://preferences-mgr.truste.com/token/755/3/

546 B
780 B

7ms
7ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/755/3/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 244c6dae6dcb45d4f8890326398b2e39628b713f4f37f327a492b5b163083d72

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Wed, 24 Nov 2021 16:52:25 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: tHzc4UwjMmWTkZrjLRRR5_NQVRIJNC1fYAqEOKaqPm4Qne05ed6E0g==
age: 38449

Redirect headers

date: Thu, 25 Nov 2021 03:33:14 GMT
content-length: 0
location: https://preferences-mgr.truste.com/token/755/3/
server: nginx/1.12.1
expires: Mon, 1 Jan 1990 12:00:00 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/765/1/1637811193/ Frame 9B4A
Redirect Chain

https://u.openx.net/privacy/daa?action_id=3&participant_id=765&rd=https://preferences-mgr.truste.com&nocache=0.9767338110720163
https://preferences-mgr.truste.com/token/765/1/1637811193/

554 B
778 B

133ms
102ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/765/1/1637811193/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0505a08647733adf0ce3b876394b8e34e43b9a71d2aa2e5045bdcd2badad9b81

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 554
date: Thu, 25 Nov 2021 03:33:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Adytzbc86OJKHnteoNE8R-Po0G-cickOB9GyeGwgamgSTLFRgpWuvw==

Redirect headers

server: OXGW/16.220.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://preferences-mgr.truste.com/token/765/1/1637811193/
date: Thu, 25 Nov 2021 03:33:13 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

no-token Show response
preferences-mgr.truste.com/token/591/1-1/ Frame 4AD8
Redirect Chain

https://px.owneriq.net/nai/optout?action_id=3&participant_id=591&rd=https://preferences-mgr.truste.com&nocache=0.08491138375086416
https://preferences-mgr.truste.com/token/591/1-1/no-token

554 B
787 B

7ms
7ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/591/1-1/no-token
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 892af2ba7758cbe009692eb0bc3e5a3b0fa5a15925d309a0d1fca2c229934982

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 554
date: Wed, 24 Nov 2021 07:29:13 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: OEeOvV_Zymxfqn5UCyAmdTSIqW5eO8W4sqqyYdkE2epVehRtrsNhrQ==
age: 72241

Redirect headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://preferences-mgr.truste.com/token/591/1-1/no-token
Content-Length: 0
Content-Type: text/html
Expires: Thu, 25 Nov 2021 03:33:14 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:14 GMT
Connection: keep-alive

GET
H/1.1 200
OK optout.jsp Show response
apps.pubmatic.com/ Frame E9B6 788 B
1 KB 638ms
156ms Document
text/html 104.36.113.45
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.pubmatic.com/optout.jsp?action_id=3&participant_id=420&rd=https://preferences-mgr.truste.com/&nocache=0.9043320455635029
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.45 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 9821ab0c2c0ec5b01063600d74683297ce2374c280142908a947ae553b60a027

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

Date: Thu, 25 Nov 2021 03:33:14 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST
Access-Control-Allow-Headers: X-Forwarded-For, X-app123-XPTO
Content-Encoding: gzip

GET
H2

200

kRbHDBQU59Vc Show response
preferences-mgr.truste.com//token/422/1/ Frame 5AD8
Redirect Chain

https://bh.contextweb.com/bh/oba/aboutads/?action_id=3&participant_id=422&rd=https://preferences-mgr.truste.com/&nocache=0.6952672320257922
https://preferences-mgr.truste.com//token/422/1/kRbHDBQU59Vc

546 B
771 B

104ms
103ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/422/1/kRbHDBQU59Vc
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 2a63edaf9a7f51bd8a298667502a2ea6175a8f5fe6287f25242a1e526e6e2a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Thu, 25 Nov 2021 03:33:14 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: AOSs7Dn92PDtLZLZuaRnn4wefxCowgpZyubtKCek7Z1v7C85C4brXA==

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
location: https://preferences-mgr.truste.com//token/422/1/kRbHDBQU59Vc
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/806/1-0/O07112450421637811193788/ Frame 1044
Redirect Chain

https://pixel.quantserve.com/optout?action_id=3&participant_id=806&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6593257182812271
https://preferences-mgr.truste.com/token/806/1-0/O07112450421637811193788/

586 B
810 B

126ms
105ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/806/1-0/O07112450421637811193788/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 5eda4fe017d9e9c68b222e232f7ebc8bda11440c2958a7b6809ab6c06aaa2d05

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 586
date: Thu, 25 Nov 2021 03:33:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: oeaOMxKTh2dMbMEWcJRS0nWH7phCqtbVvoECS97gaH3Wl7aq026j8Q==

Redirect headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-length: 0
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://preferences-mgr.truste.com/token/806/1-0/O07112450421637811193788/
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

0 Show response
preferences-mgr.truste.com//token/497/2-0/ Frame 8F31
Redirect Chain

https://api.retargetly.com/optout?action_id=3&participant_id=497&rd=https://preferences-mgr.truste.com/&nocache=0.02255381501620901
https://api.retargetly.com/optout?action_id=3&participant_id=497&rd=https%3A%2F%2Fpreferences-mgr.truste.com%2F&nocache=0.02255381501620901&_rlid=9ba394d9-8dc8-40e3-bba6-b6a315110700
https://preferences-mgr.truste.com//token/497/2-0/0

550 B
784 B

8ms
8ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/497/2-0/0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 8891eedb325cdaa0450e0d27740ce5d80ce0e9c610555f74e7819dffbab75f3f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Wed, 24 Nov 2021 21:13:45 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 8LKogF64wO_RX92BGy_d8vmB4Vx7UZG0CWIrDLm3DDriCN4gEMTTHw==
age: 22769

Redirect headers

date: Thu, 25 Nov 2021 03:33:14 GMT
content-type: application/javascript
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control: no-cache
pragma: no-cache
expires: 0
location: https://preferences-mgr.truste.com//token/497/2-0/0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b37d07a4857374a-MXP

GET
H2

200

224195000 Show response
preferences-mgr.truste.com/token/831/1-1/ Frame 78A3
Redirect Chain

https://i.w55c.net/optout/nai?action_id=3&participant_id=831&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.9091489639580301
https://preferences-mgr.truste.com/token/831/1-1/224195000

556 B
782 B

122ms
110ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/831/1-1/224195000
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: d0f443eff9e701d9f0f173ec92cae949fdf2abe67135b057f6771474d26f1441

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 556
date: Thu, 25 Nov 2021 03:33:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: jZY38zXUiqvKegNoXCD28XlOYABHurMYmPrGP6DHpezQvp9Lzhrw2A==

Redirect headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html;charset=utf-8
Date: Thu, 25 Nov 2021 03:33:12 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://preferences-mgr.truste.com/token/831/1-1/224195000
P3P: policyref="http://w55c.net/w3c/p3p.xml", CP="DSP NOI COR"
Pragma: no-cache
Server: PixelTracking/v2.0.30-691-gbabbd08#rel-ec2-master i-09c412c5345d1bfc7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H2

200

JzOgcAbcCdfipmDb Show response
preferences-mgr.truste.com/token/604/1/ Frame E754
Redirect Chain

https://pixel.sojern.com/optout/do?action_id=3&participant_id=604&rd=https://preferences-mgr.truste.com&nocache=0.5565758212476122
https://preferences-mgr.truste.com/token/604/1/JzOgcAbcCdfipmDb

566 B
791 B

102ms
101ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/604/1/JzOgcAbcCdfipmDb
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: eb1ba2445f39f5d06781af96d5e09eb3726d49f84fe73b8447a492d6abde6806

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 566
date: Thu, 25 Nov 2021 03:33:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 1zCcJZk1Kv1UeWEz36mvu7zyfU9LzvcBN11HtMYJ5tfMCz1cLESPeg==

Redirect headers

content-type: text/html; charset=utf-8
location: https://preferences-mgr.truste.com/token/604/1/JzOgcAbcCdfipmDb
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
vary: Accept-Encoding
date: Thu, 25 Nov 2021 03:33:13 GMT
content-length: 99
via: 1.1 google
alt-svc: clear

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/862/1/ Frame 8E03
Redirect Chain

https://go.sonobi.com/optout?action_id=3&participant_id=862&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.8081172295620316
https://preferences-mgr.truste.com/token/862/1/

546 B
779 B

7ms
7ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/862/1/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 8db76846bf1112adc5bc91ee3b0f712074188fba3b352c6840a814dacb764632

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Wed, 24 Nov 2021 09:05:55 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: kINslnyzuOMcCIY7Bq8U5tilgSuw3XHO2d9-sAU6BGsxIe5g4wmarw==
age: 66438

Redirect headers

Date: Thu, 25 Nov 2021 03:33:13 GMT
Content-Type: text/plain; charset=utf8
Content-Length: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-ams-1-7-8
X-Xss-Protection: 0
Location: https://preferences-mgr.truste.com/token/862/1/
Server: sonobi-go

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/428/1/f2a39858-bf77-4da6-85fc-a2760939aa33/ Frame 76A8
Redirect Chain

https://privacy.tapad.com/daa-coop?action_id=3&participant_id=428&rd=https://preferences-mgr.truste.com&nocache=0.7274371360589675
https://preferences-mgr.truste.com/token/428/1/f2a39858-bf77-4da6-85fc-a2760939aa33/

606 B
830 B

100ms
100ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/428/1/f2a39858-bf77-4da6-85fc-a2760939aa33/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 6b58295fa8b4c97cb0cce833550ae3f8e03c5add52aa652998ba0d838fbda786

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 606
date: Thu, 25 Nov 2021 03:33:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: V8bFw3o2O64Ze5iBpQ27zndJWu9bygWUMWMeiza25X6smXItTx39xw==

Redirect headers

location: https://preferences-mgr.truste.com/token/428/1/f2a39858-bf77-4da6-85fc-a2760939aa33/
strict-transport-security: max-age=31536000
date: Thu, 25 Nov 2021 03:33:13 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET

daastatus.ashx
optout.mxptint.net/ Frame 1CD3
Redirect Chain

https://optout.mxptint.net/daaoptout.ashx?action_id=3&participant_id=540&rd=http://preferences-mgr.truste.com&nocache=0.8218843521293426
https://optout.mxptint.net/daastatus.ashx?rd=http://preferences-mgr.truste.com&participant_id=540&action_id=3

0
0

GET
H2 200 bOMWLtpwEeKORRIxOQulpA.json Show response
entitlements.jwplayer.com/ 70 B
244 B 51ms
9ms XHR
application/json 152.199.22.243
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://entitlements.jwplayer.com/bOMWLtpwEeKORRIxOQulpA.json
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/resources/video/players/prod/player-configs/vendor/jwplayer/8.22.1/jwplayer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2A1) /
Resource Hash: 58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 03:04:51 GMT
server: ECAcc (frd/E2A1)
age: 1702
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=19620
accept-ranges: bytes
content-length: 75

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 368 KB
123 KB 57ms
20ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/resources/video/players/prod/player-configs/vendor/jwplayer/8.22.1/jwplayer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125138
x-xss-protection: 0
expires: Thu, 25 Nov 2021 03:33:13 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F2675212623827525160&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811191940&de=668786883775&cu=1637811191940&m=8&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7045&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2382%3A2800%3A0%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2&cd=0&ah=2&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234256398&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=523222407&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:13 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:13 GMT

POST pixel.gif
px2.moatads.com/ Frame FF9B 0
0

POST
H/1.1 200
OK pixel.gif Show response
px2.moatads.com/ Frame FF9B 43 B
600 B 249ms
248ms XHR
image/gif 52.90.100.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://px2.moatads.com/pixel.gif?v=23&i=SINCLAIR_GAM_DISPLAY1PX2&commit=c64ebad7029-clean&t=1637811192721&id=856431009538
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/px2/client.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.90.100.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-100-71.compute-1.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://fox42kptm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:14 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.14.0
Access-Control-Allow-Methods: HEAD, GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:01 GMT

OPTIONS
H/1.1 200
OK pixel.gif
px2.moatads.com/ Frame 0
0 307ms
101ms Preflight
image/gif 52.90.100.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://px2.moatads.com/pixel.gif?v=23&i=SINCLAIR_GAM_DISPLAY1PX2&commit=c64ebad7029-clean&t=1637811192721&id=856431009538
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.90.100.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-90-100-71.compute-1.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://fox42kptm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.14.0
Date: Thu, 25 Nov 2021 03:33:14 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Methods: HEAD, GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server
Pragma: no-cache

GET
H2 200 /
fox42kptm.com/ 64 KB
64 KB 13ms
13ms Image
text/html 143.204.207.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox42kptm.com/
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-93.fra53.r.cloudfront.net
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:07 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
host-sni: fox42kptm.com
age: 7
sbgi-rendertime: Nov-25-2021 03:33:07
x-cache: Hit from cloudfront
sbgi-protocol: https
sbgi-realpath: /renderer/fox42kptm/
server: openresty
etag: bac54cb0-4d9e-11ec-a12b-0629df1e01f2
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: http://sinclairstoryline.com
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
access-control-allow-credentials: true
if-none-match: bac54cb0-4d9e-11ec-a12b-0629df1e01f2
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: OVVRVmOaquXohiS-vv1mSNqQQaIFXOCW_06RXN5kBkusQoXXvPBCxA==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 35ms
35ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=SINCLAIR_GAM_DISPLAY1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1637811191951&de=201929904594&m=0&ar=553ffc12ef5-clean&iw=321a0a7&q=11&cb=0&ym=0&cu=1637811191951&ll=2&lm=0&ln=1&em=0&en=0&d=92725138%3A2316137404%3A4685377161%3A138234302969&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&bo=84109138&bd=97476178&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&gw=sinclairgamdisplay488716798718&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2382%3A2800%3A0%3A2735&fs=195402&na=1113730233&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:14 GMT

GET
BLOB 206
Partial Content e541c300-35eb-4ae5-be16-b004ef6db456
https://fox42kptm.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fox42kptm.com/e541c300-35eb-4ae5-be16-b004ef6db456
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 3711 0
0 352ms
110ms Document
text/plain 67.202.105.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ceICvyEA8r6PfxaKlId8sQ&gdpr_consent=undefined&us_privacy=1-N-
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-105.static.steadfastdns.net
Software: 33XP003 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/

Response headers

x-33x-status: 2000208
server: 33XP003
date: Thu, 25 Nov 2021 03:33:14 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 4767 21 KB
8 KB 81ms
33ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU34Q8WJ&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=1&usp_consent=1&uspstring=1-N-&itype=PREBID

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a35b5d333de8a2202f4ce15e5511a4fbcb6154985c1c6f63b63df90626c3d3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 27 Nov 2021 03:33:14 GMT
date: Thu, 25 Nov 2021 03:33:14 GMT
content-length: 7790

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 8E74 0
0 350ms
109ms Document
text/plain 67.202.105.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cg8vSWEA8r6PfxaKlId8sQ&gdpr_consent=undefined&us_privacy=1-N-
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-105.static.steadfastdns.net
Software: 33XP001 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/

Response headers

x-33x-status: 2000208
server: 33XP001
date: Thu, 25 Nov 2021 03:33:14 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 46FE 52 KB
17 KB 32ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 24 Nov 2021 05:35:57 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 25 Nov 2021 03:33:14 GMT
Age: 79038
X-Served-By: cache-lga13628-LGA, cache-hhn4043-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1215068
X-Timer: S1637811195.925044,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 6BE8 37 B
140 B 32ms
7ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?us_privacy=1-N-&
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/

Response headers

date: Thu, 25 Nov 2021 03:33:14 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5438 281 B
554 B 32ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1-N-
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 25 Nov 2021 03:33:14 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 5A6A 0
0 348ms
111ms Document
text/plain 67.202.105.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cLSdvgEA8r6PfxaKlId8sQ&gdpr_consent=undefined&us_privacy=1-N-
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-105.static.steadfastdns.net
Software: 33XP004 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/

Response headers

x-33x-status: 2000208
server: 33XP004
date: Thu, 25 Nov 2021 03:33:14 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame C592 2 KB
1 KB 60ms
20ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_KMPH_KRNV_Sinclair_DM.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Thu, 25 Nov 2021 03:33:14 GMT
Connection: keep-alive

GET
H3 200 bridge3.489.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame A682 580 KB
190 KB 22ms
7ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194780
date: Tue, 23 Nov 2021 05:05:22 GMT
expires: Wed, 23 Nov 2022 05:05:22 GMT
last-modified: Thu, 11 Nov 2021 23:22:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 167272
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 49ms
23ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Nov 2021 03:33:14 GMT

