www.fox19.com Open in urlscan Pro
2a02:26f0:6c00::210:ba13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Submission: On March 04 via manual (March 4th 2022, 3:33:01 pm UTC) from US — Scanned from DE

Summary HTTP 317 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 62 IPs in 7 countries across 40 domains to perform 317 HTTP transactions. The main IP is 2a02:26f0:6c00::210:ba13, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.fox19.com. The Cisco Umbrella rank of the primary domain is 194688.
TLS certificate: Issued by R3 on January 11th 2022. Valid for: 3 months.

This is the only time www.fox19.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:600... 2a04:4e42:600::282	54113 (FASTLY) (FASTLY)
14	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e1d5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:21f... 2600:9000:21f3:9a00:b:5584:2800:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2.21.142.172 2.21.142.172	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:231... 2600:9000:2315:d000:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
4	35.201.98.64 35.201.98.64	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1 3	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
9	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b9::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
45	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	52.4.120.17 52.4.120.17	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
8	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	143.204.98.87 143.204.98.87	16509 (AMAZON-02) (AMAZON-02)
2	2.16.186.170 2.16.186.170	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:215... 2600:9000:2156:c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	18.217.122.3 18.217.122.3	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1b8::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
3	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
9 12	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
4 8	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 5	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
18	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
1	85.14.248.71 85.14.248.71	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
8	70.42.32.95 70.42.32.95	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	37.157.5.72 37.157.5.72	198622 (ADFORM) (ADFORM)
1	2600:9000:215... 2600:9000:2156:600:1b:7b40:7bc0:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:8c00:16:e423:f180:21	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:231... 2600:9000:2315:4200:13:fb92:3480:21	16509 (AMAZON-02) (AMAZON-02)
6	2a02:26f0:6c0... 2a02:26f0:6c00:286::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
2	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
3	209.197.3.19 209.197.3.19	20446 (HIGHWINDS3) (HIGHWINDS3)
36	2.21.140.103 2.21.140.103	16625 (AKAMAI-AS) (AKAMAI-AS)
8	104.92.81.61 104.92.81.61	16625 (AKAMAI-AS) (AKAMAI-AS)
1	99.80.96.31 99.80.96.31	16509 (AMAZON-02) (AMAZON-02)
1 2	18.185.143.172 18.185.143.172	16509 (AMAZON-02) (AMAZON-02)
3 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
3	213.254.244.108 213.254.244.108	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	52.20.68.233 52.20.68.233	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	18.232.0.94 18.232.0.94	14618 (AMAZON-AES) (AMAZON-AES)
317	62

7 2a02:26f0:6c00::210:ba13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.fox19.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:26f0:f7::5c7b:e1d5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

gray-wxix-prod.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:9a00:b:5584:2800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d3agakyjgjv5i8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.21.142.172 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-172.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:d000:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.98.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.98.201.35.bc.googleusercontent.com

reconditerespect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.130.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)

api-esp.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b9::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.120.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-120-17.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.87 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.170 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-170.deploy.static.akamaitechnologies.com

gray-config-prod.api.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.217.122.3 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-217-122-3.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1b8::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.162 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.172.249 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.71 (Meerbusch, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:600:1b:7b40:7bc0:21 (United States)

ASN16509 (AMAZON-02, US)

d1d3jupgwm7m5r.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:8c00:16:e423:f180:21 (United States)

ASN16509 (AMAZON-02, US)

do0bihdskp9dy.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2315:4200:13:fb92:3480:21 (United States)

ASN16509 (AMAZON-02, US)

d1l66zlxaqpl1u.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00:286::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.197.3.19 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x013.map2.ssl.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2.21.140.103 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-140-103.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.92.81.61 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-81-61.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.96.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-96-31.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.143.172 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-143-172.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.108 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.68.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-68-233.compute-1.amazonaws.com

l.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.232.0.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-0-94.compute-1.amazonaws.com

fdz.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	googlesyndication.com 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	546 KB
46	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 176 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276 ad.doubleclick.net — Cisco Umbrella Rank: 181	341 KB
40	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 655 cdn.flashtalking.com — Cisco Umbrella Rank: 844 stat.flashtalking.com — Cisco Umbrella Rank: 2145 fdz.flashtalking.com — Cisco Umbrella Rank: 4155 img.flashtalking.com — Cisco Umbrella Rank: 5107	543 KB
20	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1147 widget-pixels.outbrain.com — Cisco Umbrella Rank: 1428 odb.outbrain.com — Cisco Umbrella Rank: 1329 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 4647 mv.outbrain.com — Cisco Umbrella Rank: 3061	169 KB
18	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	1 MB
16	arcpublishing.com gray-wxix-prod.cdn.arcpublishing.com — Cisco Umbrella Rank: 231561 gray-config-prod.api.cdn.arcpublishing.com — Cisco Umbrella Rank: 31708	416 KB
15	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 460 rtb0.doubleverify.com — Cisco Umbrella Rank: 624 rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 11873 tps.doubleverify.com — Cisco Umbrella Rank: 444 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 9304	141 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	288 KB
9	piano.io api-esp.piano.io — Cisco Umbrella Rank: 11726	29 KB
8	evidon.com c.evidon.com — Cisco Umbrella Rank: 976	20 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	7 KB
8	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
8	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 3759 images.outbrainimg.com — Cisco Umbrella Rank: 1845	597 KB
7	fox19.com www.fox19.com — Cisco Umbrella Rank: 194688	489 KB
6	cloudfront.net d3agakyjgjv5i8.cloudfront.net d1d3jupgwm7m5r.cloudfront.net do0bihdskp9dy.cloudfront.net d1l66zlxaqpl1u.cloudfront.net	168 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	111 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 205	5 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 480	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	40 KB
4	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 3021 cds.connatix.com — Cisco Umbrella Rank: 3082 capi.connatix.com — Cisco Umbrella Rank: 2633	258 KB
4	reconditerespect.com reconditerespect.com — Cisco Umbrella Rank: 20021	33 KB
3	adform.net track.adform.net — Cisco Umbrella Rank: 3334 s1.adform.net — Cisco Umbrella Rank: 8028	19 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 125	2 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	102 KB
2	myvisualiq.net 1 redirects t.myvisualiq.net — Cisco Umbrella Rank: 1313	1 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 870	344 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 323	419 B
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1140 c.go-mpulse.net — Cisco Umbrella Rank: 545	50 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	77 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	betrad.com l.betrad.com — Cisco Umbrella Rank: 1215	121 B
1	yahoo.com ads.yahoo.com — Cisco Umbrella Rank: 816	194 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 375	338 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 12956	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8832	792 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 500	482 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	29 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 966	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1029	14 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1238	580 B
317	40

	Domain	Requested by
31	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com googleads.g.doubleclick.net www.fox19.com ad.doubleclick.net www.googletagservices.com s0.2mdn.net
29	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com www.fox19.com googleads.g.doubleclick.net ad.doubleclick.net s0.2mdn.net
28	cdn.flashtalking.com	servedby.flashtalking.com cdn.flashtalking.com
18	s0.2mdn.net	www.fox19.com s0.2mdn.net 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
15	securepubads.g.doubleclick.net	www.fox19.com securepubads.g.doubleclick.net www.googletagservices.com
14	gray-wxix-prod.cdn.arcpublishing.com	www.fox19.com gray-wxix-prod.cdn.arcpublishing.com
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
9	www.googletagservices.com	7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com www.fox19.com cdn.doubleverify.com www.googletagservices.com securepubads.g.doubleclick.net
9	googleads.g.doubleclick.net	7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com www.fox19.com
9	api-esp.piano.io	www.fox19.com code.jquery.com api-esp.piano.io
8	c.evidon.com	cdn.flashtalking.com c.evidon.com 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
8	mcdp-nydc1.outbrain.com	widgets.outbrain.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	widgets.outbrain.com	www.fox19.com widgets.outbrain.com
7	images.outbrainimg.com
7	www.google.com	1 redirects tpc.googlesyndication.com 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com www.fox19.com securepubads.g.doubleclick.net
7	www.fox19.com	www.fox19.com
6	img.flashtalking.com
6	cdn.doubleverify.com	s1.adform.net cdn.doubleverify.com 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com cdn.flashtalking.com www.fox19.com
6	googleads4.g.doubleclick.net	www.fox19.com ad.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
5	7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	rtbc-eu3.doubleverify.com	cdn.doubleverify.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com api-esp.piano.io
4	reconditerespect.com	www.fox19.com reconditerespect.com
3	servedby.flashtalking.com	7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects www.fox19.com
3	cdnjs.cloudflare.com	www.fox19.com cdnjs.cloudflare.com
2	tpsc-frc.doubleverify.com	cdn.doubleverify.com
2	stat.flashtalking.com	7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
2	t.myvisualiq.net	1 redirects 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	ad.doubleclick.net	www.googletagservices.com 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	d1l66zlxaqpl1u.cloudfront.net
2	track.adform.net	www.fox19.com s1.adform.net
2	odb.outbrain.com	widgets.outbrain.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	gray-config-prod.api.cdn.arcpublishing.com	d3agakyjgjv5i8.cloudfront.net
2	cds.connatix.com	www.fox19.com cd.connatix.com
2	www.googletagmanager.com	www.fox19.com www.googletagmanager.com
2	d3agakyjgjv5i8.cloudfront.net	www.fox19.com d3agakyjgjv5i8.cloudfront.net
1	fdz.flashtalking.com	cdn.flashtalking.com
1	fonts.googleapis.com	cdn.flashtalking.com
1	l.betrad.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	ads.yahoo.com	googleads.g.doubleclick.net
1	beacon.krxd.net	7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
1	mv.outbrain.com	widgets.outbrain.com
1	do0bihdskp9dy.cloudfront.net
1	d1d3jupgwm7m5r.cloudfront.net
1	s1.adform.net	track.adform.net
1	m.exactag.com	www.fox19.com
1	c.go-mpulse.net	s.go-mpulse.net
1	capi.connatix.com	cd.connatix.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	static.adsafeprotected.com	www.fox19.com
1	widget-pixels.outbrain.com	www.fox19.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	code.jquery.com	api-esp.piano.io
1	ping.chartbeat.net	www.fox19.com
1	s.go-mpulse.net	www.fox19.com
1	cd.connatix.com	1 redirects
1	static.chartbeat.com	www.fox19.com
1	polyfill.io	www.fox19.com
317	69

This site contains links to these domains. Also see Links.

Domain
www.cincyweekend.com
recruiting.ultipro.com
www.vuit.com
www.fullcourtgreta.com
www.circleallaccess.com
www.graydc.com
www.investigatetv.com
www.facebook.com
www.instagram.com
www.twitter.com
www.bbb.org
galleries.parentsdome.com
www.farandwide.com
edition.thrillist.com
www.bleacherbreaker.com
www.familyminded.com
www.workandmoney.com
www.outbrain.com
urbanaunty.com
tarcle.site
bestofsenior.com
www.toocool2betrue.com
xcraft.net
publicfiles.fcc.gov
webpubcontent.gray.tv

Subject Issuer	Validity	Valid
gray3.web.arc-cdn.net R3	`2022-01-11` - `2022-04-11`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.cdn.arcpublishing.com Entrust Certification Authority - L1K	`2021-11-29` - `2022-12-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
reconditerespect.com R3	`2022-01-12` - `2022-04-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2021-06-08` - `2022-06-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.api.cdn.arcpublishing.com Entrust Certification Authority - L1K	`2020-01-17` - `2022-04-16`	2 years	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-16` - `2022-09-14`	a year	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-02-24`	a year	crt.sh
cdn.flashtalking.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-02`	a year	crt.sh
*.evidon.com DigiCert SHA2 Secure Server CA	`2021-05-30` - `2022-06-08`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-02-07` - `2022-03-30`	2 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.betrad.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-02-27`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Frame ID: 4633B9080E58E90BC8FC3522BA872B8B
Requests: 104 HTTP requests in this frame

Frame: https://cds.connatix.com/p/153615/connatix.playspace.dc.js
Frame ID: 5E3ED88326EDF00866F4F9ED0EFE7639
Requests: 2 HTTP requests in this frame

Frame: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C174D4CED5443ADB410D21D3EB2120A0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4E48DBFC62F61F90A3E09D62048DA49E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA4279681A38E630A18351F41CACDCEB
Requests: 2 HTTP requests in this frame

Frame: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 792F45B486487FA64DC40A782B45291E
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjZv9K7ATAB&v=APEucNVQ55ib5dWxlSQeKLu9fkfGSOqio_dvdOZZGBcUKgY5WEvGgXDHiN3dtbjo98V-bjdKk8VHSwCaCypoG-ClzbY-XQA7xImKBqPzdHD3-zxYlMuVkOiLvb5CnQBruN3WD6srv6MBC3b9TgYqun1q4hrgzkb8EyXkV4flY6lKuexMl6Fp5pA
Frame ID: 092A2B70962A0D889902DB0ADDA8D1ED
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A0E09D5456FC707CADAA754FE4949D64
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
Frame ID: 1509FEC73D88C31A16665EBC073E1ABA
Requests: 7 HTTP requests in this frame