GET
H2 204 ping.gif
prd.jwpltx.com/v1/clienta/ 0
63 B 96ms
95ms Image
text/plain 2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/clienta/ping.gif?h=-1511593019&e=ar&n=8211915175262050&abc=1&aid=bOMWLtpwEeKORRIxOQulpA&amp=0&at=1&c=1&ccp=0&cp=1&d=1&eb=0&ed=6&emi=4u82ip9s9uu4&i=0&lid=teesm3ktuf2d&lsa=set&mt=1&pbd=1&pbr=1&pgi=1b489jz1snw6&ph=0&pii=0&pl=186&plc=1&pli=thvz2r51ntdu&pp=hlsjs&prc=1&ps=4&pss=1&pt=Omaha%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20KPTM&pu=https%3A%2F%2Ffox42kptm.com%2F&pv=8.22.1&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=&tv=3.36.1&vb=1&vi=1&vl=90&wd=330&ab=1&abid=19j030e1y38z&adi=19j030e1y38z&apid=19j030e1y38z&awi=1&awc=1&p=0&pc=0&pi=0&pr=2&vu=&apt=1&rtp=%7B%7D&sa=1637811194926
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:15 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-fra19132-FRA
x-cache: MISS
x-cache-hits: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fox42kptm.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fox42kptm.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET 6a3da3273b224076930b26bf25d2aded.m3u8
content.uplynk.com/channel/ 0
0

GET
H2 204 ping.gif
prd.jwpltx.com/v1/clienta/ 0
26 B 103ms
103ms Image
text/plain 2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/clienta/ping.gif?h=-1219159896&e=ar&n=9388180560263071&abc=2&aid=bOMWLtpwEeKORRIxOQulpA&amp=0&at=1&c=1&ccp=0&cp=1&d=1&eb=0&ed=6&emi=4u82ip9s9uu4&i=0&lid=teesm3ktuf2d&lsa=set&mt=1&pbd=1&pbr=1&pgi=1b489jz1snw6&ph=0&pii=0&pl=186&plc=1&pli=mlaewhynqlvu&pp=hlsjs&prc=1&ps=4&pss=2&pt=Omaha%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20KPTM&pu=https%3A%2F%2Ffox42kptm.com%2F&pv=8.22.1&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=&tv=3.36.1&vb=1&vi=1&vl=90&wd=330&ab=1&abid=4j0kks1lvny9&adi=4j0kks1lvny9&apid=4j0kks1lvny9&awi=1&awc=1&p=0&pc=0&pi=0&pr=4&vu=&apt=1&rtp=%7B%7D&sa=1637811194948
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:15 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-fra19132-FRA
x-cache: MISS
x-cache-hits: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F15907125647384796734&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811191951&de=201929904594&cu=1637811191951&m=7&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7045&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2382%3A2800%3A0%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1&cd=0&ah=1&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234302969&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1788068169&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:14 GMT

GET
H/1.1 200
OK jquery-1.11.1.min.js Show response
ad.amgdgt.com/ads/js/ Frame 6F2C 94 KB
94 KB 200ms
200ms Script
application/javascript 3.222.114.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.amgdgt.com/ads/js/jquery-1.11.1.min.js
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.5122424896491129
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.114.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-114-14.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.5122424896491129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 03:33:14 GMT
Last-Modified: Wed, 30 Jan 2019 10:48:44 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 95786
Content-Type: application/javascript

GET
H/1.1 200
OK jquery.cookie.js Show response
ad.amgdgt.com/ads/js/ Frame 6F2C 3 KB
3 KB 300ms
102ms Script
application/javascript 3.222.114.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.amgdgt.com/ads/js/jquery.cookie.js
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.5122424896491129
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.114.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-114-14.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 5dcc1f650548dab92380f10aee2a8c4c878ece063b5d4201c1205b3a343f9a8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.5122424896491129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 03:33:14 GMT
Last-Modified: Wed, 30 Jan 2019 10:48:44 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 3128
Content-Type: application/javascript

GET
H/1.1 200
OK optout.js Show response
ad.amgdgt.com/ads/js/ Frame 6F2C 22 KB
22 KB 403ms
199ms Script
application/javascript 3.222.114.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.amgdgt.com/ads/js/optout.js
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.5122424896491129
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.114.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-114-14.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 13f5ddb50d8506f227f9ed4039d935ccbea8390f52b946c11de4f73a7dabbcc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.5122424896491129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 03:33:14 GMT
Last-Modified: Wed, 30 Jan 2019 10:48:44 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 22414
Content-Type: application/javascript

GET
H2 200 optout.js Show response
cdn.pubmatic.com/mgmt/javascripts/ Frame E9B6 9 KB
4 KB 93ms
25ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pubmatic.com/mgmt/javascripts/optout.js

Requested by

Host: apps.pubmatic.com
URL: https://apps.pubmatic.com/optout.jsp?action_id=3&participant_id=420&rd=https://preferences-mgr.truste.com/&nocache=0.9043320455635029

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-180.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

55b6f92da77357e33d80dc8799f4819168ebb769fe84e5d62580226e70179e0c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.pubmatic.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://apps.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.pubmatic.com
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 06:33:21 GMT
server: Apache
etag: "7e0375-257c-5d0e21a0a6522"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=172800
date: Thu, 25 Nov 2021 03:33:15 GMT
accept-ranges: bytes
content-type: text/javascript
content-length: 3858
expires: Thu, 25 Nov 2021 21:22:38 GMT

GET
H/1.1 200
OK daa.js Show response
s1.cnnx.io/s2static/us/sz/7a7c4cf1/br2/js/ Frame 290E 269 KB
73 KB 80ms
9ms Script
application/x-javascript 13.32.19.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.cnnx.io/s2static/us/sz/7a7c4cf1/br2/js/daa.js
Requested by: Host: www.shopzilla.com
URL: https://www.shopzilla.com/ad_retarget_global_opt_out?isExternalOptOut=true&rd=https://preferences-mgr.truste.com&action_id=3&participant_id=611&token=920231623462061194
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-104.fra56.r.cloudfront.net
Software: nginx/1.16.0 /
Resource Hash: efe869dead55b972b6b62b5914777f1c7c313f32afd4753bfce30ad4b2a85a8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shopzilla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 20:50:26 GMT
Via: 1.1 varnish, 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
Age: 1060973
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 20:17:50 GMT
Server: nginx/1.16.0
ETag: W/"a4ea758f7a7505dc-432b1-611581ee"
Vary: Accept-Encoding
X-Varnish: 415110075 415110057
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: FRA56-C2
Content-Type: application/x-javascript
X-Amz-Cf-Id: Sjp2TQHNiGXlpUBHpRxKfMwCghZS_frNOFxqbecLrG8ewGt5ntVQcA==

GET
H2

200

/ Show response
preferences-mgr.truste.com//token/807/1-1/l6s8ndc36ht0pbe7q2q9n0jal6/ Frame 07E8
Redirect Chain

https://pixel.mathtag.com/event/img?mt_id=888&mt_nsync&mm_bnc&redir=https%3A%2F%2Fpreferences-mgr.truste.com%2F%2Ftoken%2F807%2F%5BNAI_OPTOUT%5D-1%2Fl6s8ndc36ht0pbe7q2q9n0jal6%2F
https://preferences-mgr.truste.com//token/807/1-1/l6s8ndc36ht0pbe7q2q9n0jal6/

550 B
775 B

101ms
101ms

Document
text/html

13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/807/1-1/l6s8ndc36ht0pbe7q2q9n0jal6/
Requested by: Host: www.mathtag.com
URL: https://www.mathtag.com/nai.php?action_id=3&participant_id=807&rd=https://preferences-mgr.truste.com/&nocache=0.2896592405775855
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 8edf4afffb3c82dacbc2d3b56f77e65a90087b26da334c29665eb02cc1f55351

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mathtag.com/nai.php?action_id=3&participant_id=807&rd=https://preferences-mgr.truste.com/&nocache=0.2896592405775855

Response headers

content-length: 550
date: Thu, 25 Nov 2021 03:33:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: lt_0qe2AoLqFBDOBX8Dvhe7LzCNV8TMql9iZmaQmGp-UbVKEncsUGQ==

Redirect headers

Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 4133 baa842e master zrh-pixel-x4 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://preferences-mgr.truste.com//token/807/1-1/l6s8ndc36ht0pbe7q2q9n0jal6/
Expires: Thu, 25 Nov 2021 03:33:14 GMT
Date: Thu, 25 Nov 2021 03:33:15 GMT
Connection: keep-alive

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A564 37 KB
13 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:22:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 25 Nov 2021 04:22:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=SINCLAIR_GAM_DISPLAY1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1637811191961&de=402041507027&m=0&ar=553ffc12ef5-clean&iw=321a0a7&q=14&cb=0&ym=0&cu=1637811191961&ll=2&lm=0&ln=1&em=0&en=0&d=92725138%3A2316137404%3A4685377161%3A138234303071&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&bo=84109138&bd=97476178&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&gw=sinclairgamdisplay488716798718&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2382%3A2800%3A0%3A2735&fs=195402&na=143600023&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5438 32 KB
10 KB 9ms
9ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1-N-
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4e87b0833dbc4021d64216db82295cda42836ba949bbd077c29e6317a65faddf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1-N-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 03:33:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=31539
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9513
Expires: Thu, 25 Nov 2021 12:18:54 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 46FE
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
803 B

14ms
13ms

Script
text/html

185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:15 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: aac94cc6-ad0d-4043-b675-818d2cd79d45
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:15 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ce5bcba3-0eac-4b9b-8524-d17ccddab72c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame FBAA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://fox42kptm.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://fox42kptm.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

27ms
27ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://fox42kptm.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e7696e2c23be7eb24312157f0915bff3cbb22ad7522c23f2d48b7c083f2f4c3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|45|241|39|152|47|188|73
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1625
Expires: Thu, 25 Nov 2021 03:33:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:15 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 336
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://fox42kptm.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 25 Nov 2021 03:33:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:15 GMT
Connection: keep-alive

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F3223866404663009991&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811191961&de=402041507027&cu=1637811191961&m=6&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7045&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2382%3A2800%3A0%3A2735&as=0&ag=1&an=0&gf=1&gg=0&ix=1&ic=1&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=1&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2&cd=0&ah=2&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234303071&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=953877328&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H2 200 / Show response
preferences-mgr.truste.com//token/420/1/5lgZNsRPmYlMZd8b0KVIQmnjTLfbQd9tr7yx/ Frame E9B6 546 B
770 B 101ms
101ms Document
text/html 13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/420/1/5lgZNsRPmYlMZd8b0KVIQmnjTLfbQd9tr7yx/
Requested by: Host: cdn.pubmatic.com
URL: https://cdn.pubmatic.com/mgmt/javascripts/optout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 76ae13d2e5266dc043603e2a81b889759d5b48e61913abf6ec6a118cc3d55e78

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://apps.pubmatic.com/

Response headers

content-length: 546
date: Thu, 25 Nov 2021 03:33:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: MoFLkknApy7rht1n96G6m8eu8bKa9J10EO59sbNUCB7VW70ibRppdQ==

GET
H/1.1 200
OK cse Show response
connexity.net/c/ Frame B0E4 15 KB
5 KB 672ms
165ms Document
text/html 64.19.224.207
SHOPZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://connexity.net/c/cse?a=O&O=10&xdm_e=https%3A%2F%2Fwww.shopzilla.com&xdm_c=default2492&xdm_p=1
Requested by: Host: s1.cnnx.io
URL: https://s1.cnnx.io/s2static/us/sz/7a7c4cf1/br2/js/daa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.19.224.207 , United States, ASN14332 (SHOPZILLA, US),
Reverse DNS
Software: nginx /
Resource Hash: 211cdb17e82d28b69ab2dd8b56d500e8a080a182e87baad4b3c02a3cc8d282b6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.shopzilla.com/

Response headers

Server: nginx
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 25 Nov 2021 03:33:15 GMT
Cache-Control: no-store, max-age=-1, post-check=0, pre-check=0
Pragma: no-cache
Expires: -1
P3P: policyref="/w3c/p3p.xml", CP="CAO PSA OUR CURa DEVa PSDo PSAo BUS COR UNI COM",an.pp="http://www.connexity.com/privacy",an.oo="http://www.connexity.com/privacy",an.bt="N"
Content-Encoding: gzip

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=SINCLAIR_GAM_DISPLAY1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1637811192478&de=560037353719&m=0&ar=553ffc12ef5-clean&iw=321a0a7&q=17&cb=0&ym=0&cu=1637811192478&ll=2&lm=0&ln=1&em=0&en=0&d=92725138%3A2316137404%3A4685377161%3A138234303023&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&bo=84109138&bd=97476178&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&gw=sinclairgamdisplay488716798718&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2382%3A2800%3A0%3A2735&fs=195402&na=233777424&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 25ms
25ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F4047310643164758190&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811192478&de=560037353719&cu=1637811192478&m=9&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7045&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2382%3A2800%3A0%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234303023&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=166718485&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5438
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1-N-
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dFRUhUUlQtVC1KNE9W&us_privacy=1-N-

170 B
188 B

39ms
19ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dFRUhUUlQtVC1KNE9W&us_privacy=1-N-

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dFRUhUUlQtVC1KNE9W&us_privacy=1-N-
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5438
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1-N-
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9cd8619f-03fb-4e00-81fa-957d5a44e524

0
239 B

9ms
8ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9cd8619f-03fb-4e00-81fa-957d5a44e524
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

Date: Thu, 25 Nov 2021 03:33:15 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x6 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9cd8619f-03fb-4e00-81fa-957d5a44e524
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 25 Nov 2021 03:33:14 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5438
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1-N-
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1-N-&_test=YZ8D_wAHE09y_QAz
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZ8D_wAHE09y_QAz&us_privacy=1-N-&_test=YZ8D_wAHE09y_QAz

0
239 B

7ms
7ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZ8D_wAHE09y_QAz&us_privacy=1-N-&_test=YZ8D_wAHE09y_QAz
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637811195.324356,VS0,VE0
x-served-by: cache-hhn4021-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZ8D_wAHE09y_QAz&us_privacy=1-N-&_test=YZ8D_wAHE09y_QAz
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5438
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1-N-
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDPi08YhtLqlcNGs4ZEGBEc&google_cver=1

0
239 B

10ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDPi08YhtLqlcNGs4ZEGBEc&google_cver=1
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDPi08YhtLqlcNGs4ZEGBEc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5438
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1-N-
https://pr-bh.ybp.yahoo.com/sync/rubicon/JwStnPf0wL9fBmFIOPxlww?csrc=&us_privacy=1-N-
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3649394813404517257

0
239 B

7ms
7ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3649394813404517257
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

date: Thu, 25 Nov 2021 03:33:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3649394813404517257
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 5438
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&us_privacy=1-N-
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWEEHTRT-T-J4OV&sigv=1&esig=2~331211c2884c266035c1ef66fbaccb918cfd4cbf&us_privacy=1-N-

0
444 B

32ms
8ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWEEHTRT-T-J4OV&sigv=1&esig=2~331211c2884c266035c1ef66fbaccb918cfd4cbf&us_privacy=1-N-

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:15 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWEEHTRT-T-J4OV&sigv=1&esig=2~331211c2884c266035c1ef66fbaccb918cfd4cbf&us_privacy=1-N-
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 5438 70 B
265 B 106ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1-N-
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame FBAA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YZ8D-8_Jpk_tcvw38U6rIAAABLcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEP26hlEocvNytQNp8bJLyoQ&google_cver=1

43 B
315 B

22ms
22ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEP26hlEocvNytQNp8bJLyoQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://fox42kptm.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 25 Nov 2021 03:33:15 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEP26hlEocvNytQNp8bJLyoQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FBAA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YZ8D.8-Jpk-tcvw38U6rIAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFLaKs1s28Va8Jd2fnRz4XU&google_cver=1&gdpr=1&google_hm=2

43 B
1001 B

25ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFLaKs1s28Va8Jd2fnRz4XU&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://fox42kptm.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 25 Nov 2021 03:33:15 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFLaKs1s28Va8Jd2fnRz4XU&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame FBAA
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZ8D-8_Jpk_tcvw38U6rIAAABLcAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZ8D-8_Jpk_tcvw38U6rIAAABLcAAAIB&dcc=t

43 B
645 B

105ms
105ms

Image
image/gif

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZ8D-8_Jpk_tcvw38U6rIAAABLcAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://fox42kptm.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:15 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: JZSC120QAFFXF0XK9P4Y
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:15 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: JE578V0333X188BYXA13
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZ8D-8_Jpk_tcvw38U6rIAAABLcAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame FBAA 70 B
264 B 102ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://fox42kptm.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FBAA
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=3be22bf8-bbf3-4ae6-be2b-6d72dde20b30