Frame: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2E1A99C0DF7B38542C9C2C44792238B8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYgc3UuQEwAQ&v=APEucNUpz38r8IU14W4UKjRmRpnrlqvCHf4GBzbKnN7x5RvjH__c0fOlwm4q1-4fPdIKmd8yIaEU0PrhIIDtucBxT-AAS3KUwBqDzPtDkXTFy-uy-lwI4-e-37QMi0gxVEEMDrOjzTu26rvQSH63GFZwqWu2U9mCr3sYFgptbHrpxLTeLJ7pUYg
Frame ID: F1E3E2E361DA6700130F9EF31262CFBD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8bzzh-wicwmX4zZnu9sLrU5mVx1R7gKSVkHkNIhXa_enH5T9QQJt7cQ0B-GcI1n7oorsQ1SU5Q3ojlrJiPzYLXtgGJBYbgHxJO27QCTghQ7_SQ5GcwN4YyEamQdKvnAVWN4b1--wq1QEWmaVYp5Acx-9s_Q&cry=1&dbm_d=AKAmf-CJ9aHcwqti60Qk98XvcITFOc9dPB0iJsJsoVrBiCfcF9ELOhGzsZwWdsfXQ0IkRn5K4C2mUuOvGEfP51c1BGABoSdbgjRTKPV8VBNbY73z3zOASydkRtZbT1ptzXupnCCDJNGfwQh7QGgkj0yV2A-NptvK-WnNEN3yZVmZEURg8NzAeccPdY599ivNUlaPbR0zRpZvYwFvjIdA8rm8YF0LWAvlGfcq14EjCcR9v0P_mg0aDn9SlCFzDY1gn-h6oY4X2vuTYbUWuvBN7tiI-3-32jEMFEzFx8jg8E4AdNPoRZhVfj_97o4oREPwUXkIEIvT41-VyB5UEg7dbO0FuDKjVPPR2GsDFhWugbnb_2H6iCLy4O3UTJ0Mszi5jcYUbJs8AYmT1aovb1D9GOvRxrFd-8iNE4AAwGGaviwtBEiImJU6rfrgbAUx91adtVrNRYucZwCdcg8aA8Y5l5SYdVauHgqlFo7JsLmyK7qSlWYtneVzqehRQ_XmIrHSYuF4AsJkyhi-Vx96OX0scaYA8l0etjCwQ6NuOF532YpFUha-EP0E8ptor5qW8tKttrv_F8D9zJc_HQSdkm7kJu18t9psZJHPUq_l33udBitHOtCEQySaroDRQ8PLwd6Xz13PqGBKzR91foUvNhmJgL5pDN2AKWdmg8XnvT97vgZ3Vle4wO2xCu7TjX0KIctyKeDpRbbUGKASBuktuOZbrc_xPhnTA3rxJepIf96K3sJocjXesqja_8IKkoNEzfCKfraYJp8y2exU_gy6oA6O2b7E9tY4lkXGQLhCkYpigDR1yOgJ7n7hkeClFd09oO4Fqr5acRTDNHHYz4JFryD5M-rq8cj31oXtXUaa-9rvlWI7Q6Bk9JPAki0E3mBeBU91nLqYXntQBRUEmkDIcq_TAGC3f1nDtY68P-dYM-krI9qnvltHJVbK5ECjARdxjsahjsAyyBUc0ldNyEiCniDd8njXt0GSfM1SJxvmst60jkAM6Coi6GGVzdjLwFGd15RfX9etHNG94pK4nRatjG7OIkruKimIxpaE0aRRSIjmYVnYlfSs1w7ULjADiyGPHkIeZq_GFsXVtjJCfr95k1pn-rdbMatM3gjm9n1SGndfjQVjVEPtOi9fLB-7HvxYI_x_WG3qe9edu028xog24w3HJ6Qqe6juy7CYcrGUXqURzT5RIl4aU32U2UmCt4Vdlrj-PEyQZ_TK2Kc59TAW_si475ZAL-EXHwYAmhiy_0VSAowty3a6NA0ErKSaYVfs4rax_DMRAhpf9DuWrKJ4wz_d13GDKEkEPfxrTTrFjvA_WPTWvaM7mi3c2PwZhe55NxpBdLByQGrZVk4Qq3xRhqfHcft_h5kLW9XgdYGsMTrm07U-1ds7dfyxK2zTGOHAGEEkfBYSoHwiI2n9O7IcdrpmHbtMHBeMHIg7XR4NjWddAXJpJ2sbM4vHgUQX_s6pHNk1-1aC6ZjPFq4sFxrRh6VHaTwFuGN0hyuvN2v4NWMVnLqoALN0TCyo0kMZBYnWabD9NVfj72cazXVvolaFWOHgsIsIOGvV68BpX_oQ-92LhedjlYMSlQA-41s-DBYby2L_j3jen2RhL6l88Ak_RlGWvsEjixVoIkOpxYGhCUsnaX3RyxS5EoRQGKGrAOrjpwWAD72AvJAI1uC2k4N8tIne3h9uC3RdxtiGfRc0zHb6GoTj1DmNE-jtk_iRqJyqgMZbbJ4v8F1vG6l-5pZwpoYwBizArQkaZWNgRbyDAlsGGeqrwsqwG1L-cZljA5Gj4e645NP2jbakKRK1SDj3Mttn27e_9-RDEbf2nh1hDW9bVTd8WjmaQCpZQULMHZnGc_UG-5rvXo9m9bmTq9C0W5AXT80Ui5-U-rTNwyeVK0mgCOCcXQgluXygzuJwwGRXO6vj7duRxx0ip9eZ3Rs0PqDy11QBed2_CzVFlY8iZe2O_-M5xGorRHCt1N3UZJyYFYyXm_ZpxcdvTMwVnfLXCMFRbmoqkCryWuY9dREUe9eP6I_6jyHQd4RGHgFaVCR6TasyeOL9B_4iwK-_HWvdOzvy7BrmYTrZr_zWJ_65esCcdXOYnpRrsLcmoAvK1k2AClxgRacJzs3migbU2KH3RvP14e-PLI-jZwbNEGtyxhmy9FCojTg6col0UetzKLYpAKWq9Kfk_ssOIMlFx5N3f2nbR38wZWK1p-Mfzq82PKPePhRsUb-NiArBC2C79PFUNnlksSUjnDmC_jWoJjdYDW-e6PrKcqH0xyxloRjX-wbE9wgXFKJ0NlzB2t6LAxA9tYov7zHILDZ4aFLd7LfuC7LqFm-DFw2azQOfkW8rVRGbb6apmfPbW_1i_K-fghFa0rl2fQl30SuZLh_24Iybhy-n5YZQZ83O9mPLbxXI2eLYK1juEfNniL4C7UoWOQSpiPG0lm_3_FdJKKqyqOzgNhsMI9ph0Z-A8WdZ0kkDPyep42Wh2fSKpkrz-BMzU8ljuevwFn6DrkAUtKrKdcRmCdcTCUmYOn6sDf4OBlM0RFXdHtZb7sjv7T5ipwpF3vNu1d--itJmvGRcTN4Pl_eA2Z-ndKIDPcW7YaL3UQrbgjYY3mIiffMNKnTyMqbNHvdR-_lJ3c7K-GtyCbMe8HA7-dH9xBqyJc_fHY5sx5qKWb6VMK6yNx3HGRknGa9z07UTuMRiNrHQJOGMqRM0iwX5hs7766dNExlPw6ItaBNjj2eW3vJADthHTVN9LYmas5vwPFWC-hD88YELhaaEVHfG0YDIef9Tiv28smAtrflgPcIbQwpZhMZWcx6B4Iy5CNnDCrHql46vRbmhyKi41QsoatBmGWqm15dO7oGuqfrsJaTRurwo_2roZhx4nptPlYvGWW0kuxe08DvU5Yw-URvMrAIt9516xK-3qJn-R363-mz87fc41qJN8NQRnK5sroiS8s5ukYB4WC5hiTO_kjzwdkVYcqH106eBxeatyjJLtbDtLnwhsO9Uk9F6Th2oL_m-k6ycFhQeW2cn2CsL1NypekQoeaFu2b758lCQpsA2wjfp5dhllWZmBVea05UNZCwqBe5BuEYB1epT7c85-4NRJ1MiH4E2QqOa6-zQLTGknrOcnkZVNMT5NGuvQM6Xfzk2_L9Hf3BR_YuIb-guxN3o_vvMkF-ktW1K-xPt0v7Kufucz_mcIzLAJHjqW6Fhhy1zl_nM1LaIN7vp_bhGWOnKKnS6g8_1BVqFWpPujJyTAYUvdM7VgzsWzfcqcBHB7MYGGbGdY4p2t3bNS0qx_8YghX02vYqqKDFmikRuIkNnV-rvyidyDrZFb8igiloEJLbhRTCU_JX-5zauhzZnrDXSUshEQDOpFUW1NtvfUA&cid=CAASKORooXj_j3OX8a_H8CvRsdfKi00YFTFa6h1PhMlEhQaAGBH5iLfe1LI&rfl=2%2Chttps%253A%252F%252Fwww.fox19.com%252F%240
Frame ID: E29AF7BDCF7962E8A13AFAB223958021
Requests: 29 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2FD35E486C08AF84BB5CBB9F57859E0E
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4DjjysMSyh0jMeUopp_yVuxVRpYQR8lMGdc_t_dcuOGBIqR9PrvArENpiMoUdylCj0ulCC3jRKfMSXB_e_6HCt7xfSmtZacmYy-0kmKv6sMNhWi2Stw5USHB_Z88jaKmsupZNqHZAbzi0GcCFEJM_y9QdZts8Rt7GsFH6jm6-CN1HbmXKVQKbHq9mrr1Dc3X-ZrxoOjq3Z35V0I0hFkSZBSYy6-81uWDkvj8a-WTzscXlR2CBXmvsCQB3itAvh_267HRRu3HjnguLRqLvDknewBJ4ScX00ymlIit20cpysp2lgSRvpmJAyd4&sai=AMfl-YQVSM1c-y0jZsyymnqTCp-Nfrw5rAm-uvHl8N__JXwwLc-TLm49qUPS4SDXSVSHyTLyYbYlTVS_RRlZhL22zOcMvLVfUDRK_a0R7J0W&sig=Cg0ArKJSzL0BTFO8OsfpEAE&uach_m=[UACH]&adurl=
Frame ID: 4080B1582977EDD6E89BF0314BE8E895
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2DC756C2FF2D5846240B0DBE12D83E2E
Requests: 3 HTTP requests in this frame

Frame: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AB953A806A78D59E5BE8B850B1E84CF6
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRC_t8b5Ahjn68zAATAB&v=APEucNXqpSBV5f2MXJTavsPoN05r3F--hTuEfHA8aPMVjGE1SqCb8yN5a4mTI0mf2QFQciKwaEPuLgrtyJpafPOSivc-eyji8w-kMffTDYjBcka7a3D33uLYXyeNv9-1kKEAv1HMNDQKGAkqL1DKfi8hDsKIeNCRGrr7W57rQsKWcw3EohuWKHM
Frame ID: 853B1F841B86D5BB297B1FB9D1311168
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 962DC9FC9E2172C86173AF91C6F2B13D
Requests: 3 HTTP requests in this frame

Frame: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EDF7A518AE73BE1CE833F11CEE483143
Requests: 15 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2324.js
Frame ID: E7203A0C16EF396B10AC93B4BEA6CF73
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEYxM-iwwEwAQ&v=APEucNWRSWCaUF0WfgmZsSb45hpesdD-1xbsd4nBsKjvErxH13d6s15S4RcwfwxH05X-BD-WYBwa3pYiqwB2QT4WkvmfLqZ-0h8Y36J5t5NJ5MJ67zjWniw5acjsUC53Kfi4Jr9YgrESklmzlLrpAz4OnXMYqxg_TAS2QF3JLx4ZJQtHGYmkeRw
Frame ID: FC2BC29C3A422A1CAF796E764264E16B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2822146DF20A4DEE19175E12E60A9328
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11475707399726046606/index.html?e=69&leftOffset=0&topOffset=0&c=hvI7DbRtl6&t=1&renderingType=2
Frame ID: C197390769A2696B3A13AC4E125649B0
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: 4FB513E3790596D17EE0B4AA6018EE92
Requests: 11 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/83842/3300636/index.html
Frame ID: D7823BDA24836EAAFC37C9C5594E839A
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
Frame ID: 06E0A6854C01C2DED13FF2A2BB0B6F15
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwa1ra7xcb7ldXc9J0jjcfhyZag8YYF4Q35G21Byo4-uXbgR2iQCvrGBygSSSchnQtRWtJy0jZAUPjuywvoCQY-6uIe_Tl2op3ywOK6vbv3uelj1G6u-Ain-aOTn_uqTfEEJ4AlohOU4Vm9tna2knvRhISdU1ojPv2Jp6BkZcKkTUnjbUMtDbYiE2kpnFKaELfly1fUJZAlPgZ_b-S2uIT7TSZTVWNijwyC-6tul10o_Pd2rC3hJNYJeBzJG3DRNhAqoeVREBMH7vFLlrDfcRA7nnFRj9UoDdL-9gAvB01E_Fy6KMORjC2xg&sai=AMfl-YT-KcyLQ8d-rPj2ux4uklBfwADnJ3l9yfgQOFcE0DcFWU-o8ECYNAaRE4atezLj9HNRQAmgX9GYUIZ5tIDst55AHnAe4kQ3d0mmxApX_XgIP1pHqUds8ESnDWThiPE&sig=Cg0ArKJSzIUYlOA_SIS2EAE&uach_m=[UACH]&adurl=
Frame ID: 8023F7E856420CFDED9D74FA3EE91778
Requests: 8 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/gwdpage_style.css
Frame ID: 08E8D6A38E3B714B3A4FFAB61ABF9FCA
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BBB warns of scam targeting people with Roku devicesShare on FacebookEmail This LinkShare on TwitterShare on PinterestShare on LinkedIn

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Crownpeak (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

c\.evidon\.com

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

317
Requests

95 %
HTTPS

49 %
IPv6

40
Domains

69
Subdomains

62
IPs

7
Countries

5851 kB
Transfer

14288 kB
Size

39
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: http://www.cincyweekend.com/
Title: Cincy Weekend

Search URL Search Domain Scan URL

URL: https://recruiting.ultipro.com/GRA1017GRYT/JobBoard/ae441110-89bd-444d-8ad2-b76c7b9db7a9/?q=&o=postedDateDesc&w=&wc=&we=&wpst=&f4=-ivljt9iPlifbOnDCrzzhQ
Title: Job Postings

Search URL Search Domain Scan URL

URL: https://www.vuit.com/publishers/357/wxix
Title: Latest Newscasts

Search URL Search Domain Scan URL

URL: https://www.fullcourtgreta.com/
Title: Full Court Press with Greta Van Susteren

Search URL Search Domain Scan URL

URL: http://www.circleallaccess.com/
Title: Circle - Country Music & Lifestyle

Search URL Search Domain Scan URL

URL: https://www.graydc.com/
Title: Gray DC Bureau

Search URL Search Domain Scan URL

URL: https://www.investigatetv.com/
Title: Investigate TV

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FOX19Cincinnati

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fox19now

Search URL Search Domain Scan URL

URL: https://www.twitter.com/FOX19

Search URL Search Domain Scan URL

URL: https://www.bbb.org/article/news-releases/22338-bbb-investigation-customers-allege-caligeeks-charged-fees-to-activate-roku
Title: here

Search URL Search Domain Scan URL

URL: https://galleries.parentsdome.com/movie-scene-quiz/?utm_source=outbrain&utm_medium=$publisher_name$-$section_name$&utm_term=$publisher_name$&utm_content=00fac4b3654d311d8c96b059cc51f01629&utm_campaign=xpd-ob-eur-d-moviesquiz-22.03.04-5539-quiz_5906_chrome_mdup10&utm_cpc=$cpc$&obOrigUrl=true
Title: Quiz: Can You Name These Movies From A Single Photo? Parentsdome Galleries

Search URL Search Domain Scan URL

URL: https://www.farandwide.com/s/amazing-world-maps-74d6186e6d0e414b?utm_campaign=amazingworldmaps-a541e0b043484d3a&utm_medium=cpc&utm_source=out&aid=008d034cf1b163e30d943e921a0636ed90&utm_term=$publisher_name$&obOrigUrl=true
Title: These Maps Will Blow Your Mind Far & Wide

Search URL Search Domain Scan URL

URL: https://edition.thrillist.com/s/beautiful-small-towns-europe-8f6a948d8f684626?utm_campaign=europesmalltowns-e560dfe6e8a34632&utm_medium=cpc&utm_source=out&aid=0024f54ea37f0fa903828c6c0a97826a79&utm_term=$publisher_name$&obOrigUrl=true
Title: Europe's 11 Best Overlooked Small Towns Thrillist

Search URL Search Domain Scan URL

URL: https://www.bleacherbreaker.com/celebrity/das-sind-die-jungsten-milliardarinnen-der-welt/?utm_campaign=ybf-d-de-c-0-0-211113-bb-ob-0&utm_source=ob&utm_medium=$section_id$-ob&utm_content=007eacedc54a12be60e2fc8f4288101379&utm_cpc=$cpc$&obOrigUrl=true
Title: 60 der schönsten weiblichen Milliardäre BleacherBreaker

Search URL Search Domain Scan URL

URL: https://www.familyminded.com/s/celeb-couples-with-major-age-differences-50dac89107af4ec0?utm_campaign=agedifferences-3c2c7a5070cd4b3e&utm_medium=cpc&utm_source=out&aid=000c5536f1237d00cba5affe60fc83fada&utm_term=$publisher_name$&obOrigUrl=true
Title: Celeb Couples with Major Age Differences FamilyMinded

Search URL Search Domain Scan URL

URL: https://www.workandmoney.com/s/worlds-richest-people-22fd06a124694515?utm_campaign=richestpeople-1d0562374f2341ab&utm_medium=cpc&utm_source=out&utm_term=$publisher_name$&obOrigUrl=true
Title: They Have More Money Than Anyone on Earth Work + Money

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: https://www.familyminded.com/s/best-dog-breeds-for-horoscope-signs-35f412c75d39432a?utm_campaign=horoscopedogbreeds-db8fb41b02ff4e52&utm_medium=cpc&utm_source=out&aid=000c5536f1237d00cba5affe60fc83fada&utm_term=$publisher_name$&obOrigUrl=true
Title: We Finally Know Which Breeds Match Each Horoscope Sign

Search URL Search Domain Scan URL

URL: https://www.farandwide.com/s/europes-most-livable-cities-71985994306c4df6?utm_campaign=europelivable-5b6e584824f04609&utm_medium=cpc&utm_source=out&aid=008d034cf1b163e30d943e921a0636ed90&utm_term=$publisher_name$&obOrigUrl=true
Title: European Cities With the Highest Quality of Life

Search URL Search Domain Scan URL

URL: https://galleries.parentsdome.com/quiz-usa-georaphy/?utm_source=ob-quiz&utm_template=quiz&utm_medium=$publisher_name$-$section_name$&utm_term=$publisher_name$&utm_content=002e7e0cbb5f7308d26c4d489729fb4d3d&utm_campaign=xpd-ob-ww1-d-usgeoquiz-21.12.06-7154-cnr_p10_quiz_9428_chrome&utm_cpc=$cpc$&obOrigUrl=true
Title: 9/10 People Miserably Fail This U.S Geography Quiz, Will You Nail It?

Search URL Search Domain Scan URL

URL: https://urbanaunty.com/trending/hollywood-golden-age-tb-3/?utm_campaign=Hollywood%20Golden%20Age%20Gabriala2203%20V3%20CH%20En%20-%20Desktop%20DEU%20OB&utm_source=OutBrain&utm_medium=$section_id$&utm_term=These+Are+What+Hollywood%27s+Golden+Age+Celebrities+Are+Up+To+Today&utm_content=008e87a7f15d6fb45d1e1bd7ff2af47246&psl=g_1fd5ed&network_code=CM&obOrigUrl=true
Title: [Pics] 69 Year Old Elvira Is Not Ashamed Of Her Age Or Her Net Worth

Search URL Search Domain Scan URL

URL: https://tarcle.site/click.php?key=k457ubviz1ouahbnfytw&ob_click_id=$ob_click_id$&publisher_name=$publisher_name$&ad_title=Diabetics%3A+Here%27s+How+To+Lower+Blood+Sugar+%28It%27s+Genius%21%29&section_id=$section_id$&publisher_id=$publisher_id$&campaign_id=0060bd3828998acdb69bf9de29baf2c1f9&ad_id=000a709642b0cf114ac2151c4bfd70935f&time_stamp=$time_stamp$&section_name=$section_name$&obOrigUrl=true
Title: Diabetics: Here's How To Lower Blood Sugar (It's Genius!)