43 B
1 KB

24ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=3be22bf8-bbf3-4ae6-be2b-6d72dde20b30
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://fox42kptm.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 25 Nov 2021 03:33:15 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:15 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=3be22bf8-bbf3-4ae6-be2b-6d72dde20b30
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FBAA
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=a3eovCwz1MQ5vB5&gdpr=1

43 B
989 B

64ms
29ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=a3eovCwz1MQ5vB5&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://fox42kptm.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 25 Nov 2021 03:33:15 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:14 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-00eeed23208b59ecc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=a3eovCwz1MQ5vB5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame FBAA 0
88 B 410ms
98ms Image
text/plain 52.202.47.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://fox42kptm.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.47.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-47-217.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2 200 YZ8D-8_Jpk_tcvw38U6rIAAABLcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FBAA 43 B
873 B 113ms
36ms Image
image/gif 2a05:d018:d29:3605:6798:75ff:a274:9693
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YZ8D-8_Jpk_tcvw38U6rIAAABLcAAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://fox42kptm.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:6798:75ff:a274:9693 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame FBAA 43 B
424 B 25ms
23ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YZ8D.8-Jpk-tcvw38U6rIAAA%261207
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://fox42kptm.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 03:33:15 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=908
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 25 Nov 2021 03:48:23 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 5438 0
0 30ms
21ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?us_privacy=1-N-
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 bridge3.489.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame A682 580 KB
190 KB 7ms
6ms XHR
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 05:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167273
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194780
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 23:22:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/html
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 05:05:22 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 22ms
22ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=SINCLAIR_GAM_DISPLAY1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1637811192490&de=924697591560&m=0&ar=553ffc12ef5-clean&iw=321a0a7&q=20&cb=0&ym=0&cu=1637811192490&ll=2&lm=0&ln=1&em=0&en=0&d=92725138%3A2316137404%3A4685377161%3A138234256608&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&bo=84109138&bd=97476178&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&gw=sinclairgamdisplay488716798718&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2382%3A2800%3A0%3A2735&fs=195402&na=1969888932&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H2 204 ping.gif
prd.jwpltx.com/v1/clienta/ 0
26 B 95ms
95ms Image
text/plain 2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/clienta/ping.gif?h=1405320554&e=ae&n=7803997143726760&abc=2&aid=bOMWLtpwEeKORRIxOQulpA&amp=0&at=1&c=1&ccp=0&cp=1&d=1&eb=0&ed=6&emi=4u82ip9s9uu4&i=0&lid=teesm3ktuf2d&lsa=set&mt=1&pbd=1&pbr=1&pgi=1b489jz1snw6&ph=0&pii=0&pl=186&plc=1&pli=mlaewhynqlvu&pp=hlsjs&prc=1&ps=4&pss=2&pt=Omaha%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20KPTM&pu=https%3A%2F%2Ffox42kptm.com%2F&pv=8.22.1&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=&tv=3.36.1&vb=1&vi=1&vl=90&wd=330&ab=1&abid=4j0kks1lvny9&adi=4j0kks1lvny9&apid=4j0kks1lvny9&awi=1&awc=1&p=0&pc=0&pi=0&pr=4&vu=&aec=21010&apt=1&ec=900&sa=1637811195231
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:15 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-fra19132-FRA
x-cache: MISS
x-cache-hits: 0

GET
H2 200 6a3da3273b224076930b26bf25d2aded.m3u8 Show response
content.uplynk.com/channel/ 2 KB
876 B 27ms
27ms XHR
application/vnd.apple.mpegurl 18.194.235.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.uplynk.com/channel/6a3da3273b224076930b26bf25d2aded.m3u8?

Requested by

Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.235.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-235-83.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0bca5ace3fc4e312c7109a2798dd4ff2f022cd8d55b80645076eeed1dcc33167

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:15 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: c7965532d3114f54becfcec0e909bd4a
content-length: 559
x-content-type-options: nosniff

GET
H3 200 bridge3.489.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame A682 580 KB
190 KB 8ms
7ms XHR
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 05:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167273
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194780
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 23:22:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/html
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 05:05:22 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F6403702872632055968&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811192490&de=924697591560&cu=1637811192490&m=11&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7045&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2382%3A2800%3A0%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2&cd=0&ah=2&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234256608&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=411490888&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H2 200 c.m3u8 Show response
content-aeuf1.uplynk.com/channel/6a3da3273b224076930b26bf25d2aded/ 6 KB
933 B 505ms
487ms XHR
application/vnd.apple.mpegurl 18.194.235.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content-aeuf1.uplynk.com/channel/6a3da3273b224076930b26bf25d2aded/c.m3u8?pbs=faf90dee9a944205a17a0a18886acf42

Requested by

Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.235.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-235-83.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

63d48b8c541202a228579bc8b570bd9f85c9a58e1e3088c85a6e72b7ca2e602c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:15 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: 5a468a3eb6004f95893aa6b574f4c88d
content-length: 616
x-content-type-options: nosniff

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=SINCLAIR_GAM_DISPLAY1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1637811192504&de=896223166012&m=0&ar=553ffc12ef5-clean&iw=321a0a7&q=23&cb=0&ym=0&cu=1637811192504&ll=2&lm=0&ln=1&em=0&en=0&d=92725138%3A2316137404%3A4685377161%3A138234303008&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&bo=84109138&bd=97476178&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&gw=sinclairgamdisplay488716798718&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2382%3A2800%3A0%3A2735&fs=195402&na=1703254881&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F4273576272102842184&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811192504&de=896223166012&cu=1637811192504&m=23&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7045&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2382%3A2800%3A0%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=12&cd=0&ah=12&am=0&xd=10&rf=0&re=0&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234303008&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=923849191&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=SINCLAIR_GAM_DISPLAY1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1637811192530&de=275569135927&m=0&ar=553ffc12ef5-clean&iw=321a0a7&q=27&cb=0&ym=0&cu=1637811192530&ll=2&lm=0&ln=1&em=0&en=0&d=92725138%3A2316137404%3A4685377161%3A138234303014&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&bo=84109138&bd=97476178&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&gw=sinclairgamdisplay488716798718&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2382%3A2800%3A0%3A2735&fs=195402&na=856297527&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F10643163527454411975&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811192530&de=275569135927&cu=1637811192530&m=8&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7045&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2382%3A2800%3A0%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2&cd=0&ah=2&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234303014&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1172118438&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=SINCLAIR_GAM_DISPLAY1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1637811192546&de=119951772182&m=0&ar=553ffc12ef5-clean&iw=321a0a7&q=30&cb=0&ym=0&cu=1637811192546&ll=2&lm=0&ln=1&em=0&en=0&d=92725138%3A2316137404%3A4685114612%3A138234302420&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&bo=84109138&bd=97476178&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&gw=sinclairgamdisplay488716798718&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2382%3A2800%3A0%3A2735&fs=195402&na=2117770169&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H2

200

transparent.gif
cdn.amgdgt.com/base/pixels/ Frame 6F2C
Redirect Chain

https://ad.amgdgt.com/ads/opt-out?op=check&src=MST&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D376952129585152%26pf%3Damg%26st%3D
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=376952129585152&pf=amg&st=nt
https://cdn.amgdgt.com/base/pixels/transparent.gif

43 B
400 B

7ms
7ms

Image
image/gif

2600:9000:2057:5600:10:8317:ee40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.amgdgt.com/base/pixels/transparent.gif
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.5122424896491129
Protocol: H2
Server: 2600:9000:2057:5600:10:8317:ee40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.amgdgt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 09:15:46 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
last-modified: Wed, 29 Apr 2015 18:15:05 GMT
server: Apache
age: 1621057
etag: "2b-514e0f55a9e7d"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 43
x-amz-cf-id: teVnPsGjDnxmJuIMm4fKEK1eyYkuLneRHvzNXZbnINkZ9Sf2wUIccg==
expires: Mon, 06 Dec 2021 09:15:38 GMT

Redirect headers

Date: Thu, 25 Nov 2021 03:33:14 GMT
Server: Apache-Coyote/1.1
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://cdn.amgdgt.com/base/pixels/transparent.gif
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

transparent.gif
cdn.amgdgt.com/base/pixels/ Frame 6F2C
Redirect Chain

https://r.turn.com/r/optout?src=amobee&type=status&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D3142738483718651904%26pf%3Dturn%26st%3D
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=3142738483718651904&pf=turn&st=t
https://cdn.amgdgt.com/base/pixels/transparent.gif

43 B
399 B

63ms
7ms

Image
image/gif

2600:9000:2057:5600:10:8317:ee40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.amgdgt.com/base/pixels/transparent.gif
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.5122424896491129
Protocol: H2
Server: 2600:9000:2057:5600:10:8317:ee40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.amgdgt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 09:15:46 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
last-modified: Wed, 29 Apr 2015 18:15:05 GMT
server: Apache
age: 1621057
etag: "2b-514e0f55a9e7d"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 43
x-amz-cf-id: 1R3g_wF6XZYVrsL6SCBUy6U5pN304i-6dXpO-syaNSZCFYt--pBpcA==
expires: Mon, 06 Dec 2021 09:15:38 GMT

Redirect headers

Date: Thu, 25 Nov 2021 03:33:14 GMT
Server: Apache-Coyote/1.1
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://cdn.amgdgt.com/base/pixels/transparent.gif
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

transparent.gif
cdn.amgdgt.com/base/pixels/ Frame 6F2C
Redirect Chain

https://ingest.tidaltv.com/opt-out?op=givethestatus&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D3033294008%26pf%3Dvid%26st%3D
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=3033294008&pf=vid&st=nt
https://cdn.amgdgt.com/base/pixels/transparent.gif

43 B
399 B

7ms
7ms

Image
image/gif

2600:9000:2057:5600:10:8317:ee40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.amgdgt.com/base/pixels/transparent.gif
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.5122424896491129
Protocol: H2
Server: 2600:9000:2057:5600:10:8317:ee40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.amgdgt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 09:15:46 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
last-modified: Wed, 29 Apr 2015 18:15:05 GMT
server: Apache
age: 1621057
etag: "2b-514e0f55a9e7d"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 43
x-amz-cf-id: Mhat0KLFC-lWHCVD2rWlOmbN_fjCInTcRR7qtAWXgYWQvSi2FDiRjQ==
expires: Mon, 06 Dec 2021 09:15:38 GMT

Redirect headers

Date: Thu, 25 Nov 2021 03:33:15 GMT
Server: Apache-Coyote/1.1
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://cdn.amgdgt.com/base/pixels/transparent.gif
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F10946030100290503645&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811192546&de=119951772182&cu=1637811192546&m=6&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7045&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2382%3A2800%3A0%3A2735&as=0&ag=1&an=0&gf=1&gg=0&ix=1&ic=1&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=1&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2&cd=0&ah=2&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685114612%3A138234302420&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=2697391&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811192546&de=119951772182&cu=1637811192546&m=1014&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7045&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2382%3A2800%3A0%3A2735&as=1&ag=1009&an=1&gi=1&gf=1009&gg=1&ix=1009&ic=1009&ez=1&ck=1009&kw=2&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1009&bx=1&ci=1009&jz=2&dj=1&aa=0&ad=504&cn=0&gk=504&gl=0&ik=504&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2&cd=2&ah=2&am=2&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685114612%3A138234302420&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=524534773&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 22ms
21ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811192546&de=119951772182&cu=1637811192546&m=1015&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7045&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2382%3A2800%3A0%3A2735&as=1&ag=1009&an=1009&gi=1&gf=1009&gg=1009&ix=1009&ic=1009&ez=1&ck=1009&kw=2&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1009&bx=1009&ci=1009&jz=2&dj=1&aa=0&ad=504&cn=504&gk=504&gl=504&ik=504&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2&cd=2&ah=2&am=2&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685114612%3A138234302420&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1050825663&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811192546&de=119951772182&cu=1637811192546&m=1015&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7045&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2382%3A2800%3A0%3A2735&as=1&ag=1009&an=1009&gi=1&gf=1009&gg=1009&ix=1009&ic=1009&ez=1&ck=1009&kw=2&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1009&bx=1009&ci=1009&jz=2&dj=1&aa=0&ad=504&cn=504&gk=504&gl=504&ik=504&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2&cd=2&ah=2&am=2&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685114612%3A138234302420&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1345235264&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811191961&de=402041507027&cu=1637811191961&m=1602&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7045&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2382%3A2800%3A0%3A2735&as=1&ag=1599&an=1&gi=1&gf=1599&gg=1&ix=1599&ic=1599&ez=1&ck=1599&kw=650&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1599&bx=1&ci=1599&jz=650&dj=1&aa=1&ad=1274&cn=0&gn=1&gk=1274&gl=0&ik=1274&co=1274&cp=650&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=650&cd=2&ah=650&am=2&xd=00&rf=0&re=1&ft=1274&fv=0&fw=1274&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234303071&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1893530132&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811191961&de=402041507027&cu=1637811191961&m=1603&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7045&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2382%3A2800%3A0%3A2735&as=1&ag=1599&an=1599&gi=1&gf=1599&gg=1599&ix=1599&ic=1599&ez=1&ck=1599&kw=650&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1599&bx=1599&ci=1599&jz=650&dj=1&aa=1&ad=1274&cn=1274&gn=1&gk=1274&gl=1274&ik=1274&co=1274&cp=650&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=650&cd=650&ah=650&am=650&xd=00&rf=0&re=1&ft=1274&fv=1274&fw=1274&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234303071&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1102119292&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 23ms
23ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811191961&de=402041507027&cu=1637811191961&m=1604&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7045&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2382%3A2800%3A0%3A2735&as=1&ag=1599&an=1599&gi=1&gf=1599&gg=1599&ix=1599&ic=1599&ez=1&ck=1599&kw=650&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1599&bx=1599&ci=1599&jz=650&dj=1&aa=1&ad=1274&cn=1274&gn=1&gk=1274&gl=1274&ik=1274&co=1274&cp=650&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=650&cd=650&ah=650&am=650&xd=00&rf=0&re=1&ft=1274&fv=1274&fw=1274&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234303071&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=177201954&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811192546&de=119951772182&cu=1637811192546&m=2305&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2382%3A2800%3A0%3A2735&as=1&ag=2301&an=1009&gi=1&gf=2301&gg=1009&ix=2301&ic=2301&ez=1&ck=1009&kw=2&aj=1&pg=100&pf=100&ib=0&cc=1&bw=2301&bx=1009&ci=1009&jz=2&dj=1&aa=1&ad=1796&cn=504&gn=1&gk=1796&gl=504&ik=1796&co=1796&cp=1256&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1256&cd=2&ah=1256&am=2&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685114612%3A138234302420&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=858066861&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H2 200 / Show response
preferences-mgr.truste.com/token/636/2/64821292050951022196/ Frame 6F2C 574 B
799 B 102ms
102ms Document
text/html 13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/636/2/64821292050951022196/
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/js/optout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9f465f41355e2106acda789a477c5cd4fd0f6d41c7f9c5376a4685421562ca77

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.amgdgt.com/

Response headers

content-length: 574
date: Thu, 25 Nov 2021 03:33:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 7OTQoWGLLR8sOFtE8SCmDXKtp9pT24IrbPit8AipfP8Y0RWwlsDWMg==

GET
H2 200 pixel.gif
px.moatads.com/ Frame B5A7 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-lVeP6LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-93xD4bI%2F0rYACQ%3D%3D&sc=1&os=1-Bg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=85&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=75&w=75&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=1&f=1&j=https%3A%2F%2Ffox42kptm.com&lp=https%3A%2F%2Ffox42kptm.com&t=1637811190283&de=993355233502&cu=1637811190283&m=5397&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=91&le=1&gm=1&io=1&fa=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A738%3A738%3A1276%3A934&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5187&cd=1259&ah=5187&am=1259&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685417928%3A138234381034&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1498174177&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H2 200 check2 Show response
content-aeuf1.uplynk.com/ 16 B
311 B 10ms
9ms XHR
application/octet-stream 18.194.235.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content-aeuf1.uplynk.com/check2?b=792a2be4bc034351b29a4c742344b289&v=6a3da3273b224076930b26bf25d2aded&r=c&c=6a3da3273b224076930b26bf25d2aded&pbs=faf90dee9a944205a17a0a18886acf42

Requested by

Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.235.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-235-83.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4e76dacf990c789cadb70b02b24b4bec7adb8bb9c8dbfcf946642a0be4cead79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:15 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: c7965532d3114f54becfcec0e909bd4a
content-length: 16
x-content-type-options: nosniff