Search URL Search Domain Scan URL

URL: https://bestofsenior.com/trending/hollywoods-veterans-the-greatest-stars-from-the-golden-age-era-are-still-alive-enjoying-life-in-retirement-ob-lorenzolamas-2?utm_source=outbrain&utm_campaign=00e2e4a641d04647e25ac87aaae4ae13a5&utm_medium=$section_name$__$section_id$&utm_term=%5BPics%5D+Do+you+Remember+Him%3F+This+Is+Him+At+63&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: [Pics] Do you Remember Him? This Is Him At 63 Best Of Senior

Search URL Search Domain Scan URL

URL: https://www.farandwide.com/s/dangerous-selfies-6dac0a84fa80490c?utm_campaign=dangerousselfies-30cdcd279c3946aa&utm_medium=cpc&utm_source=out&aid=008d034cf1b163e30d943e921a0636ed90&utm_term=$publisher_name$&obOrigUrl=true
Title: Travel Selfies That Weren’t Worth the Risk Far & Wide

Search URL Search Domain Scan URL

URL: https://www.toocool2betrue.com/general-knowledge-quiz/?utm_source=ob-quiz&utm_template=quiz&utm_medium=$publisher_name$-$section_name$&utm_term=$publisher_id$_$section_id$&utm_content=007ea4395d1c93d79b8d6ab89541754069&utm_campaign=tc-ob-t2-d-wisdomquiz-22.01.24-5898-cnr_p20_chrome_5660&utm_cpc=$cpc$&obOrigUrl=true
Title: Your IQ Is 142 If You Get 15/20 On This General Knowledge Quiz TooCool2BeTrue

Search URL Search Domain Scan URL

URL: https://www.bleacherbreaker.com/trending/schwindelerregenden-fotos/?utm_campaign=ywb-d-de-n-0-0-220225-bb-ob-0&utm_source=ob&utm_medium=$section_id$-ob&utm_content=002c1d6e88517a187ad50da05e89cf065e&utm_cpc=$cpc$&obOrigUrl=true
Title: 16 Fotos, die nicht gestellt sind – aber so aussehen! BleacherBreaker

Search URL Search Domain Scan URL

URL: https://galleries.parentsdome.com/random-knowledge-quiz/?utm_source=ob-quiz&utm_template=quiz&utm_medium=$publisher_name$-$section_name$&utm_term=$publisher_id$_$section_id$&utm_content=005463e76619f782e7fbcc41ddfee5d141&utm_campaign=xpd-ob-ww1-d-randomquiz-22.01.23-6621-cnr_p10_chrome_4372&utm_cpc=$cpc$&obOrigUrl=true
Title: We Will Guess Your Education Level in 20 Questions Parentsdome Galleries

Search URL Search Domain Scan URL

URL: https://xcraft.net/registration/ARLECHIN?utm_source=Outbrain&utm_medium=Discovery&utm_campaign=deu_conv_all_desk&utm_content=Baue%2C+expandiere+und+verbessere+dein+Imperium+unendlich.&utm_term=$publisher_name$_$section_name$&obOrigUrl=true
Title: Baue, expandiere und verbessere dein Imperium unendlich. xcraft.net

Search URL Search Domain Scan URL

URL: http://publicfiles.fcc.gov/tv-profile/WXIX-TV
Title: Public Inspection File

Search URL Search Domain Scan URL

URL: https://webpubcontent.gray.tv/gdm/wxix-2021-eeo.pdf
Title: EEO Report

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/153615/connatix.playspace.dc.js

Request Chain 59

https://sb.scorecardresearch.com/b?c1=2&c2=10477191&cs_ucfr=1&ns__t=1646407973859&ns_c=UTF-8&cv=3.5&c8=BBB%20warns%20of%20scam%20targeting%20people%20with%20Roku%20devices&c7=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1646407973859&ns_c=UTF-8&cv=3.5&c8=BBB%20warns%20of%20scam%20targeting%20people%20with%20Roku%20devices&c7=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F&c9=

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIEgAbMADu4FRrScNGbiav4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIEgAbMADu4FRrScNGbiav4&google_cver=1&C=1

Request Chain 93

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YiIxJt-6Q5lh4bXNVwV8kwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGJRq_IFVKvez9CWcuxDc8&google_cver=1

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEN9H30PxXvQJ_f-W8TrUNXY&google_cver=1

Request Chain 95

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUyODY2OTI0Nzk4OTMyNDU5Nw%3D%3D

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGJRq_IFVKvez9CWcuxDc8&google_cver=1

Request Chain 124

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YiIxJt-6Q5lh4bXNVwV8kwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGJRq_IFVKvez9CWcuxDc8&google_cver=1

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKJUkhiqh-zitrfz3OkFxkQ&google_cver=1

Request Chain 126

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUyODY2OTI0Nzk4OTMyNDU5Nw%3D%3D

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELEKsYjl9LfhgcurgfbNAuc&google_cver=1

Request Chain 187

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESELLAjHyju6trCGmHQSDPcXs&google_cver=1

Request Chain 214

https://t.myvisualiq.net/impression_pixel?r=236057000&et=i&ago=212&ao=842&aca=27143449&si=5775970&ci=164981903&pi=326509078&ad=518698891&advt=9642282&chnl=-28&vndr=1316&sz=10262&u=~-~DBM_16377205109_403912167_ABAjH0hJG6NnKBcjoNNZmR1Tshbx~-~|174157_23802752_3300636&pt=i HTTP 302
https://t.myvisualiq.net/ul_cb/impression_pixel?r=236057000&et=i&ago=212&ao=842&aca=27143449&si=5775970&ci=164981903&pi=326509078&ad=518698891&advt=9642282&chnl=-28&vndr=1316&sz=10262&u=~-~DBM_16377205109_403912167_ABAjH0hJG6NnKBcjoNNZmR1Tshbx~-~|174157_23802752_3300636&pt=i

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAzy6NccuBqK936ttTnyDRk&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAzy6NccuBqK936ttTnyDRk&google_cver=1&__user_check__=1&sync_id=5d3b327e-9bd0-11ec-ae76-14bc9e680206

Request Chain 233

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=5d38eadd-9bd0-11ec-81d5-1626150c0506 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NWQzOGVhYTYtOWJkMC0xMWVjLTgxZDUtMTYyNjE1MGMwNTA2

Request Chain 268

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

317 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/ 302 KB
48 KB 818ms
521ms Document
text/html 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 4a1beabf3a75c1d6d0917d7bc35e4b54131d9ecb133001a3cc29aee965b3f9ce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
server: openresty
content-encoding: gzip
etag: W/"4a541-2f1L6sNbt6E8Y0M/NO1pou98DXc"
last-modified: Fri, 04 Mar 2022 15:32:37 GMT
vary: Accept-Encoding
x-akamai-transformed: 9 46167 0 pmb=mRUM,2
cache-control: private, max-age=60
expires: Fri, 04 Mar 2022 15:33:53 GMT
date: Fri, 04 Mar 2022 15:32:53 GMT
server-timing: cdn-cache; desc=REVALIDATE edge; dur=29 origin; dur=472
link: <https://polyfill.io>;rel="preconnect",<https://gray-wxix-prod.cdn.arcpublishing.com>;rel="preconnect",<https://cdnjs.cloudflare.com>;rel="preconnect",<https://static.chartbeat.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://static.adsafeprotected.com>;rel="preconnect",<https://www.google-analytics.com>;rel="preconnect"

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
580 B 59ms
17ms Script
text/javascript 2a04:4e42:600::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=NodeList.prototype.forEach%2CArray.prototype.forEach%2CSymbol.hasInstance%2Ces6%2CIntl%2ClocalStorage%2CDate.prototype.toISOString%2CDate.now%2Cdefault%2CObject.entries%2CArray.prototype.entries

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fox19.com/
Origin: https://www.fox19.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 687751
detected-user-agent: Chrome/99.0.4844
server-timing: HIT, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 94
referrer-policy: origin-when-cross-origin
last-modified: Thu, 24 Feb 2022 12:36:27 GMT
date: Fri, 04 Mar 2022 15:32:53 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/99.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 react.js Show response
www.fox19.com/pf/dist/engine/ 689 KB
159 KB 21ms
19ms Script
application/javascript 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fox19.com/pf/dist/engine/react.js?d=232
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: c900978f11e67c99baad6d4a98db63cbaf49d907560c883ecd068b79303dd2ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 21:10:12 GMT
server: openresty
x-amz-request-id: S5WE6W1ZHPSBY11E
etag: W/"8cb587cc06c571d81e5eca0ab489c72c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 161647
x-amz-id-2: bybtPmVCOcdEN9waGCFBYkRnT1vwle4RZSOSqc3jvEOCexrbARK/nGXoRbGkK22ALFgMiHaB3SM=
expires: Sat, 04 Mar 2023 15:32:53 GMT

GET
H2 200 default.js Show response
www.fox19.com/pf/dist/components/combinations/ 1 MB
262 KB 20ms
19ms Script
application/javascript 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fox19.com/pf/dist/components/combinations/default.js?d=232
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 7300df182e6249faf80b77095619368019fd9c32494db0f78f31e54725872b69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 21:10:12 GMT
server: openresty
x-amz-request-id: S5WFMH4N50Q6P10H
etag: W/"cccb2813108545e46ac0793898cd2eb5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 267107
x-amz-id-2: c9QVS4lXMadmIdcLB5Nnjm0KODAMZLIw+rcEVxcyhku1MZikelH+ieM1Us0KHQZF1XHOMNApMtA=
expires: Sat, 04 Mar 2023 15:32:53 GMT

GET
H2 200 main.css
gray-wxix-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/ 83 KB
14 KB 185ms
89ms Stylesheet
text/css 2a02:26f0:f7::5c7b:e1d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://gray-wxix-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/main.css?d=232
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e1d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 6206823ece3aeb65eb7ba918f096d683b67a8848407378847b1f22551ab8721d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 21:10:12 GMT
server: openresty
x-amz-request-id: VGT2S7J82RMKT2CJ
etag: W/"6dd05f673b04d6bedc7a004ad60ae072"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=79
content-length: 14217
x-amz-id-2: sGY+K0QpnYYmLv67vN9ZLGcD4S+zvVrEsgWAR23v1/lecNATwiI9s+xM0I/fnvejomeO32uW1T8=
expires: Sat, 04 Mar 2023 15:32:53 GMT

GET
H2 200 main.css
gray-wxix-prod.cdn.arcpublishing.com/pf/resources/dist/wxix/css/ 97 KB
16 KB 204ms
108ms Stylesheet
text/css 2a02:26f0:f7::5c7b:e1d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://gray-wxix-prod.cdn.arcpublishing.com/pf/resources/dist/wxix/css/main.css?d=232
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e1d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: a5ae2ce33b77cb5febebb5a61d02e33520aba86a1eb03e1fa3b898b73b6fd167

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 21:10:12 GMT
server: openresty
x-amz-request-id: VGT3M2YRGGNY0DYH
etag: W/"bdef625a6a377a65d9b4da222d57dd62"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=78
content-length: 15823
x-amz-id-2: PZ4y+Zx7A8gdy2LSYiZy7BXDn65SxgFmf/+joKYmrP28Ivyr6ow/FOVpmgAjABoDDyc/SgEczoY=
expires: Sat, 04 Mar 2023 15:32:53 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 51ms
23ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css?d=232

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10003842
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10462
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8snzO%2BPtLm8fh03XrMknN1cbfL5XGS4Y1q%2FkcG55M%2BCHiSConh8UI1ITzpm%2F403839ggsYIYzuobt92Rjmla82eiYAaZZM1hHPbcTAc4P%2FZM4KguUMqZKrMNL2maUSlYGmSKFA4YqTvrNPuMZCsg%2Ba8f"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e6baac80e4e01df-ZRH
expires: Wed, 22 Feb 2023 15:32:53 GMT

GET
H2 200 gtm.js Show response
gray-wxix-prod.cdn.arcpublishing.com/pf/resources/js/analytics/ 584 B
825 B 181ms
85ms Script
application/javascript 2a02:26f0:f7::5c7b:e1d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://gray-wxix-prod.cdn.arcpublishing.com/pf/resources/js/analytics/gtm.js?d=232
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e1d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 21:10:11 GMT
server: openresty
x-amz-request-id: VGT1XDPNZ8MV5J78
etag: W/"d95f5027a66e33b82dc537faa5603017"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=63
content-length: 305
x-amz-id-2: j3mkjyC9DIAb+/IS/j8v3jFwLikyvO1t646pZ4gjEZRc0W+P+MzIrSIjmUOqBD0fuMCsndBHOQU=
expires: Sat, 04 Mar 2023 15:32:53 GMT

GET
H2 200 arcads.js Show response
gray-wxix-prod.cdn.arcpublishing.com/pf/resources/js/ads/ 35 KB
8 KB 207ms
112ms Script
application/javascript 2a02:26f0:f7::5c7b:e1d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://gray-wxix-prod.cdn.arcpublishing.com/pf/resources/js/ads/arcads.js?d=232
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e1d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 09e4f0b788966ce2b1bf0a3c5af62dd6179e29662299e37e64f6a05c2af6b5f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 21:10:12 GMT
server: openresty
x-amz-request-id: VGT2E0AXQTKEHCYM
etag: W/"4aa36db740c369c50d6c8e873ebe4d3f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=77
content-length: 7258
x-amz-id-2: zxqXDQ8yyNkhQa2N3Pp1DcsZGTzusFJ3aoKEYaVl7vZTpN6q8/qxEl3c43PFiwB6sBMFOg4IdoM=
expires: Sat, 04 Mar 2023 15:32:53 GMT

GET
H2 200 powaBoot.js Show response
d3agakyjgjv5i8.cloudfront.net/prod/ 50 KB
18 KB 54ms
9ms Script
application/javascript 2600:9000:21f3:9a00:b:5584:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3agakyjgjv5i8.cloudfront.net/prod/powaBoot.js?org=gray
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9a00:b:5584:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f352eb752b1e2a3fe457f6c802f310cf30ccc462cf112e21d7207c545771757a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:30:45 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 16:17:04 GMT
server: AmazonS3
age: 148
etag: W/"7985773c369b2bd47c65bd32500e48f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: JHcJ5bBTmkelyDzpG_vrSgf28djJ9-xWNy63L5SqcqpiKW5qDhXfCw==

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 197 KB
68 KB 81ms
46ms Script
application/x-javascript 2.21.142.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.142.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-172.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: da4042880d03ed14f6aedf0c25d73ea98826d041555391d132b8e8e4eb1930e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 13:04:55 GMT
etag: "15-NQ99qrk2MPxeROoR4HI0SnKltls"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 1f63ddd6d622f26d965c26383169fb5d
timing-allow-origin: *, *
content-length: 69347

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 51ms
10ms Script
application/x-javascript 2600:9000:2315:d000:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:d000:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:11:37 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 22:23:33 GMT
server: nginx
age: 1276
etag: W/"61fc55e5-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 4vP4KEclLPBNUpPonvxmbqEq5mcMRoUC5ZEqc4srC_Jsu0XhlPPnLg==
expires: Fri, 04 Mar 2022 17:11:37 GMT

GET
H2 200 A2NAMMDONFE3VKGIFUYI2TXDVE.PNG
gray-wxix-prod.cdn.arcpublishing.com/resizer/uRbTx5BRB20jRg5KvGQyUgauGGs=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 47 KB
48 KB 91ms
87ms Image
image/webp 2a02:26f0:f7::5c7b:e1d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gray-wxix-prod.cdn.arcpublishing.com/resizer/uRbTx5BRB20jRg5KvGQyUgauGGs=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/A2NAMMDONFE3VKGIFUYI2TXDVE.PNG
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e1d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: cfdacb1dc700f918dd1fca5b2f16b0917d54ea09531016a3748a3facdfd07de1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
last-modified: Thu, 03 Mar 2022 19:34:19 GMT
server: Akamai Image Manager
etag: "07d97043c8267f6ed827a07e3d090650e55d9239"
content-type: image/webp
cache-control: private, no-transform, max-age=31464064
server-timing: cdn-cache; desc=HIT, edge; dur=51
content-length: 48540
expires: Fri, 03 Mar 2023 19:33:57 GMT