GET
H/1.1 200
OK easyXDM.min.js Show response
t.e1e.io/ Frame B0E4 20 KB
8 KB 676ms
166ms Script
application/x-javascript 64.19.224.205
SHOPZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://t.e1e.io/easyXDM.min.js
Requested by: Host: connexity.net
URL: https://connexity.net/c/cse?a=O&O=10&xdm_e=https%3A%2F%2Fwww.shopzilla.com&xdm_c=default2492&xdm_p=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.19.224.205 , United States, ASN14332 (SHOPZILLA, US),
Reverse DNS
Software: nginx /
Resource Hash: fd15cf2495ff729dc0a57746488d7216668b18988e602a79bd14c4bef2bb2548

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connexity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 03:33:16 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"56f5c0bb-50bb"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 26 Nov 2021 03:33:16 GMT

GET
H2 200 C0000018A.ts Show response
x-default-stgec.uplynk.com/ause/slices/792/34d28c6069b34f1d96307c80809697d7/792a2be4bc034351b29a4c742344b289/ 115 KB
116 KB 450ms
376ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/ause/slices/792/34d28c6069b34f1d96307c80809697d7/792a2be4bc034351b29a4c742344b289/C0000018A.ts?pbs=faf90dee9a944205a17a0a18886acf42&_jt=l&chid=6a3da3273b224076930b26bf25d2aded&cloud=aws&si=0&d=4.096
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E9E) /
Resource Hash: 26515c2abea63566f8f39d4e97c120564221f096e0054a1bac381c33bbd95053

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:16 GMT
etag: "8358a055ed1d08ecda413b8c00a13a8e"
last-modified: Thu, 25 Nov 2021 03:32:32 GMT
server: ECAcc (frc/8E9E)
age: 18
x-amz-server-side-encryption: AES256
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
x-amz-request-id: 6QVE5PTERFFFRJYZ
accept-ranges: bytes
content-length: 117888
x-amz-id-2: 5cjTyufh1LiNZAFLs/4dJ38WbSaNOM6DKH0xh13mgvFrMRiieNuh9mmXhyi/soKl5MWRjFAQXtk=
x-ec-put2cache: 1
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 46FE 0
731 B 36ms
35ms Script
text/html 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:16 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f382cba6-10cb-4c3c-8c89-dae82e47d872
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
BLOB 200
OK 35cc895e-497b-4354-83a4-68b9d31369e9
https://fox42kptm.com/ 88 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fox42kptm.com/35cc895e-497b-4354-83a4-68b9d31369e9
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db58fbac8304f2548011eeb67657a22780cbc8e81150dc6d9a63b74e303e8f38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 90231
Content-Type: text/javascript

GET
H2 200 d.m3u8 Show response
content-aeuf1.uplynk.com/channel/6a3da3273b224076930b26bf25d2aded/ 6 KB
933 B 105ms
105ms XHR
application/vnd.apple.mpegurl 18.194.235.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content-aeuf1.uplynk.com/channel/6a3da3273b224076930b26bf25d2aded/d.m3u8?pbs=faf90dee9a944205a17a0a18886acf42

Requested by

Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.235.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-235-83.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

09003dc442e4f1de14938689b269a7f0a6249375bdc4ee7ab3640b36e540ea93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:16 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: c7965532d3114f54becfcec0e909bd4a
content-length: 616
x-content-type-options: nosniff

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
49 B 97ms
97ms Image
text/plain 2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1227791326&e=s&n=9676989211185913&abc=2&aid=bOMWLtpwEeKORRIxOQulpA&amp=0&at=1&c=1&ccp=0&cp=1&d=1&eb=0&ed=6&emi=4u82ip9s9uu4&i=0&lid=teesm3ktuf2d&lsa=set&mt=1&pbd=1&pbr=1&pgi=1b489jz1snw6&ph=0&pii=0&pl=186&plc=1&pli=mlaewhynqlvu&pp=hlsjs&ppm=LIVE&prc=1&ps=4&pss=2&pt=Omaha%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20KPTM&pu=https%3A%2F%2Ffox42kptm.com%2F&pv=8.22.1&pyc=1&s=0&sdk=0&stc=1&stpe=0&t=&tv=3.36.1&vb=1&vi=1&vl=90&wd=330&abm=1&bwe=500&cae=0&cct=0&cst=8.192&cdid=homePage-Live-Player&drm=0&ff=1170&fsm=0&l=0&mk=hls&mu=https%3A%2F%2Fcontent.uplynk.com%2Fchannel%2F6a3da3273b224076930b26bf25d2aded.m3u8%3F&pcp=11&pd=1&pdr=&plng=en-US&pni=0&pr=4&q=0&qcr=initial%20choice&sbr=232&sp=0&strt=1460&tb=12.3&tt=0&vd=0&vh=144&vs=5&vw=256&sa=1637811196407
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:16 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-fra19132-FRA
x-cache: MISS
x-cache-hits: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=240324544&t=event&_s=2&dl=https%3A%2F%2Ffox42kptm.com%2F&ul=en-us&de=UTF-8&dt=Omaha%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20KPTM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=LivePlayer&ea=playerLoaded&el=792a2be4bc034351b29a4c742344b289&_u=aHBAAEIhAAAAAC~&jid=&gjid=&cid=1090439637.1637811189&tid=UA-45818038-12&_gid=292934739.1637811189&cd6=home&cd1=Unregistered&cd2=Unsubscribed&cd9=true&z=1832034153

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:41:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28296
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=240324544&t=event&_s=3&dl=https%3A%2F%2Ffox42kptm.com%2F&ul=en-us&de=UTF-8&dt=Omaha%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20KPTM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Livestream&ea=autoplay&el=undefined&_u=aHBAAEIhAAAAAC~&jid=&gjid=&cid=1090439637.1637811189&tid=UA-45818038-12&_gid=292934739.1637811189&cd6=home&cd1=Unregistered&cd2=Unsubscribed&z=1388318834

Requested by

Host: fox42kptm.com
URL: https://fox42kptm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:41:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28296
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ad-retarget-cookie-check Show response
www.shopzilla.com/ Frame 290E 82 B
360 B 265ms
265ms Script
text/javascript 192.138.218.136
SHOPZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shopzilla.com/ad-retarget-cookie-check?brand=shopzilla&callback=ConnexityOptOut.Shopzilla.optOutStatusHandler
Requested by: Host: s1.cnnx.io
URL: https://s1.cnnx.io/s2static/us/sz/7a7c4cf1/br2/js/daa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.138.218.136 , United States, ASN14332 (SHOPZILLA, US),
Reverse DNS: shopzilla.com
Software: nginx/1.16.0 /
Resource Hash: aae5ba09ab7a749876f90cb4b01ad7fbd575d434ae53c8bea1b1f374d14c96d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shopzilla.com/ad_retarget_global_opt_out?isExternalOptOut=true&rd=https://preferences-mgr.truste.com&action_id=3&participant_id=611&token=920231623462061194
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 03:33:16 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Connection: keep-alive
Content-Type: text/javascript;charset=utf-8
Transfer-Encoding: chunked
P3P: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"

GET
H/1.1 200
OK cse Show response
connexity.net/c/ Frame B0E4 1 B
314 B 164ms
164ms XHR
text/html 64.19.224.207
SHOPZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://connexity.net/c/cse?a=U
Requested by: Host: connexity.net
URL: https://connexity.net/c/cse?a=O&O=10&xdm_e=https%3A%2F%2Fwww.shopzilla.com&xdm_c=default2492&xdm_p=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.19.224.207 , United States, ASN14332 (SHOPZILLA, US),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://connexity.net/c/cse?a=O&O=10&xdm_e=https%3A%2F%2Fwww.shopzilla.com&xdm_c=default2492&xdm_p=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-CXT-NOOP-U: true

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:16 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, max-age=-1, post-check=0, pre-check=0
Connection: keep-alive
Expires: -1

POST
H/1.1 200
OK cse Show response
connexity.net/c/ Frame B0E4 44 B
610 B 165ms
164ms XHR
image/gif 64.19.224.207
SHOPZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://connexity.net/c/cse?a=L&R=1600x1200c24&T=63&P=t&U=0&Q=cook:n,h5:no,TS:(load:-5ms),(msg:recheck:0ms),(checkStatus:1ms),(noop-U:1ms),(Burl-L:168ms)
Requested by: Host: connexity.net
URL: https://connexity.net/c/cse?a=O&O=10&xdm_e=https%3A%2F%2Fwww.shopzilla.com&xdm_c=default2492&xdm_p=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.19.224.207 , United States, ASN14332 (SHOPZILLA, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d1743a4b9cd803083da5fd65626a4e92edebe73a40ee18f60276c96492b4afd

Request headers

Referer: https://connexity.net/c/cse?a=O&O=10&xdm_e=https%3A%2F%2Fwww.shopzilla.com&xdm_c=default2492&xdm_p=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 03:33:16 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="CAO PSA OUR CURa DEVa PSDo PSAo BUS COR UNI COM",an.pp="http://www.connexity.com/privacy",an.oo="http://www.connexity.com/privacy",an.bt="N"
Cache-Control: no-store, max-age=-1, post-check=0, pre-check=0
Content-Transfer-Encoding: binary
Connection: keep-alive
Content-Type: image/gif
Expires: -1

GET
H2 200 check2 Show response
content-aeuf1.uplynk.com/ 16 B
311 B 105ms
105ms XHR
application/octet-stream 18.194.235.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content-aeuf1.uplynk.com/check2?b=792a2be4bc034351b29a4c742344b289&v=6a3da3273b224076930b26bf25d2aded&r=d&c=6a3da3273b224076930b26bf25d2aded&pbs=faf90dee9a944205a17a0a18886acf42

Requested by

Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.235.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-235-83.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

576041db79ba6f63f3fdd5c56fb23f80d7272bdd7947e3697fedd30dc3d8eb0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:16 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: f09b389d15d347cbaafaee34cc7bb038
content-length: 16
x-content-type-options: nosniff

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811191074&de=10752978503&cu=1637811191074&m=5575&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2382%3A2800%3A0%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5195&cd=24&ah=5195&am=24&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234256527&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1987287593&cs=0
Requested by: Host: fox42kptm.com
URL: https://fox42kptm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:16 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 35ms
19ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12552ac16530bc6703523f5e33a1610f5483c45c13c4f624c48130dfe1c92671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 03:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9362
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 234B 11 KB
5 KB 21ms
21ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=fox42kptm.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2646
date: Thu, 25 Nov 2021 03:33:15 GMT
content-length: 4683

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 25 Nov 2021 03:33:16 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 234B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=fox42kptm.com&sn=ChromeSyncframe&so=3&topUrl=fox42kptm.com&bundle=ET-Mc19VRXZoVkQzVkI2UGRhZzRZVjIlMkZkblMwNEhvMHlTZGx1NEhwM2NKa1lRRjIyN0xy...
https://mug.criteo.com/sid?cpp=0mCevHxHMFY2Y0hObFJnbnhoRXVnbmNwRXBldzBCdmtza0g0cWdtY1ljMFdPQVpVS3ZKQ1VJaDJhaFFMWDUyR0JVQWo4L3R1SENlUjNUYTJVNmV0cGo5OEFtT0lEVnlEUFhUbFBCbUhGOFRiOTVrSHpiN0ROdzc5OVV3WH...

446 B
624 B

20ms
19ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=0mCevHxHMFY2Y0hObFJnbnhoRXVnbmNwRXBldzBCdmtza0g0cWdtY1ljMFdPQVpVS3ZKQ1VJaDJhaFFMWDUyR0JVQWo4L3R1SENlUjNUYTJVNmV0cGo5OEFtT0lEVnlEUFhUbFBCbUhGOFRiOTVrSHpiN0ROdzc5OVV3WHlnUjNxeUQ0TDdQSWsvNE0xWDB2OEsyUkZkUndPc2xzNWRlbm9RQ2lsdUFMSGpkS0J0NnB5SEJBSEo0Uk0yRlFBcWdJTWxSSzkyeW1pK1M2WW9wNk81c1JQZXVXOVJyVEdHcVN0QmhuYlhncHcrNlJVYkpVSzRxYW01N3Y4OVUxRml4WWwvdmZqY2VrbUhlektyZFE2RnB4eDNKTXNDUVRHNnlnNjdCNGhvbWRLZFoxdHF1MD18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b933487d5eed5b5014e1c8daa26cb8adc8222df97848a68fb741fe087c0ea09f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 25 Nov 2021 03:33:16 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4203
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 25 Nov 2021 03:33:16 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=0mCevHxHMFY2Y0hObFJnbnhoRXVnbmNwRXBldzBCdmtza0g0cWdtY1ljMFdPQVpVS3ZKQ1VJaDJhaFFMWDUyR0JVQWo4L3R1SENlUjNUYTJVNmV0cGo5OEFtT0lEVnlEUFhUbFBCbUhGOFRiOTVrSHpiN0ROdzc5OVV3WHlnUjNxeUQ0TDdQSWsvNE0xWDB2OEsyUkZkUndPc2xzNWRlbm9RQ2lsdUFMSGpkS0J0NnB5SEJBSEo0Uk0yRlFBcWdJTWxSSzkyeW1pK1M2WW9wNk81c1JQZXVXOVJyVEdHcVN0QmhuYlhncHcrNlJVYkpVSzRxYW01N3Y4OVUxRml4WWwvdmZqY2VrbUhlektyZFE2RnB4eDNKTXNDUVRHNnlnNjdCNGhvbWRLZFoxdHF1MD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1955
content-length: 567
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 659A 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 24 Nov 2021 20:36:52 GMT
expires: Thu, 24 Nov 2022 20:36:52 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 24984
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9F86 783 B
535 B 19ms
19ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5909d0c9d6b9bd20eb7fb9084322ba6cfe63422967a2a0ccaa2b9dc6555f4415

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lhZa4lmjV2Uq70Y0cpEcRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 25 Nov 2021 03:33:16 GMT
date: Thu, 25 Nov 2021 03:33:16 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-lhZa4lmjV2Uq70Y0cpEcRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
preferences-mgr.truste.com/token/611/2/920231623462061194/ Frame 290E 570 B
794 B 108ms
108ms Document
text/html 13.32.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/611/2/920231623462061194/
Requested by: Host: s1.cnnx.io
URL: https://s1.cnnx.io/s2static/us/sz/7a7c4cf1/br2/js/daa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.19.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-19-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 3283760f29c4cd1bb86d46541e534965e208333d082d94fafdc4d5e11bf72b2e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.shopzilla.com/

Response headers

content-length: 570
date: Thu, 25 Nov 2021 03:33:16 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: tje2UVn_5kF7L2CA1uLunfnUhWtB4eLt21kMew9J-rwtxPhKdtCdVw==

GET
H2 200 D0000018B.ts Show response
x-default-stgec.uplynk.com/ause/slices/792/34d28c6069b34f1d96307c80809697d7/792a2be4bc034351b29a4c742344b289/ 215 KB
215 KB 101ms
101ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/ause/slices/792/34d28c6069b34f1d96307c80809697d7/792a2be4bc034351b29a4c742344b289/D0000018B.ts?pbs=faf90dee9a944205a17a0a18886acf42&_jt=l&chid=6a3da3273b224076930b26bf25d2aded&cloud=aws&si=0&d=4.096
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F10) /
Resource Hash: 3f8ab0420bfb562e69f8792732531a2e2167b23cc104a19f1060bd303b235f3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:16 GMT
etag: "65355b9c4f967eb53856edde118424eb"
last-modified: Thu, 25 Nov 2021 03:32:33 GMT
server: ECAcc (frc/8F10)
age: 13
x-amz-server-side-encryption: AES256
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
x-amz-request-id: 7GKYB8S4MKG8Z10D
accept-ranges: bytes
content-length: 220160
x-amz-id-2: Li8uswMKmf85/UuSmBQl0K29b3KGAm1h+MHGpAKJgCo00eWJRBSvkjWEI/yvTi3OqJ9cZDLzbLc=
x-ec-put2cache: 1
expires: Thu, 25 Nov 2021 03:33:15 GMT

GET
H3 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame 659A 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 03:26:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9F86 0
0 60ms
60ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=1527982069317324&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811191487&de=859523853146&cu=1637811191487&m=5378&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2382%3A2800%3A10811%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5165&cd=2&ah=5165&am=2&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234303065&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=746130849&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:16 GMT

GET
H2 200 D0000018C.ts Show response
x-default-stgec.uplynk.com/ause/slices/792/34d28c6069b34f1d96307c80809697d7/792a2be4bc034351b29a4c742344b289/ 89 KB
89 KB 375ms
374ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/ause/slices/792/34d28c6069b34f1d96307c80809697d7/792a2be4bc034351b29a4c742344b289/D0000018C.ts?pbs=faf90dee9a944205a17a0a18886acf42&_jt=l&chid=6a3da3273b224076930b26bf25d2aded&cloud=aws&si=0&d=1.792
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F55) /
Resource Hash: 7ae6360dcb72c903a311edc4484240bc299d37c10a67dd61c39a1eedcd9cf816

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:17 GMT
etag: "812f94cd757bf5af2a72dee3f674c298"
last-modified: Thu, 25 Nov 2021 03:32:32 GMT
server: ECAcc (frc/8F55)
age: 11
x-amz-server-side-encryption: AES256
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
x-amz-request-id: 330QA7TT5TZAMR7H
accept-ranges: bytes
content-length: 91008
x-amz-id-2: DDIfMjFCzHMugyWYIe56sEtCfY/skuZG64uPrJb2DWUgwMeUp20tFVeAZp0mZg84O0K8DdBPHVc=
x-ec-put2cache: 1
expires: Thu, 25 Nov 2021 03:33:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 31ms
31ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=1527982069317324&bg=!_f6l_rrNAAZQLpa_UC47ACkAdvg8WgFVD3v5C2N8EKwSRu0U3bwCbnCkZG5ZdZigbDV2w3riSsmbkQIAAAB1UgAAAAdoAQcKAM5J4l67F2lZRKc9_E2Fsk5Ffc4j-XDyr9K7CoIBjMsPAN8-xDcrYinTFx2LWPsZKDd-KLDvicA5kFGe5rUds53EWzHdWVfL63ccqcYhDo4ikLBNSVl82i3y42llrI9jnjGTo9ZRt-RQsqJTb6DXYPUsaCNodmZ9M5qgcUlLmawk-DcDYgHocWgn7ab35-hqhyhuyDgXkWm7iW_rfuqheebHSgKPV7zFRbdd7vrLlqlFFUyOyyX03fP9T2IkQhv6MtPgkd4MjaXiCSplDGqwjZkCcEsgXB73dYssRo9LFX4R047gMOdaT7tnigcdg8a1Ls-oJLlsQkGOUsyvWHHuQZKyoDyzGGXy89J-phdzqGy6Dmu3ZDVhYa1iszL_0BTZPmLgIICgkofiSSMnScILsCXUJz_tsIfwA4EBNrlZ6JHVP2BrZGNFMy3NG1uz5rEIowKgl7rdi1KknSw582nrAgHYfiMK9EekNNlGJd8yGXTEseKBReqvJvJUOJsPNFGpskLQzu4nfzXuQH92ApofBJJcotoWFqwc5rGjFphbv1R_p8XT4mwTN23MXN5jBwEnyCsCVgfc6R_xHMLbpO5x8b0bueV334NTr-whh3PVZXPa-AyPPNFaueG4cwyqxVgkLlFILBc3WSsQMenrlyuUzzUneKKDRkYPV9NVfnap1gjwXLUGRLTofjm2EVfqsiaa4374wv9PvCmFxDLi-bJh5divFT_X-kzHSmw_pvzNy5Yw5HCd0K6RHHfbzdVgS4G1Gam1HHFG4Qy3AIBll_3EUD6aqXMnPB6TJkXfFiKjOf8TryJDXGnJpWCW2-PjQmPUOVmCBpC-rqNSh7wVkWK6veBKBMGk_JiAElyIH4ZeE2vkxzFXCPVJ3pYcuCw8Rn_NW1I1YA9asbhHHxK7BTy0oXyPqhWeJPpJ3UShMCVgkPHQ4pzPruqFMk4PRRQQ9dL50qEMs7lLMDdAzPEMOzJUdW0dh7BqZeOHO66QyTm_IHQfNVwXBkYTWoOWrJ5LZzKQabwD3QbI2OAHQlORx-cySGotqU2LG4jL7L7P0UfQHWkXUnDcgtYgdJQkXSksjYRMhy8i2NTQ6IBrBJC3aELAkzkjTg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811191961&de=402041507027&cu=1637811191961&m=5117&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2382%3A2800%3A10811%3A2735&as=1&ag=5113&an=1599&gi=1&gf=5113&gg=1599&ix=5113&ic=5113&ez=1&ck=1599&kw=650&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5113&bx=1599&ci=1599&jz=650&dj=1&aa=1&ad=4788&cn=1274&gn=1&gk=4788&gl=1274&ik=4788&co=1274&cp=650&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4914&cd=650&ah=4914&am=650&xd=00&rf=0&re=1&ft=4788&fv=1274&fw=1274&wb=2&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234303071&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1547669238&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:17 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811191951&de=201929904594&cu=1637811191951&m=5325&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2382%3A2800%3A10811%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5120&cd=1&ah=5120&am=1&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234302969&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1941905496&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:17 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811191940&de=668786883775&cu=1637811191940&m=5339&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2382%3A2800%3A10811%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5133&cd=2&ah=5133&am=2&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234256398&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=568445582&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:17 GMT

GET
H2 200 check2 Show response
content-aeuf1.uplynk.com/ 16 B
311 B 12ms
12ms XHR
application/octet-stream 18.194.235.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content-aeuf1.uplynk.com/check2?b=6bad0d90ffd94df48f98da1e37fcea05&v=6a3da3273b224076930b26bf25d2aded&r=d&c=6a3da3273b224076930b26bf25d2aded&pbs=faf90dee9a944205a17a0a18886acf42

Requested by

Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.235.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-235-83.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0f106a2922bdfacfd29c64facde204c67fd6b08f42ff43943e87bbeed3b484f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:17 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: 5a468a3eb6004f95893aa6b574f4c88d
content-length: 16
x-content-type-options: nosniff

GET
H2 200 D00000000.ts Show response
x-default-stgec.uplynk.com/zusw2/slices/6ba/34d28c6069b34f1d96307c80809697d7/6bad0d90ffd94df48f98da1e37fcea05/ 206 KB
207 KB 8ms
7ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/zusw2/slices/6ba/34d28c6069b34f1d96307c80809697d7/6bad0d90ffd94df48f98da1e37fcea05/D00000000.ts?pbs=faf90dee9a944205a17a0a18886acf42&_jt=l&chid=6a3da3273b224076930b26bf25d2aded&cloud=aws&si=1&d=4.004
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F45) /
Resource Hash: 9a37f97780adc260070768a9cae9c149dfb77d4c149be601228c75b0bf11b925

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Nov 2021 03:33:17 GMT
content-md5: t+LQ1lSjqMsbQ7onHKRu9g==
age: 378886
x-cache: HIT
content-length: 211136
x-ec-put2cache: 1
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 05:03:07 GMT
server: ECAcc (frc/8F45)
etag: 0x8D962CEA23E2D15
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: a5e53e98-f01e-00d9-233b-de8088000000
access-control-expose-headers: access-control-allow-origin
cache-control: no-cache
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 25 Nov 2021 03:33:16 GMT

GET
H2 200 D00000001.ts Show response
x-default-stgec.uplynk.com/zusw2/slices/6ba/34d28c6069b34f1d96307c80809697d7/6bad0d90ffd94df48f98da1e37fcea05/ 209 KB
209 KB 10ms
10ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/zusw2/slices/6ba/34d28c6069b34f1d96307c80809697d7/6bad0d90ffd94df48f98da1e37fcea05/D00000001.ts?pbs=faf90dee9a944205a17a0a18886acf42&_jt=l&chid=6a3da3273b224076930b26bf25d2aded&cloud=aws&si=1&d=4.011
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F18) /
Resource Hash: 4f99537fed230aeb172f2040464571c320d1bdfafa961d3f60b0ce96612a4393

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Nov 2021 03:33:17 GMT
content-md5: g4dafTpLM6oDopou+K7vTA==
age: 2427578
x-cache: HIT
content-length: 214144
x-ec-put2cache: 1
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 05:03:07 GMT
server: ECAcc (frc/8F18)
etag: 0x8D962CEA23EC972
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: e25c6e80-401e-00be-1799-cb9074000000
access-control-expose-headers: access-control-allow-origin
cache-control: no-cache
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 25 Nov 2021 03:33:16 GMT

GET
H2 200 D00000002.ts Show response
x-default-stgec.uplynk.com/zusw2/slices/6ba/34d28c6069b34f1d96307c80809697d7/6bad0d90ffd94df48f98da1e37fcea05/ 51 KB
51 KB 8ms
7ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/zusw2/slices/6ba/34d28c6069b34f1d96307c80809697d7/6bad0d90ffd94df48f98da1e37fcea05/D00000002.ts?pbs=faf90dee9a944205a17a0a18886acf42&_jt=l&chid=6a3da3273b224076930b26bf25d2aded&cloud=aws&si=1&d=0.934
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F78) /
Resource Hash: 19152d35e5961614a03fbd3db96fc30f1e4970088befb7977c9c1da7d275d8a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Nov 2021 03:33:17 GMT
content-md5: q2x8pQ5UjRJmORsmO+NXvg==
age: 283243
x-cache: HIT
content-length: 51712
x-ec-put2cache: 1
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 05:03:07 GMT
server: ECAcc (frc/8F78)
etag: 0x8D962CEA254ED84
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 738dd9fc-101e-0078-6f19-df5bf5000000
access-control-expose-headers: access-control-allow-origin
cache-control: no-cache
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 25 Nov 2021 03:33:16 GMT

GET
H2 200 D00000000.ts Show response
x-default-stgec.uplynk.com/zusw2/slices/6ba/34d28c6069b34f1d96307c80809697d7/6bad0d90ffd94df48f98da1e37fcea05/ 206 KB
206 KB 10ms
10ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/zusw2/slices/6ba/34d28c6069b34f1d96307c80809697d7/6bad0d90ffd94df48f98da1e37fcea05/D00000000.ts?pbs=faf90dee9a944205a17a0a18886acf42&_jt=l&chid=6a3da3273b224076930b26bf25d2aded&cloud=aws&si=1&d=4.004
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F1C) /
Resource Hash: 9a37f97780adc260070768a9cae9c149dfb77d4c149be601228c75b0bf11b925

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Nov 2021 03:33:17 GMT
content-md5: t+LQ1lSjqMsbQ7onHKRu9g==
age: 378886
x-cache: HIT
content-length: 211136
x-ec-put2cache: 1
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 05:03:07 GMT
server: ECAcc (frc/8F1C)
etag: 0x8D962CEA23E2D15
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: a5e53e98-f01e-00d9-233b-de8088000000
access-control-expose-headers: access-control-allow-origin
cache-control: no-cache
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 25 Nov 2021 03:33:16 GMT

GET
H2 200 D00000001.ts Show response
x-default-stgec.uplynk.com/zusw2/slices/6ba/34d28c6069b34f1d96307c80809697d7/6bad0d90ffd94df48f98da1e37fcea05/ 209 KB
209 KB 11ms
10ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/zusw2/slices/6ba/34d28c6069b34f1d96307c80809697d7/6bad0d90ffd94df48f98da1e37fcea05/D00000001.ts?pbs=faf90dee9a944205a17a0a18886acf42&_jt=l&chid=6a3da3273b224076930b26bf25d2aded&cloud=aws&si=1&d=4.011
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FF3) /
Resource Hash: 4f99537fed230aeb172f2040464571c320d1bdfafa961d3f60b0ce96612a4393

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Nov 2021 03:33:17 GMT
content-md5: g4dafTpLM6oDopou+K7vTA==
age: 2427578
x-cache: HIT
content-length: 214144
x-ec-put2cache: 1
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 05:03:07 GMT
server: ECAcc (frc/8FF3)
etag: 0x8D962CEA23EC972
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: e25c6e80-401e-00be-1799-cb9074000000
access-control-expose-headers: access-control-allow-origin
cache-control: no-cache
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 25 Nov 2021 03:33:16 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811192546&de=119951772182&cu=1637811192546&m=5108&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2382%3A2800%3A10811%3A2735&as=1&ag=5103&an=2301&gi=1&gf=5103&gg=2301&ix=5103&ic=5103&ez=1&ck=1009&kw=2&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5103&bx=2301&ci=1009&jz=2&dj=1&aa=1&ad=4598&cn=1796&gn=1&gk=4598&gl=1796&ik=4598&co=1796&cp=1256&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4904&cd=1256&ah=4904&am=1256&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=92725138%3A2316137404%3A4685114612%3A138234302420&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=441416727&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:17 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811192478&de=560037353719&cu=1637811192478&m=5207&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2382%3A2800%3A10811%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5002&cd=3&ah=5002&am=3&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234303023&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1674204644&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:17 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811192490&de=924697591560&cu=1637811192490&m=5367&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2382%3A2800%3A10811%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5160&cd=2&ah=5160&am=2&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234256608&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=10663441&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:17 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811192504&de=896223166012&cu=1637811192504&m=5362&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2382%3A2800%3A10811%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5157&cd=12&ah=5157&am=12&xd=11&rf=0&re=1&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234303008&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=858060825&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:17 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811192530&de=275569135927&cu=1637811192530&m=5338&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2382%3A2800%3A10811%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5132&cd=2&ah=5132&am=2&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234303014&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=21264596&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:17 GMT

GET
H2 200 d.m3u8 Show response
content-aeuf1.uplynk.com/channel/6a3da3273b224076930b26bf25d2aded/ 7 KB
938 B 210ms
209ms XHR
application/vnd.apple.mpegurl 18.194.235.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content-aeuf1.uplynk.com/channel/6a3da3273b224076930b26bf25d2aded/d.m3u8?pbs=faf90dee9a944205a17a0a18886acf42

Requested by

Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.235.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-235-83.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9906b3851427d3e2c844597401cdd524cb8f86f73c36163503b0ae2b6c2791c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:20 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: c7965532d3114f54becfcec0e909bd4a
content-length: 621
x-content-type-options: nosniff

GET
H2 200 switchbg.png
consent-pref.trustarc.com/images/ Frame F9C4 1 KB
1 KB 8ms
7ms Image
image/png 143.204.207.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/switchbg.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/EuPreferenceManager.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.207.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-207-43.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/EuPreferenceManager.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 18:45:38 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 06 Oct 2021 15:33:18 GMT
server: nginx
age: 31678
etag: W/"1068-1633534398000"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 1068
x-xss-protection: 1; mode=block
x-amz-cf-id: YkCN_DWqW7QnckdrAO1kkntXF9lLv0J_WwJPdITg3aD4PIbYct1Vbg==

GET
H2 200 D00000002.ts Show response
x-default-stgec.uplynk.com/zusw2/slices/6ba/34d28c6069b34f1d96307c80809697d7/6bad0d90ffd94df48f98da1e37fcea05/ 51 KB
51 KB 10ms
10ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/zusw2/slices/6ba/34d28c6069b34f1d96307c80809697d7/6bad0d90ffd94df48f98da1e37fcea05/D00000002.ts?pbs=faf90dee9a944205a17a0a18886acf42&_jt=l&chid=6a3da3273b224076930b26bf25d2aded&cloud=aws&si=1&d=0.934
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F07) /
Resource Hash: 19152d35e5961614a03fbd3db96fc30f1e4970088befb7977c9c1da7d275d8a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Nov 2021 03:33:20 GMT
content-md5: q2x8pQ5UjRJmORsmO+NXvg==
age: 283247
x-cache: HIT
content-length: 51712
x-ec-put2cache: 1
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 05:03:07 GMT
server: ECAcc (frc/8F07)
etag: 0x8D962CEA254ED84
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 738dd9fc-101e-0078-6f19-df5bf5000000
access-control-expose-headers: access-control-allow-origin
cache-control: no-cache
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 25 Nov 2021 03:33:19 GMT

GET
H2 200 D00000000.ts Show response
x-default-stgec.uplynk.com/zusw2/slices/6ba/34d28c6069b34f1d96307c80809697d7/6bad0d90ffd94df48f98da1e37fcea05/ 206 KB
206 KB 11ms
11ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/zusw2/slices/6ba/34d28c6069b34f1d96307c80809697d7/6bad0d90ffd94df48f98da1e37fcea05/D00000000.ts?pbs=faf90dee9a944205a17a0a18886acf42&_jt=l&chid=6a3da3273b224076930b26bf25d2aded&cloud=aws&si=1&d=4.004
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E85) /
Resource Hash: 9a37f97780adc260070768a9cae9c149dfb77d4c149be601228c75b0bf11b925