GET
H2 200 H2EZGLGXKZAY7C7TQW6NX5Z2XA.jpg
gray-wxix-prod.cdn.arcpublishing.com/resizer/lgw5xEbzRDQvLXKt0Wut2vtm_uM=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 50 KB
51 KB 97ms
93ms Image
image/jpeg 2a02:26f0:f7::5c7b:e1d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gray-wxix-prod.cdn.arcpublishing.com/resizer/lgw5xEbzRDQvLXKt0Wut2vtm_uM=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/H2EZGLGXKZAY7C7TQW6NX5Z2XA.jpg
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e1d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: b742003f99ec29e33da2364954f0a7d9fb66ba9bf3d03dc1cf9516ce418e6f8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
x-check-cacheable: YES
x-serial: 650
etag: "bc659d81ac4e7332bad59276359bbb29ffd3136e"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31385537
last-modified: Wed, 02 Mar 2022 21:45:33 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=212
content-length: 51699
server: Akamai Image Manager
expires: Thu, 02 Mar 2023 21:45:10 GMT

GET
H2 200 EZCPYJDMSJBQNGNRFR5Q77WFWU.PNG
gray-wxix-prod.cdn.arcpublishing.com/resizer/JIA5TDsRDQP6eK5t1PA7OKByAi4=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 44 KB
45 KB 101ms
97ms Image
image/webp 2a02:26f0:f7::5c7b:e1d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gray-wxix-prod.cdn.arcpublishing.com/resizer/JIA5TDsRDQP6eK5t1PA7OKByAi4=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/EZCPYJDMSJBQNGNRFR5Q77WFWU.PNG
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e1d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 04d39a42ef9a588202b02e7216b5f6ed936f70bead12a31828ac88fd4a5831a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
last-modified: Thu, 03 Mar 2022 21:48:00 GMT
server: Akamai Image Manager
etag: "8047c281f9558722ffbe080a19ac4ad73a1170cd"
content-type: image/webp
x-edgeconnect-cache-status: 1
cache-control: private, no-transform, max-age=31472073
server-timing: cdn-cache; desc=HIT, edge; dur=64
content-length: 45430
expires: Fri, 03 Mar 2023 21:47:26 GMT

GET
H2 200 KLFHSPK5QJBHJKBEUBJGLGEFOQ.JPG
gray-wxix-prod.cdn.arcpublishing.com/resizer/ePWhqJblcvs7sPtpjTg6fs4nSoM=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 20 KB
21 KB 105ms
101ms Image
image/jpeg 2a02:26f0:f7::5c7b:e1d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gray-wxix-prod.cdn.arcpublishing.com/resizer/ePWhqJblcvs7sPtpjTg6fs4nSoM=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/KLFHSPK5QJBHJKBEUBJGLGEFOQ.JPG
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e1d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 11a69555f6dd33b9af83cb59a190e1d0fd4b26b7eeda0aa4d5efa5d8b56002ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
last-modified: Thu, 03 Mar 2022 17:16:23 GMT
server: Akamai Image Manager
etag: "1f6e5cd7da074d40a487057d5ecfd7227926fa84"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31455881
server-timing: cdn-cache; desc=HIT, edge; dur=54
content-length: 20746
expires: Fri, 03 Mar 2023 17:17:34 GMT

GET
H2 200 YPYEFYDEPBDHLGHLJ7VZZRH2NA.jpg
gray-wxix-prod.cdn.arcpublishing.com/resizer/VdecfBmCbLorulazmjC_BTBMHpc=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 15 KB
15 KB 641ms
637ms Image
image/jpeg 2a02:26f0:f7::5c7b:e1d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gray-wxix-prod.cdn.arcpublishing.com/resizer/VdecfBmCbLorulazmjC_BTBMHpc=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/YPYEFYDEPBDHLGHLJ7VZZRH2NA.jpg
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e1d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: f7e4cd484572b86d412f6dc69a7384dd519e31a646cb3aa95ede3077ef5517f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
x-check-cacheable: YES
x-serial: 601
etag: "4b8c283ff2496fcb38e85c5c622f75e858b7cf3b"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31534934
last-modified: Fri, 04 Mar 2022 15:16:25 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=497, origin; dur=112
content-length: 15100
server: Akamai Image Manager
expires: Sat, 04 Mar 2023 15:15:07 GMT

GET
H2 200 QIJM3NBQTNEW7I3R3LGYSRIVUY.JPG
gray-wxix-prod.cdn.arcpublishing.com/resizer/BfxM73G3BBC6U-SO1DLQILYteQs=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 38 KB
38 KB 273ms
270ms Image
image/jpeg 2a02:26f0:f7::5c7b:e1d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gray-wxix-prod.cdn.arcpublishing.com/resizer/BfxM73G3BBC6U-SO1DLQILYteQs=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/QIJM3NBQTNEW7I3R3LGYSRIVUY.JPG
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e1d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 157b8179ab74c937e22728e76d2dc6d0333ae235687467d53c440fdfce731047

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
last-modified: Fri, 04 Mar 2022 14:37:09 GMT
server: Akamai Image Manager
etag: "73638acb5840df9447e722f55597a4e1e3c81500"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31532752
server-timing: cdn-cache; desc=HIT, edge; dur=213
content-length: 38698
expires: Sat, 04 Mar 2023 14:38:45 GMT

GET
H2 200 4DKIBER3WVHMFCCYBZQGGUJT5Q.JPG
gray-wxix-prod.cdn.arcpublishing.com/resizer/2TI7nicbESNoOsry8P-pRWzcbv8=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 53 KB
53 KB 118ms
115ms Image
image/jpeg 2a02:26f0:f7::5c7b:e1d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gray-wxix-prod.cdn.arcpublishing.com/resizer/2TI7nicbESNoOsry8P-pRWzcbv8=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/4DKIBER3WVHMFCCYBZQGGUJT5Q.JPG
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e1d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: a9180a2a18c07387a00346245fee4d8ccfedb34a54f8c5b4e01ef54ab5931194

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
x-check-cacheable: YES
x-serial: 1096
etag: "daa5da934c546af567f7a48c590f8d81da7f6c27"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31531721
last-modified: Fri, 04 Mar 2022 14:21:06 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=146
content-length: 54197
server: Akamai Image Manager
expires: Sat, 04 Mar 2023 14:21:34 GMT

GET
H2 200 FNE3HMRYGNBULFH2RE3LENB2JU.png
gray-wxix-prod.cdn.arcpublishing.com/resizer/yGw8LKsDfOyCygSf3esO29BnzUs=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 57 KB
57 KB 118ms
115ms Image
image/webp 2a02:26f0:f7::5c7b:e1d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gray-wxix-prod.cdn.arcpublishing.com/resizer/yGw8LKsDfOyCygSf3esO29BnzUs=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/FNE3HMRYGNBULFH2RE3LENB2JU.png
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e1d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 0db8f9bb4df64fd6f96483cab03274c1cbdb62a2a697531d064cf9d943115c2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
last-modified: Fri, 04 Mar 2022 10:21:54 GMT
server: Akamai Image Manager
etag: "ff78a168cc5846fde11e2bd9c26805e954a79230"
content-type: image/webp
cache-control: private, no-transform, max-age=31517354
server-timing: cdn-cache; desc=HIT, edge; dur=39
content-length: 57856
expires: Sat, 04 Mar 2023 10:22:07 GMT

GET
H2 200 BNMQWWCBYBFW5PQRMFTT45ICPU.jpg
gray-wxix-prod.cdn.arcpublishing.com/resizer/-EKwXM06b_A2z0IHlEDEboTB5cY=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 42 KB
42 KB 173ms
170ms Image
image/jpeg 2a02:26f0:f7::5c7b:e1d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gray-wxix-prod.cdn.arcpublishing.com/resizer/-EKwXM06b_A2z0IHlEDEboTB5cY=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/BNMQWWCBYBFW5PQRMFTT45ICPU.jpg
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e1d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: a16d7d9c749cdb983d979577b9f98952cec2852b638f93281dc2042eeb45cf17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
last-modified: Fri, 04 Mar 2022 12:48:04 GMT
server: Akamai Image Manager
etag: "f96f0bef9a77605f7f0e70f0c2680c19cc314a88"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31526064
server-timing: cdn-cache; desc=HIT, edge; dur=91
content-length: 42766
expires: Sat, 04 Mar 2023 12:47:17 GMT