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Nov 2021 03:33:20 GMT
content-md5: t+LQ1lSjqMsbQ7onHKRu9g==
age: 378889
x-cache: HIT
content-length: 211136
x-ec-put2cache: 1
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 05:03:07 GMT
server: ECAcc (frc/8E85)
etag: 0x8D962CEA23E2D15
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: a5e53e98-f01e-00d9-233b-de8088000000
access-control-expose-headers: access-control-allow-origin
cache-control: no-cache
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 25 Nov 2021 03:33:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811191487&de=859523853146&cu=1637811191487&m=10400&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2382%3A2800%3A10811%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10196&cd=5165&ah=10196&am=5165&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234303065&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1860689821&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:21 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:21 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811191961&de=402041507027&cu=1637811191961&m=10137&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2382%3A2800%3A10811%3A2735&as=1&ag=10133&an=5113&gi=1&gf=10133&gg=5113&ix=10133&ic=10133&ez=1&ck=1599&kw=650&aj=1&pg=100&pf=100&ib=1&cc=1&bw=10133&bx=5113&ci=1599&jz=650&dj=1&aa=1&ad=9808&cn=4788&gn=1&gk=9808&gl=4788&ik=9808&co=1274&cp=650&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9934&cd=4914&ah=9934&am=4914&xd=00&rf=0&re=1&ft=5093&fv=4788&fw=1274&wb=2&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234303071&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=413509631&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:22 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811191951&de=201929904594&cu=1637811191951&m=10342&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2382%3A2800%3A10811%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10136&cd=5120&ah=10136&am=5120&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234302969&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1910064805&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:22 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811191940&de=668786883775&cu=1637811191940&m=10356&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2382%3A2800%3A10811%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10152&cd=5133&ah=10152&am=5133&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234256398&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1552352319&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:22 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811192546&de=119951772182&cu=1637811192546&m=10126&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2382%3A2800%3A10811%3A2735&as=1&ag=10122&an=5103&gi=1&gf=10122&gg=5103&ix=10122&ic=10122&ez=1&ck=1009&kw=2&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10122&bx=5103&ci=1009&jz=2&dj=1&aa=1&ad=9617&cn=4598&gn=1&gk=9617&gl=4598&ik=9617&co=1796&cp=1256&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9922&cd=4904&ah=9922&am=4904&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=92725138%3A2316137404%3A4685114612%3A138234302420&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1437306208&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:22 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811192478&de=560037353719&cu=1637811192478&m=10223&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2382%3A2800%3A10811%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10019&cd=5002&ah=10019&am=5002&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234303023&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=381147626&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:22 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811192490&de=924697591560&cu=1637811192490&m=10386&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2382%3A2800%3A10811%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10179&cd=5160&ah=10179&am=5160&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234256608&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1213930576&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:22 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811192504&de=896223166012&cu=1637811192504&m=10385&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2382%3A2800%3A10811%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10181&cd=5157&ah=10181&am=5157&xd=11&rf=0&re=1&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234303008&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1888096108&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:22 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatGNID=4756&zMoatAU1=KPTM&zMoatAU2=Web&zMoatAU3=home&wf=1&ra=1&pxm=&sgs=3&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=SINCLAIR_GAM_DISPLAY1&ol=2893258319&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K_*%3Ce%24%26*x4PjrGBe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-OA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ffox42kptm.com%2F&id=1&ii=4&f=0&j=&t=1637811192530&de=275569135927&cu=1637811192530&m=10361&ar=553ffc12ef5-clean&iw=321a0a7&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7066&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2382%3A2800%3A10811%3A2735&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10156&cd=5132&ah=10156&am=5132&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=92725138%3A2316137404%3A4685377161%3A138234303014&bo=84109138&bd=97476178&gw=sinclairgamdisplay488716798718&zMoatOrigSlicer1=84109138&zMoatOrigSlicer2=97476178&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=401143824&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:33:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Nov 2021 03:33:22 GMT

GET
H2 200 d.m3u8 Show response
content-aeuf1.uplynk.com/channel/6a3da3273b224076930b26bf25d2aded/ 7 KB
933 B 267ms
267ms XHR
application/vnd.apple.mpegurl 18.194.235.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content-aeuf1.uplynk.com/channel/6a3da3273b224076930b26bf25d2aded/d.m3u8?pbs=faf90dee9a944205a17a0a18886acf42

Requested by

Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.235.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-235-83.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

09f0052c906de445de9ee6df35c42f40ec75a809158bc7c8fa04ffe1c6ade240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 03:33:23 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: f09b389d15d347cbaafaee34cc7bb038
content-length: 616
x-content-type-options: nosniff

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/zusw2/slices/6ba/34d28c6069b34f1d96307c80809697d7/6bad0d90ffd94df48f98da1e37fcea05/D00000001.ts?pbs=faf90dee9a944205a17a0a18886acf42&_jt=l&chid=6a3da3273b224076930b26bf25d2aded&cloud=aws&si=1&d=4.011
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.22.1/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FDC) /
Resource Hash: 4f99537fed230aeb172f2040464571c320d1bdfafa961d3f60b0ce96612a4393

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fox42kptm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Nov 2021 03:33:23 GMT
content-md5: g4dafTpLM6oDopou+K7vTA==
age: 2427584
x-cache: HIT
content-length: 214144
x-ec-put2cache: 1
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 05:03:07 GMT
server: ECAcc (frc/8FDC)
etag: 0x8D962CEA23EC972
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: e25c6e80-401e-00be-1799-cb9074000000
access-control-expose-headers: access-control-allow-origin
cache-control: no-cache
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 25 Nov 2021 03:33:22 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: optout.mxptint.net
URL: https://optout.mxptint.net/daastatus.ashx?rd=http://preferences-mgr.truste.com&participant_id=540&action_id=3

Domain: px2.moatads.com
URL: https://px2.moatads.com/pixel.gif?v=23&i=SINCLAIR_GAM_DISPLAY1PX2&commit=c64ebad7029-clean&t=1637811192721&id=856431009538

Domain: content.uplynk.com
URL: https://content.uplynk.com/channel/6a3da3273b224076930b26bf25d2aded.m3u8?

Verdicts & Comments Add Verdict or Comment

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.s.thebrighttag.com/api/privacy/3fLGmeU	1969-12-31 23:59:59	Name: btpstkn Value: acT2i4Sc3ku_4-N_XbZNjwAAAX1VJ4e2
.doubleclick.net/ads/preferences	1970-01-19 22:56:52	Name: pm_sess_2500685038 Value: ACi0TCiC7Sh0KqWKbyNfUOJkaW1O-20vzpKRNJqoekPSUwjwRoTugSKE9scWAhntxROmo_ojeplx
adssettings.google.com/ext/nai/	1969-12-31 23:59:59	Name: aboutads_sess285530703 Value: ACi0TCiC7Sh0KqWKbyNfUOJkaW1O-20vzpKRNJqoekPSUwjwRoTugSKE9scWAhntxROmo_ojeplx
adssettings.google.de/ext/nai/	1969-12-31 23:59:59	Name: aboutads_sess285530703 Value: ACi0TCiC7Sh0KqWKbyNfUOJkaW1O-20vzpKRNJqoekPSUwjwRoTugSKE9scWAhntxROmo_ojeplx
.fox42kptm.com/	1969-12-31 23:59:59	Name: notice_behavior Value: expressed,eu
fox42kptm.com/	1969-12-31 23:59:59	Name: idle_session Value: 1637811188381
fox42kptm.com/	1970-01-21 18:44:51	Name: LRUID Value: 4551fec9-0502-4a64-b4b3-d45c23888c6d
.fox42kptm.com/	1970-01-20 16:28:03	Name: _ga Value: GA1.2.1090439637.1637811189
.fox42kptm.com/	1970-01-19 22:58:17	Name: _gid Value: GA1.2.292934739.1637811189
.scorecardresearch.com/	1970-01-20 16:13:39	Name: UID Value: 1QZCOC1CLU3SRIRLSOH6AYg1637811189
.fox42kptm.com/	1970-01-20 01:06:27	Name: _gcl_au Value: 1.1.1773039336.1637811189
.fox42kptm.com/	1970-01-19 22:56:51	Name: _gat Value: 1
fox42kptm.com/	1970-01-19 23:40:03	Name: _pbjs_userid_consent_data Value: 3524755945110770
fox42kptm.com/	1970-01-19 23:40:03	Name: pbjs_sharedId Value: 0bfcf228-8c60-451e-b641-3f3d9dcc12d5
.rubiconproject.com/	1970-01-20 07:42:27	Name: khaos Value: KWEEHTRT-T-J4OV
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+dZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==
.rubiconproject.com/	1970-01-20 07:42:27	Name: audit Value: 1\|hLZGFuTafB0lsUOg0EOIPEZeVCuLeoYaJAQRvrb7NaaVL7v9nbH7lr+NzoI1rIzy4RsmZrLZOhpA46cQgMKqonaOgzXjMDayI/CoSoRbKaY=
.doubleclick.net/	1970-01-20 08:18:27	Name: IDE Value: AHWqTUloF-1lX87k3S3hEw0VSD8wpVUtTG7OfpiIUH7uAsOAlEAI2-iUyTWnpoSZSlk
fox42kptm.com/	1970-01-20 08:18:27	Name: cto_bidid Value: c-H2ol96WGp6NFAzYyUyRndIVTlVNjFCbzRTYU1iYTR4Mkg4cHN0NzNUJTJCaGdaOXBLdkdDWGM1UnYxRmRXbXRjcTB2bDlwOFdEclROJTJGJTJGSWYxRlNINksyNzdMbVJnJTNEJTNE
fox42kptm.com/	1970-01-20 08:18:27	Name: cto_bundle Value: ET-Mc19VRXZoVkQzVkI2UGRhZzRZVjIlMkZkblMwNEhvMHlTZGx1NEhwM2NKa1lRRjIyN0xyM0huWHAlMkZWZGFSQnU1b3J2d1B0eFd4SDFNU3NnUUFzVUYyd0lhYlJlMnE5S0x4ejF6MnR0MW0lMkJOdzFVam9rJTJCMDVqVExmRlVOWWxocDBFNWFX
.fox42kptm.com/	1970-01-20 08:18:27	Name: __gads Value: ID=c4a219663db19303:T=1637811189:S=ALNI_MaLWdc4LnJ8Hdfpy6w25kk7O62ohg
fox42kptm.com/	1970-01-19 22:57:34	Name: _config Value: **
prefmgr-cookie.truste-svc.net/	1970-01-19 22:56:51	Name: cookie_3rdparty Value: enabled
consent-pref.trustarc.com/	1970-01-19 22:56:51	Name: token_test Value: Thu Nov 25 2021 03:33:13 GMT+0000 (GMT)
.rubiconproject.com/	1970-01-19 22:56:54	Name: iD73m9npAf Value: 1
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB5G Value: s578\|YZ8D/
.google.com/	1970-01-20 03:20:22	Name: NID Value: 511=KTxMxJjDdgzEA-qLb4aLW78RdD1ugKQikRZfTRiJ9YKkzyD9M_oPF6vAO6k7NPaZ4FhNLOfKWvXK4kY7BtKmTB-1ZYZGEqr20Vsq_ThOO4KenGYcBzDKxNiBP_tFBWtECSwud8VbSMtutk8gtNoWcthneNQ3NlwJNdx4SXEsObk
.google.de/	1970-01-20 03:20:22	Name: NID Value: 511=oZvo1s7tze2wWe0IYtkWMzMsszQyee-g4CnsAeUjDDzK2upbPVDhNcZ888QsTgWfO22rKwd-0ck_4wAHKH3tGCFsxiEZChSwvRhzlnKxn0A7q_c9rJKyma53-1vwtvYIu73ky0hqdPdOxFDPfQxfJmxQ2R3fqmDC1TJxNYy4AMI
.retargetly.com/	1970-01-20 03:16:03	Name: _rlid Value: 9ba394d9-8dc8-40e3-bba6-b6a315110700
.ziffdavis.com/	1970-01-20 07:42:27	Name: opt_out_token Value: 3cc2f022-3b32-4426-8bc3-3f1fc93df57c
.askmen.com/	1970-01-20 07:42:27	Name: opt_out_token Value: 5c789485-af43-4eb6-8dfd-3b4aed85a105
.pcmag.com/	1970-01-20 07:42:27	Name: opt_out_token Value: 86b674ad-04fc-40e5-ae9a-a8f27a0101c0
.zdbb.net/	1970-01-20 07:42:27	Name: opt_out_token Value: e9b5e344-76fb-4aa0-adc2-01fd185ed25e
.ign.com/	1970-01-20 07:42:27	Name: opt_out_token Value: 3772b3b8-c5e3-4fef-b398-a28e147aa9a2
.1up.com/	1970-01-20 07:42:27	Name: opt_out_token Value: 77390c34-2e5c-42ae-8cc9-c945aa5e5514
.extremetech.com/	1970-01-20 07:42:27	Name: opt_out_token Value: 15a1cb3a-46f3-4cb3-8e87-b8ee5b97e78d
.toolbox.com/	1970-01-20 07:42:27	Name: opt_out_token Value: 810ba329-2b88-4349-8868-680b9956c8f0
.techbargains.com/	1970-01-20 07:42:27	Name: opt_out_token Value: 0f1500c8-de2b-4c4a-a374-1b9f9dff2556
.ugo.com/	1970-01-20 07:42:27	Name: opt_out_token Value: d7c9032e-41b5-470b-9893-04a465d42aeb
.apolloprogram.io/	1970-01-19 22:56:52	Name: atid Value: 243369891
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 7ee3322adccf78fe
.tynt.com/	1969-12-31 23:59:59	Name: 33x_nc_au Value: 271e9fee2e885a84
.33across.com/	1969-12-31 23:59:59	Name: 33x_nc_au Value: 45ca07b71d44a1a6
.postrelease.com/	1970-01-21 18:46:17	Name: opt_out Value: 1
.audrte.com/	1970-01-21 18:44:51	Name: NAI-TRANSIENT Value: NAI-TRANSIENT!NAI-TRANSIENT!1637811194090!CSRFToken#725ee392-4dfe-4f00-b14e-bfc47bde4c40
.shopzilla.com/	1970-01-19 22:56:54	Name: opt_out_token Value: 920231623462061194
.media.net/	1970-01-20 03:23:15	Name: usp_status Value: 1
.adnxs.com/	1970-01-20 01:06:27	Name: uuid2 Value: 8780101656686050039
apps.pubmatic.com/	1970-01-19 22:56:54	Name: pub_coop_token Value: 5lgZNsRPmYlMZd8b0KVIQmnjTLfbQd9tr7yx
.casalemedia.com/	1970-01-20 07:42:27	Name: CMID Value: YZ8D.8-Jpk-tcvw38U6rIAAA
.casalemedia.com/	1970-01-20 01:06:27	Name: CMPS Value: 5222
.casalemedia.com/	1970-01-20 01:06:27	Name: CMPRO Value: 1207
.casalemedia.com/	1970-01-19 22:58:17	Name: CMST Value: YZ8D+2GfA-sA
.w55c.net/	1970-01-20 08:25:39	Name: wfivefivec Value: a3eovCwz1MQ5vB5
.w55c.net/	1970-01-19 23:40:03	Name: matchcasale Value: 5
.mathtag.com/	1970-01-20 08:22:46	Name: uuid Value: 9cd8619f-03fb-4e00-81fa-957d5a44e524
.yahoo.com/	1970-01-20 07:42:48	Name: A3 Value: d=AQABBPsDn2ECEKRoUJTWTIgxRVO2EazwRvQFEgEBAQFVoGGoYQAAAAAA_SMAAA&S=AQAAAm5N0O6bEZwgS3_KguC4fa8
.everesttech.net/	1970-01-20 07:42:27	Name: everest_g_v2 Value: g_surferid~YZ8D_wAHE09y_QAz
.amgdgt.com/	1969-12-31 23:59:59	Name: OO-ST-3142738483718651904 Value: t
.amgdgt.com/	1969-12-31 23:59:59	Name: OO-ST-376952129585152 Value: nt
.amgdgt.com/	1969-12-31 23:59:59	Name: OO-ST-3033294008 Value: nt
.casalemedia.com/	1970-01-20 07:42:27	Name: CMRUM3 Value: e6619f03fb2760&2d619f03fb2760CAESEFLaKs1s28Va8Jd2fnRz4XU&98619f03fb27603be22bf8-bbf3-4ae6-be2b-6d72dde20b30&bc619f03fb05a00&2f619f03fb05a0&27619f03fb0b40&f1619f03fb05a0&49619f03fb05a0
.criteo.com/	1970-01-20 08:18:27	Name: uid Value: eaceb09d-a966-417f-97ce-62a733461a7e
.fox42kptm.com/	1970-01-20 08:18:27	Name: cto_bundle Value: lC1zEF9VRXZoVkQzVkI2UGRhZzRZVjIlMkZkblRaMDRSUEZFNll3RnVldGJxV3gwV0lYSXdNRyUyQndjRG1iZ2VqYVh1JTJCJTJGVk5YQTI3elR2YTJDdFU2aWZXZDBzdVZaaVF1YkRYYnJORVRFcEQ3c0JZUyUyRnlkWHlWZDRxSFUxdDZuSDclMkJJYnp3Q1ozMjdUVkJUY051YVllZ1B6Um5oZHclM0QlM0Q

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/710259.gif?partner_uid=4551fec9-0502-4a64-b4b3-d45c23888c6d Message: Failed to load resource: the server responded with a status of 451 ()
javascript	warning	URL: https://z.moatads.com/sinclairgamdisplay488716798718/moatad.js(Line 131) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	error	URL: https://z.moatads.com/px2/client.js(Line 40) Message: Fetch API cannot load chrome-extension://oanbpfkcehelcjjipodkaafialmfejmi/css/style.css. URL scheme "chrome-extension" is not supported.
javascript	error	URL: https://z.moatads.com/px2/client.js(Line 40) Message: Fetch API cannot load chrome-extension://lhfibgclamcffnddoicjmoopmgomknmb/css/style.css. URL scheme "chrome-extension" is not supported.
javascript	error	URL: https://z.moatads.com/px2/client.js(Line 40) Message: Fetch API cannot load chrome-extension://pfobdhfgohkddopcdbifhccbbpjlakaa/img/info.svg. URL scheme "chrome-extension" is not supported.
javascript	error	URL: https://z.moatads.com/px2/client.js(Line 40) Message: Fetch API cannot load chrome-extension://adcggpckpldlkcobapimobdijchkigmb/img/info.svg. URL scheme "chrome-extension" is not supported.
javascript	error	URL: https://z.moatads.com/px2/client.js(Line 40) Message: Fetch API cannot load chrome-extension://cndipecijohebobplligphncocjamhei/content/images/icons/16.png. URL scheme "chrome-extension" is not supported.
javascript	error	URL: https://z.moatads.com/px2/client.js(Line 40) Message: Fetch API cannot load chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png. URL scheme "chrome-extension" is not supported.
javascript	error	URL: https://z.moatads.com/px2/client.js(Line 40) Message: Fetch API cannot load chrome-extension://ijiccemhechakbnanjgbjppgelcdafij/icons/16.png. URL scheme "chrome-extension" is not supported.
network	error	URL: https://fox42kptm.com/favicon.ico Message: Failed to load resource: the server responded with a status of 500 ()
deprecation	warning	URL: https://z.moatads.com/px2/client.js(Line 29) Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
security	error	(Line 540) Message: Mixed Content: The page at 'https://fox42kptm.com/' was loaded over HTTPS, but requested an insecure frame 'http://preferences-mgr.truste.com/token/540/1-1/mpi_token/'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://id.rlcdn.com/709414.gif?us_privacy=1-N- Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3gz8cg829c.execute-api.us-west-2.amazonaws.com
948f7dc2a65b79a89dceff9397b9dfbf.safeframe.googlesyndication.com
acdn.adnxs.com
acuityplatform.com
ad.amgdgt.com
ad.wsod.com
ads.rubiconproject.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
adssettings.google.com
adssettings.google.de
api.retargetly.com
api.userway.org
apolloprogram.io
app.link
apps.pubmatic.com
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
casalemedia.com
cdn.amgdgt.com
cdn.pubmatic.com
cm.g.doubleclick.net
connexity.net
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
content-aeuf1.uplynk.com
content.uplynk.com
contextual.media.net
dsa.moatads.com
dsum-sec.casalemedia.com
dts.innovid.com
eb2.3lift.com
entitlements.jwplayer.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fox42kptm.com
go.sonobi.com
googleads.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
i.w55c.net
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
imasdk.googleapis.com
ingest.tidaltv.com
jadserve.postrelease.com
js-sec.indexww.com
lightboxapi.azurewebsites.net
livevideostatus.sinclairstoryline.com
match.adsrvr.org
ml314.com
mug.criteo.com
my.ipredictive.com
optout.1up.com
optout.33across.com
optout.alphonso.tv
optout.askmen.com
optout.audrte.com
optout.bigsea.weborama.com
optout.crsspxl.com
optout.emxdgt.com
optout.extremetech.com
optout.ign.com
optout.mxptint.net
optout.parrable.com
optout.pcmag.com
optout.prod.bidr.io
optout.techbargains.com
optout.toolbox.com
optout.tynt.com
optout.ugo.com
optout.zdbb.net
optout.ziffdavis.com
pagead2.googlesyndication.com
partner.knorex.com
paywall-prod.appspot.com
pbs.twimg.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sojern.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prd.jwpltx.com
prebid.media.net
preferences-mgr.truste.com
preferences.bluecava.com
prefmgr-cookie.truste-svc.net
privacy.britepool.com
privacy.tapad.com
px.moatads.com
px.owneriq.net
px2.moatads.com
px2m.moatads.com
pxl.iqm.com
r.turn.com
rtb.adentifi.com
s.amazon-adsystem.com
s.thebrighttag.com
s0.2mdn.net
s1.cnnx.io
sb.scorecardresearch.com
securepubads.g.doubleclick.net
segments.company-target.com
sinclairstoryline.com
ssc-cms.33across.com
ssc.33across.com
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.extend.tv
sync.mathtag.com
syndication.twitter.com
t.e1e.io
tagan.adlightning.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
www.demdex.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lightboxcdn.com
www.mathtag.com
www.shopzilla.com
x-default-stgec.uplynk.com
z.moatads.com
content.uplynk.com
optout.mxptint.net
px2.moatads.com
104.109.78.125
104.111.242.53
104.244.42.136
104.36.113.45
107.178.244.119
107.178.246.49
13.32.19.104
13.32.19.18
13.32.19.67
13.32.21.201
13.35.253.115
13.35.253.42
13.35.253.97
142.250.186.98
143.204.207.123
143.204.207.16
143.204.207.43
143.204.207.93
151.101.65.108
151.101.66.49
152.199.22.243
154.59.122.74
170.76.128.226
178.162.133.148
178.250.0.157
178.250.0.165
18.185.171.80
18.194.235.83
18.197.87.177
18.209.200.15
18.211.53.36
18.212.101.179
18.215.193.43
184.30.20.207
184.31.84.150
185.29.134.244
185.33.220.100
192.138.218.136
198.148.27.139
2.18.233.180
2.18.234.21
2.18.235.40
2.18.235.93
2.19.35.65
20.40.202.0
2001:678:cb4:bbbb::11
209.234.224.18
209.240.97.247
209.54.180.3
216.58.212.162
2600:1f18:765:4800:7681:18d0:4c60:ba77
2600:9000:2057:5600:10:8317:ee40:93a1
2600:9000:2057:dc00:19:9934:6a80:93a1
2602:803:c004:200::143
2606:2800:133:202d:cd5:25f1:103b:1d26
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::ac43:8f4
2606:4700::6810:51a5
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:80:800::7000
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:803::2014
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:829::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:400c:c07::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00:298::3350
2a04:4e42::626
2a05:d018:24:b002:bc48:7748:582:a849
2a05:d018:d29:3605:6798:75ff:a274:9693
3.212.101.34
3.222.114.14
3.65.202.227
34.107.148.139
34.149.20.76
34.195.72.147
34.208.254.20
34.238.25.142
34.241.248.46
34.255.50.161
34.68.170.46
34.98.64.218
35.155.159.56
35.157.246.167
35.171.131.228
35.172.42.207
35.231.202.250
35.244.174.68
35.71.131.137
44.193.87.60
46.137.100.162
52.19.97.175
52.202.47.217
52.21.112.210
52.211.124.118
52.211.195.119
52.27.164.51
52.71.142.200
52.90.100.71
64.19.224.205
64.19.224.207
65.9.71.113
65.9.71.35
65.9.71.6
67.202.105.22
67.202.105.23
67.202.105.33
69.173.144.139
69.173.144.165
74.121.140.207
76.223.111.18
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
00bc8a85240fb0337553fe6c639ced752f1f83b46b27c7557aac08a6d9caedc7
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
01b71a031909d51853eafb724e1949dc67c0cb02201d724455d0800ab6375c25
03944ee7cc2e2f7544aaaf9febc807126c7ec200fa9d6b7036bbcdf7db6b4cc0
03e6aac9f14d2f1b650df0e30be4d6924f576c9c41b8f1841283dc54645f7a48
04d42f687fb9857c145ff3dd0c0775282304f39bf4881bad8677e473bf76207c
0505a08647733adf0ce3b876394b8e34e43b9a71d2aa2e5045bdcd2badad9b81
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09003dc442e4f1de14938689b269a7f0a6249375bdc4ee7ab3640b36e540ea93
09338ee5014029f9ba791425877e033156dedf8d3132ac2ee7596406553bb69d
09f0052c906de445de9ee6df35c42f40ec75a809158bc7c8fa04ffe1c6ade240
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0b966bc976037e892dc2158feb9c4cbc51c91cab0e8a6d5e9c8cb9327674944f
0bca5ace3fc4e312c7109a2798dd4ff2f022cd8d55b80645076eeed1dcc33167
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0cd5e3c675698217d56a25f6b53d3afcabfca740a6630f702b21b001d1f7e5eb
0dd36438fa18f3b2b6a01dc6a086a2a75e08d4fcb429402af280d0b66dce6c8c
0f106a2922bdfacfd29c64facde204c67fd6b08f42ff43943e87bbeed3b484f3
0fc5c9d54edcdcb5c94263248a92aece199f5399636afd966022f13924640bf7
11594dc2e8e18000fe2fbfc2d1b982f2663b86872cb3c08dcb139e982ab335d6
117420691b3b16ce517a899de4b81d60830ae1e8e772fd4d5d1411f30892739e
120ce4b29019f9bd7fb0d265b801257858054dafe881ad1e76de0d4788f09392
122276ca8230bb00fa32559bfe6f888ed1c536a6575858a675100e557ab26aa0
12552ac16530bc6703523f5e33a1610f5483c45c13c4f624c48130dfe1c92671
12cbe60da3e04341e0347f56362318263b450ed8247f0ef97f0c702a954a2cfd
139f9ba8a050f184cfd22f16ea49a30549ea4c349c2ddc09eb61e81661f4fc6e
13b64eac810929d5c8a140f9a28ebec23c9b985399aa87e63789e68978751d0c
13f5ddb50d8506f227f9ed4039d935ccbea8390f52b946c11de4f73a7dabbcc2
142445a345542e9b8c2dd14a3cd3f3022f85b0ca31c19860f8c6bf392e3b97ec
14a402be248760efb787eb960040779d24f0b58ba8ac0793d1902741885079b4
15430b52f661c0271a6c6802e1f229ee9e3ddfad9623a42588409cf95514518e
1666b41d1d6fb7ba772113768f30b4b59a7494633f656ff4b12fe2a410c6c9ee
16e29d9fe81196624faea40b1f29e577ab936910831a6252458b38bb29671c8b
18482c4dca61963f3d8a1051c1dd614a6965ca11d0bc91f0e4177b3b8e807ee2
186000bd4fb01115e66c6e5ac7cb466e1a4187d7d201b13410263566df451985
19152d35e5961614a03fbd3db96fc30f1e4970088befb7977c9c1da7d275d8a0
1a4d34ebf101524a20eb423967b0ed855c218ddf1ee63e0af1851f74028fede7
1a53825329f39e7b0723e96298beb500daad40964d9dfeffbeb08d73686cfcaa
1b26143b592dd06b2c5f2dd1a0f15d4879ba64ba9a1eddcb7f467523f7b39e9f
1c9d040f78b43556d113b558d8728eb6f25c1ab41e75b0a096a279e8e6d9c822
1ccf45d87848931d93f80bcf785ac3434fa66944f048171efa055935400120a4
1d30ca142cfa226f9c955a34a60da4dba25ead05fc1aa0644a7e6dc5e6839bda
1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5
211cdb17e82d28b69ab2dd8b56d500e8a080a182e87baad4b3c02a3cc8d282b6
223e564c5a92fbff310e212a8078d54df643e38ee0738c8cc2a3813f34602bd9
244c6dae6dcb45d4f8890326398b2e39628b713f4f37f327a492b5b163083d72
25c21e0a7fc331878dae05799b69c882c10476b5e5bf148435bff06a6252766f
2616211e97e18cfe624d453f597a83d457a997382f3b65f8a39968a6724ce681
26515c2abea63566f8f39d4e97c120564221f096e0054a1bac381c33bbd95053
280ee641ac89e5552eb1710a171cef98bdd727229018325cee516c21777f467c
2843712ac403a32be4c341bb7c60675b498655f203e493ca1e8a93b2eac7af86
29816cc3512902f26770316cc67521dffa419f59ecdecd0403b2f45085d0e410
2a63edaf9a7f51bd8a298667502a2ea6175a8f5fe6287f25242a1e526e6e2a30
2b2c984f6febcdd38cced2bed82da66afd53fe43ff586c7bfcc09a8dae926826
2d34ba9ee7c5e42341d4a70ddd29c009a8975c4d117f0c52265a9dda8e3d0d9c
2dc5049c2ba07a4136993ac241fbbda288b6ac173799103a8b180e410c216743
2e0360c3428c635577f1d7e5bf3a7dd2b42d738895a67d097ab5cb48409359bd
2e578b8901bc4b1b3a6aca07e22e4c843356c51b37400ae8276d1396b3eb578d
2ef794e6984277c05c475b8eef5d63fefef122b5277c4ae2a642d1be51061a58
2fc144fae13962c0d391f4a75a0ec528c0aadd48b23acfdb0f296ffd7d339adc
3283760f29c4cd1bb86d46541e534965e208333d082d94fafdc4d5e11bf72b2e
32fd2722c072b41dece26bbc64f35d038fe59dc42fd50c51f436f3a27bc87066
334e714a1c5ebefb28783d1c809dda2a01b916554121e92067a2e41417cd10a2
33b47b1c5987ec20f890a4eab19bbd6c4451e30f26d1f0ac4cec9bd6a2c7548c
341b298b017b1a994caed1401e91d604de757e289cbbf550e7f74399dc3357d7
35c553f60e8b9e3514ad0f189912862f22762fbf471f6afe06e6b26a9a044f1a
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
377e109ab82564e1f37538bbdf6fd833456f496947382279930dbb151abd3eb3
38fee043dba7ad2970e81c27ccb3c4a58b48d7ec850023b4d43e92afa6d53f2a
3a901c565d457f71c50db3910838f0709256732130a52d720246967605e03427
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3f293d0825956a0c059a74fe746b2fa6d74c6a273cb3974e7f99746def0e4d00
3f8ab0420bfb562e69f8792732531a2e2167b23cc104a19f1060bd303b235f3e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4019c33e479980518d178e228bf20e95d179354a519c8ed590ca2f08d17986f2
42481511adf1c3dcd5054828d69fd9c04236381d7e9d4485385df5b11e9b145a
463cc89f03205b5bb20f6d5e5b874747f06d4858e55cf4bec0c2690e64361ee0
476c70c95b16df5cd849f9dc2b5219eee9791f602003f94b1654a9696bcaa8c5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b94847ef580334d4bcaae0148436bc6e12152469c341bcee3ec1d592e53a3f0
4df590dc5e5e16c2c595e193c7e28ed1c73f4de5892e283fce3a832745677191
4e091da68339fd6b7f7ca42df9e3dbf53a837f0ef32bacb17742e2ca24ffbddf
4e76dacf990c789cadb70b02b24b4bec7adb8bb9c8dbfcf946642a0be4cead79
4e87b0833dbc4021d64216db82295cda42836ba949bbd077c29e6317a65faddf
4f4433ffa0e14d736310bc827eb2e6460081c6b997e6c92833ad73c6cfac5293
4f99537fed230aeb172f2040464571c320d1bdfafa961d3f60b0ce96612a4393
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5101ef76f58efef9653f8e786e41d45dd72e2eb14cbeca4b88552da6ce33e8db
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5427638dd31d8dae89042ad8492341301fccfb167cc07550dba4410f78c74517
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
55b6f92da77357e33d80dc8799f4819168ebb769fe84e5d62580226e70179e0c
572c935c696b68b7c657d15677c7022588c488d4af15fe0d356a44428615af50
575fed311449bc2a9fcd65ecc0a8ac99016cec1bd40a10d22f1beb4b3353c76e
576041db79ba6f63f3fdd5c56fb23f80d7272bdd7947e3697fedd30dc3d8eb0d
57a600a18f19717a838ee820b63b66605d0b3a50a05827f3cfcb32ebf15cf6f7
5806773f18317b321e2273de086de3226e179984b87254e3706adcf1514a5a42
58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61
5909d0c9d6b9bd20eb7fb9084322ba6cfe63422967a2a0ccaa2b9dc6555f4415
59995cfe0635bdbc4a449abbefe936c2d096988500a712e9b3a19e7450c0de72
5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266
5c7356876ee608f5a196f1e886f6c01fce8fae3a9aa490992100d2e6e70cef4b
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
5dcc1f650548dab92380f10aee2a8c4c878ece063b5d4201c1205b3a343f9a8b
5e7c983088d395b1a25c01cacef5283c7356ad97c5c3ecee3fd7a979496d1afd
5eda4fe017d9e9c68b222e232f7ebc8bda11440c2958a7b6809ab6c06aaa2d05
5fac6f218defa6cfe11d19e05bd8872cbbd44675f378bafa65dda60d34dfdc8f
5fb0ea7e01964dc13d2c981f435a2df1a29c30a01fe28c4b492529223fee7db6
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6013188062afe55b4a50915b11d01808bc95d29d299220b9b89abbb74558fac7
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61411f402b0f939f459ffad4d23216797c70ce495b146ce3d64d4dc91c900e00
622436be5a6168d1da9eba79583e1913e2dbd6384f45e3f8ebfd094ac0cb6b03
63d48b8c541202a228579bc8b570bd9f85c9a58e1e3088c85a6e72b7ca2e602c
644d937882b52a3abb2724e13a0364eafa7ec48a8a48dadf6610b5fcf99014f6
651a3f637e9b66415561faf14bb192a719fdfe3537f51235c533ad81accdb663
666fe99657e67678b048fc0b7baa44e086625a35250a16dbf7781855a8ca4a83
668404093a4a51813e674557aecd06ef4f575204cdcc789d346f3c0c25b29441
67175599b4bdf8d3df9fa17e11d12ea2396ad2f6997a70b44e701966b930ec8f
676f7b715b4c4944692171609508b30e0124cb994cd3ab8e394a1c4cbedd38aa
689f4dd61366a881d6a75acc4c31898ef6a848977c3de9a66f4b22652a779787
68e0359be4cbaa6fe1d22baf25f2684cca0cebbceebabae197e6ccf1109915c0
68f51e1fbda82543d971e29d3ea25f90835073e9c982067d04fac5733b288de9
6b58295fa8b4c97cb0cce833550ae3f8e03c5add52aa652998ba0d838fbda786
6d1743a4b9cd803083da5fd65626a4e92edebe73a40ee18f60276c96492b4afd
6e100e46d205197cd13022d52892ee4d1aac20e78634034c94948e597dff4fbc
6e60407537ae8be31f1c4776a6e6ff512a603ef7a1fabc8f6386ff2410b16d31
6fbbf82797ced37ef9b7c8a66404e3348a2d73117587adacd7a0c2050543abef
711751f3555ab9155846f5de8f623bf9e3de1269741a2cb950c05ad8ed0d087d
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
732df32633d6e55d5baca102d68498795eb3144a96b648a2f1b32a38bbe003c6
74f967717ac927fe03ed9999063845f1f2725fc8f124de73a19d43816c1223b8
75b9505ae007f8cc3bc1c5858b2010548ad36d39f1720b71be444a6238b4b8ba
76ae13d2e5266dc043603e2a81b889759d5b48e61913abf6ec6a118cc3d55e78
76da26f241064ccf22a24f5e2884d61afc5c67caec9389220881bda38834fdc4
7a2bd83af49958ed394143b196de5a93f85b0d856c2bacffebbcb98db39cee6d
7ae6360dcb72c903a311edc4484240bc299d37c10a67dd61c39a1eedcd9cf816
7cc58adc8ecabe2ea73b9cfc0e472a8c60eb41d75c0bc654bc7258cf6335b2f7
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
817c551fdf2113c9157de734bc60e9587edd3f24c87ba577ba03358c99584eaf
8277844693f0dc8ecd76e2300fafb759c8d40380b7067849fcced7547c0b7e01
82e587ecca54057eabad78bed2d89c2fb8f4118c3504e6f096215cb72868913e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
84593b643ad8e34437641db1db204c4e99e042ed617d6933bcf394a49fb2ce23
84bd266ecc3691e0abd6751b9ca11b3631bdfa80a9ed5655cc687b587c0ecaef
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853f9fdf83f9d5ecb1d56969d822dca5775cafb0aaf2ba6278b7f18fadc50809
862dc87fba8cf3233eedca7a7b8a3f4a99659743c06233a59193251e0cc63887
8635c5e193a35779bbfeceb8d06f67647e2c57b366aaeaf797fa7158b62b7c01
87b9620cdeb2e8f5290bca816d5f1abce8bb49098ba10bd1a689a5fb39538ef4
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8891eedb325cdaa0450e0d27740ce5d80ce0e9c610555f74e7819dffbab75f3f
88a1b92604994e0900cf90574f215104db18a2d4d81f28f6a28439df345f1cfe
892af2ba7758cbe009692eb0bc3e5a3b0fa5a15925d309a0d1fca2c229934982
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8cd0286b215542d71d4cc71b2b0579c7d55d06099781a2de8233ab2e81a32066
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db76846bf1112adc5bc91ee3b0f712074188fba3b352c6840a814dacb764632
8ea43335dc94e0ada00ddd00c636d2983e2c0043bb4df43bc08b5ac570c7a93c
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec
8edf4afffb3c82dacbc2d3b56f77e65a90087b26da334c29665eb02cc1f55351
8f02b086ae10817306381794d9ae4915e388ff25714fdeafbf3eadc082713004
8fa676f1dea68026cc6b6b619e43ad32e4b4a12b1ec8f6d96b8e7aca09db5be7
8ff62030ec15826d5df76673030a7722e255ccd09fe2de0fb04c5018f5e02689
9152865d677d583c117c3d013c524b3904e4c7edf59fdc9d92a7f36ee37f6588
917cd441969c201fe537f3c3c47a825d2fd9b68535a5873358b630a5c6a25f0d
925ae0d0c7c41fafa49d576fdfaca95edbd8f4fb79b55a8af058be1cc13a73d9
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
935b2acb5a81b285744995e37cfdd065929576855c909192887a466e2f89f980
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
94b4f4b370a2e53166e0b2bc151ace1925abab5585de6a19c2bf71263c04e0cf
94b92be55685dabbeab0642b2d4f213e49fe809398e1388205161a4c926de2f5
94db822e28e0569d6df571e95887bd3d76050edb35e04057c0000ca007e26791
952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303
96bcf5ffac4c621f4077f7cf6908bc24d37274cc8dfd5e254e8779a2b5d0218a
9821ab0c2c0ec5b01063600d74683297ce2374c280142908a947ae553b60a027
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9906b3851427d3e2c844597401cdd524cb8f86f73c36163503b0ae2b6c2791c4
9a37f97780adc260070768a9cae9c149dfb77d4c149be601228c75b0bf11b925
9a4c759d59afc8f3f9349d9fbe97375e757534ef4ea12f8cf6c9e5a8380dba63
9d7f44d77a06a94db8b8f359962128c2b94ffee62814bf78b8768d4738178f42
9e4e815af21a8f370746de68547b291a17cba5a691aea0847db30daa692bf5aa
9f465f41355e2106acda789a477c5cd4fd0f6d41c7f9c5376a4685421562ca77
a062d7051cc6c84b58658bb89fc893a33aaa612eb14d7e3a0060994ce2143efd
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a24bf9eeb676e49b191fb4c1dbeb242a26fd1417193816d4475f4d420bdf9821
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a2e880272bb5d4323728a77ccc3ed4be166120d06af55cece4aeb00a1a6d12a6
a35b5d333de8a2202f4ce15e5511a4fbcb6154985c1c6f63b63df90626c3d3ed
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a70423b9dea14ebe2071eff160b1f1818366efc66abfd32773625ba0a3417243
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7dd4037c97e1db5346c98e632f63ea56dc54df4383499be12f8f29d7084170f
a7f60c416ef0c514645c9bc69a03326657377f6678019cf7e6a8e813a6606ebb
a7f6c71c3e607139537b1095cd5b7109640b8e52abc2c5fbcd1d769ba10968c4
a88729490d645d909004158dd2832d5ecdc19d6cd04f57a74b098c4769ff5622
a9c59d51083802014df87619ce5aeb2e2f82d91ebf35af1a59ca03a3999fed5c
aae5ba09ab7a749876f90cb4b01ad7fbd575d434ae53c8bea1b1f374d14c96d7
acadc483823f0bda4e13cace25b1517433b89c19ca0f698c081b25ae430bf22a
acf420f9a65af4977e71d32cc44df81652b0376d148a88bb6b007ad7d962ac87
ad157ab2481c1f1e9007ca715f4fe5958882ce313c4da54a0bb8d2d3d92392f3
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aecdfb202cfb299b55a857255a27871a3009a9e16d849a08698f52916870d064
af3bbe3b3568532ce4c68624b1e4691878e581efcb11506b01da4d6e7b597951
b09b3ca9565b6f8f3a46269f178d4d7dc6e178bd3edef5ed3f677e3a64eba25b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4308b9b075d8615c9e76ba6406d865c6549f2d1a7b3696349470b9d96ee6280
b686e3e2a293833a4692aabe20e2e61115fafc0a4df592641e07d0eefb64f484
b90a8c0faed3e5c93076ab37830fdd7cbee82c46413346e74799cf6aaf740ad3
b933487d5eed5b5014e1c8daa26cb8adc8222df97848a68fb741fe087c0ea09f
bb0222d18b27ec46b71e2fcb8533f8b4c3182e71a9d96fd3012f42e5d7621c01
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc1f23151d099b4b2db6c4fe9b1adf9c5e81941fc4a37c00b2dd3f038de0ce6a
bc23626caae4dd3025c1a82883f4b580e3d8b6cab3f84c654cce95cf53002f2f
bd6156a8a107fa2543d0762db84dde2af3cf7e840d49bdcfcf383f4350e8fab6
be6f03278977047f971da440cf230a372a370da7d8e68532071c875ae321c031
bfe4b811479f50a13ec11356357c8a6d9d5baca852664774d8316ee385052295
c011bc89c5839a113b0f09412af6280479f84abc823e76e37cb21a4d651d8c9c
c02cae5b2de27b0f12598ab23cf91b1e0e99dda2821e2d17510497e23093cbe7
c0476fbaa1d24e10a759bb4779200f91331ef3af5cd1c13abd88c7e0fcb2e021
c082f2c16c3e756f1fc08eaefd1a445c072472569fc54e1591922b27a4f984cb
c08962513de80c1009c8f68232bd28ee331130c0e14540a63538d9540b65648a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c9ec594b2057da7cf7b47bd8533400d1bf0fd21312a108fea0ce668ba8cb9250
cb0ee978a5f405613d3a7b8cb59d2e104ddcd57bff70ae2044fe47546089c138
ce06a9b8b1ccf8870a3448248824625feeb2d735e9e200903760fc9e3fcd09de
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfdb022fd7d694f61dc18a47a238d4fa426881f58a9a8f61adb0359d75e14773
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0f443eff9e701d9f0f173ec92cae949fdf2abe67135b057f6771474d26f1441
d1747371ac7a368af8b35604943d76958bab1b84d493de7810f29606851872a2
d192fde99248cbe5095985187a88c3e124ea71f1dce0fdde19b3ae2770c0ae5a
d1b0e7a7433aa300045f598ae81d285a07246ab776af640fe7c4f423779d06bd
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d367560de53d283557b5b465ecb65c8527f73106b5435a42c630aa96223aec7e
d4308680be7f4855f994d8eba727aa7bef52d421cbe9cd3e85ad44e404a0ed97
d65b393a4a1a83f69af4493633f8ca93956cfe57870b5dfe97cfcb18e92c8194
d8d1e71ee6159ec84a633aefb3788bad72f3405de514535f38cd1aa73e11c148
d9802af64401b98446e9674c0f11b5944c2eeb0d513bf444679e7707114286ae
d9d41bb1b449996d73e3d0c41fc7380c7a3a29ee0906a6127f6ffb9fd0e6f8d7
d9db9553320e13d0bbe05027a4efdcf5cb8c353b3be1c42e289982fb2d1c5f62
db58fbac8304f2548011eeb67657a22780cbc8e81150dc6d9a63b74e303e8f38
dca9b65504d9a14428e18225397c1ec1aacd0a4a06001311c425deb8fb3fa7b7
dcb846952a4118303985e9c39216673049b039f434970ae945ccf3e0f1a5b4bf
dd5370fed5ed11e8a260f9a9eb3f3a51cb5d06c09238c0d0410cb0c132d73c15
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
df5273c3a1ce9bbdf375c254403bd98fcc2f1ee9e4996b79892b2b63df8d2927
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2c4cb765a538663b026164cda163328632d6b13d24ce43a4023b6fdd808d691
e35910df757863c460f6faffe46d44544502942a15ba44ea322f3ac44a1b80e8
e399ff2d1a1b7c69334b72baafddeb0025a90631c22a4753b4add046f33ad597
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
e66fcfb6655ac69375c24dd35af572165a73aaed333d43c51deabded43364e45
e7696e2c23be7eb24312157f0915bff3cbb22ad7522c23f2d48b7c083f2f4c3d
e773fac3894a49f902d0d72c16d4ca2f6fb10909f667b17639561959d5e05ce3
ea8c07566d4c0ba76f0589bb0e027743d5015725ad5b102e464bd32a708472a0
ea946decdf3bce71e1bd43c48939d8a0bc62ea7fe1e6d3850bcdb941b669b959
eabb8203b3e92e541504b2e5146529e7e63c95afeb8bd91998db372f21dbb608
eb09aab900d7fc638ce33711030f3581f948130016b6c5bfeb456b85a52b4ad5
eb1ba2445f39f5d06781af96d5e09eb3726d49f84fe73b8447a492d6abde6806
eb4775fadba6859bd69502e772f42d17aae221eb24dc8be4e847cdbbfd31c098
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ecb6ebb1700464c207c4c28b402577b9d788982af13e836953bbff4334e36242
edb378ec33f8cd7235d0d1451912782c10e64b73851b8005987dfbb2b24b0a1e
ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe869dead55b972b6b62b5914777f1c7c313f32afd4753bfce30ad4b2a85a8c
efec5394dfd449bbe933fad5abd3dc6991d17596494f4cd12990a8e35b33e3f9
f01661990f42a31dac9f7e829f67763bc8c882a97dd978029ceaaeddfa9c98e9
f140c4cd7825b747d157f267381a775239cb0e5c709f3d45fc39377bf2254043
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f3c660ca04d80091b468f29dc8c9cb4e752eadacd18877e3a880967f497f8ce3
f3d386571962d10f82155fd24dd1055708a5cb115ac280b1cd1b2a0936385780
f515ad567c75d7f715bfb4e0cf1555fe91cad82d403e2d89fd7b0ee3d574162a
f76046f37178c842612b984195ab2cae863227142be6189f6ff6fef0280bb900
f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32
f993782969cba41ff529396a8fed592db2783e0c056c0586976fa8294089118a
faf40543efacdbf4318a567a333a74945b3cfaeaf0b18936df96364c23ef41dc
fbb195c5c276b127f061ac0a2b22f1ff2c917f478b258bcafe2d14e11abe94c4
fca3582f673d514334ce9ad28afa43d1af5505f56e04a29f92e8f316f6b2daac
fd149cc6224d5959e10776f365d9c6e6a6fc293bf25927bb6eeb8e00073a69de
fd15cf2495ff729dc0a57746488d7216668b18988e602a79bd14c4bef2bb2548
fe60ae18946407b18d4fb7dc77c1241f5894d03b812c8f0d18aa640dcea58b59
fe9f552df0e8a872c973b46223bd382ce28cb2e6c7469226a8eb9858693076c8
ff0b50aa9d66c87474cd02cdf57ed20e6a0c3420bc4cf67b746c59cd7a8f1711
ff21b1a811ffdbaf4d7f0901bec20622a43934ba210028d9c116b21f02af5364
ff7972cc3d2b673e12e2d3b4f1a3f486f8fd3e72f1358f1883e876efb25b66f4

fox42kptm.com Open in urlscan Pro 143.204.207.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

485 Requests

91 %HTTPS

29 %IPv6

98 Domains

141 Subdomains

80 IPs

8 Countries

10397 kBTransfer

21700 kBSize

64 Cookies

8 Outgoing links

Page URL History

Redirected requests

485 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fox42kptm.com Open in urlscan Pro
143.204.207.93 Public Scan

Screenshot
Live screenshot

Full Image

485
Requests

91 %
HTTPS

29 %
IPv6

98
Domains

141
Subdomains

80
IPs

8
Countries

10397 kB
Transfer

21700 kB
Size

64
Cookies

485 HTTP transactions
11 data transactions