GET
H2 200 v2ikze901tKujlouk_xNfyzXdbc7gKXf7T6kC8b_HxA37TpEtR1A6inT1YQ Show response
reconditerespect.com/ 89 KB
27 KB 241ms
201ms Script
text/javascript 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2ikze901tKujlouk_xNfyzXdbc7gKXf7T6kC8b_HxA37TpEtR1A6inT1YQ

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

8ec8816fd93a3368f17e59169d5cec08dae452a6ebc814c8e2ae08397a03b4af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "a0319e900f2a1f60d01c0b57cb5a9bd27d37afab02589cbe686c7cee1832a166"
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-c63t
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Fri, 04 Mar 2022 15:32:53 GMT
x-buildnumber: 478878929
timing-allow-origin: *

GET
H2 200 v2seeCtVWgw6REocO_mfZT7oaq0FiKhSKFp0wFbKt-dWxFD4uZUJIe_y86qcY_9N2wp_EqBYiUVs Show response
reconditerespect.com/ 16 KB
6 KB 240ms
200ms Script
text/javascript 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2seeCtVWgw6REocO_mfZT7oaq0FiKhSKFp0wFbKt-dWxFD4uZUJIe_y86qcY_9N2wp_EqBYiUVs

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

dfa21f9c7e496615193ca9cc443137046c579369a5323689754bf20c27c39379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
etag: "00f795b8ed4596a218b52a4b5d6d68c43949940b4a9b26f2d17e6ad61356c093"
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-c63t
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Fri, 04 Mar 2022 15:32:53 GMT
x-buildnumber: 478878929
timing-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 136 KB
38 KB 44ms
20ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3aa0ef56b02fb8a40c3c5bd89076b9ddc6f55b9c5b805d9771c8f1bc750c1acf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38100
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Mar 2022 15:32:53 GMT

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/153615/ Frame 5E3E
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/153615/connatix.playspace.dc.js

1012 KB
244 KB

34ms
16ms

Script
application/javascript

151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/153615/connatix.playspace.dc.js
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 82bee44931611b10334fc1449c8d760ddfc277bc70c79b52840291c7880571fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: br
last-modified: Fri, 04 Mar 2022 12:30:26 GMT
age: 10015
etag: "1637612e509766d7496ea544e98b10f2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 249440

Redirect headers

location: https://cds.connatix.com/p/153615/connatix.playspace.dc.js
date: Fri, 04 Mar 2022 15:32:53 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
server: Kestrel
accept-ranges: bytes
content-length: 0

GET
H2 200 sdk.js Show response
api-esp.piano.io/public/sdk/v04/ 43 KB
14 KB 76ms
39ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 9074
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 24 Feb 2022 13:21:38 GMT
server: cloudflare
etag: W/"1bbec-17f2be4eed0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6e6baac98d3a0204-ZRH
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sat, 04 Mar 2023 15:32:53 GMT

GET
H2 200 PWDBA-7UQZ3-JGMRY-2PGGW-X42DY Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 54ms
15ms Script
application/javascript 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/PWDBA-7UQZ3-JGMRY-2PGGW-X42DY
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: br
last-modified: Wed, 16 Feb 2022 15:00:57 GMT
x-n: S
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 wxix.jpg
www.fox19.com/pf/resources/images/mastheads/backgrounds/ 14 KB
15 KB 113ms
111ms Image
image/webp 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fox19.com/pf/resources/images/mastheads/backgrounds/wxix.jpg?d=232
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 473e041c6faf7b1b3f4ca63228ae902b67142a86e2ef5d1adb7659bcd7db27ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: W/"79a448988d87d4faae11fa55b62c8598"
x-serial: 983
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31470278
last-modified: Thu, 03 Mar 2022 21:17:10 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=202
content-length: 14536
expires: Fri, 03 Mar 2023 21:17:31 GMT

GET
H2 200 wxix.svg
www.fox19.com/pf/resources/images/mastheads/logos/ 7 KB
3 KB 38ms
36ms Image
image/svg+xml 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fox19.com/pf/resources/images/mastheads/logos/wxix.svg?d=232
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: fd5285c9933b6b97cab12ce3d118aebfb3f0bd77cd1ee264356c8b8587b0853b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 21:10:11 GMT
server: openresty
x-amz-request-id: 6VGKNEG3W62WCADA
etag: W/"8fb9ad05a2a433c53b310d88286f64a2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=8
content-length: 2806
x-amz-id-2: +1/i6lhraEOLF/dJfp3NGM/yQZ6wsRkAAlr517HXuFpPVE7FHzy/ZyQvnupkIWvVVwwEAmsx9/A=
expires: Sat, 04 Mar 2023 15:32:53 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 42ms
27ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css?d=232

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css?d=232
Origin: https://www.fox19.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 230751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-131bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8PfvhjxOR%2B6E%2BWkttGbiio1DKLsDykweCOEpykMyqyJbHfiPht4Wz5OW2svrI5W6e%2F1txnejqiflTPCi%2BH9emzF1Tr9iCxszv9q6%2FWma3c4l36qYx7XMcpKnM9r6tgCxPS1m3u1RgDyefLG4HlcrLyS"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e6baac969060221-ZRH
expires: Wed, 22 Feb 2023 15:32:53 GMT

GET
H2 200 grayLogoHorizontal.svg
gray-wxix-prod.cdn.arcpublishing.com/pf/resources/dist/images/ 14 KB
5 KB 68ms
67ms Image
image/svg+xml 2a02:26f0:f7::5c7b:e1d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gray-wxix-prod.cdn.arcpublishing.com/pf/resources/dist/images/grayLogoHorizontal.svg?d=232
Requested by: Host: gray-wxix-prod.cdn.arcpublishing.com
URL: https://gray-wxix-prod.cdn.arcpublishing.com/pf/resources/dist/wxix/css/main.css?d=232
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e1d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gray-wxix-prod.cdn.arcpublishing.com/pf/resources/dist/wxix/css/main.css?d=232
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 21:10:11 GMT
server: openresty
x-amz-request-id: 6VGW9AJ1V1DCK98N
etag: W/"4228f26a863969873e28bcee1a6a4ded"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=55
content-length: 5010
x-amz-id-2: SoQZ9BbilyxQxmirHhTZnwvN7arUgVlEJgEvd8gbnlsJWfSSOTrBpJLFgFoZWS4CrLd1DB922LE=
expires: Sat, 04 Mar 2023 15:32:53 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 13 KB
14 KB 30ms
29ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css?d=232

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e072a40ac7b8d13ac916ea7414702ef308c98d0b3d53835a361ffff11a4fcaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css?d=232
Origin: https://www.fox19.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1283849
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13224
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-33a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eaDVjZSuL3jOP6ZYH9fzAcleTkgYmkWvjpIAL4w31U5vuODkz3P2qcr8O8GPebIM78gLif7o21Z%2BRC8zRXOjPpQ7I3K2eyJ5d8fPCCjneJeAYG1WE2GIRh3ciO5pipURyYeKscRQ38nptrK92u0D1fvO"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e6baac9a93c0221-ZRH
expires: Wed, 22 Feb 2023 15:32:53 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 45ms
22ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/pf/dist/components/combinations/default.js?d=232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

a25fd8b68d455ab4cf5e8aa67634e4db1dcdf7b7cf00bab78d4f6f866bae829c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28020
x-xss-protection: 0
server: sffe
etag: "1149 / 620 of 1000 / last-modified: 1646395724"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 04 Mar 2022 15:32:53 GMT

GET
H2 200 wx-current-conditions-v3 Show response
www.fox19.com/pf/api/v3/content/fetch/ 321 B
442 B 146ms
146ms XHR
application/json 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fox19.com/pf/api/v3/content/fetch/wx-current-conditions-v3?_website=wxix&filter=%7B%0A++imperial+%7B+location+%7B+city,+adminDistrictCode+%7D,+currentObservation+%7B+iconCode,+temperature+%7D+%7D%0A++metric+%7B+location+%7B+city,+adminDistrictCode+%7D,+currentObservation+%7B+iconCode,+temperature+%7D+%7D%0A%7D
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/pf/dist/components/combinations/default.js?d=232
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 6517e5e28d5e825c8ebf5cdc89d11fe8a3f4d3ebcf41d022bdf96df456b847bd

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: gzip
last-modified: Fri, 04 Mar 2022 15:31:16 GMT
server: openresty
etag: W/"141-iR+9VLNqVLZm4weE0/PyPfq2mp4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=58
server-timing: cdn-cache; desc=HIT, edge; dur=120
content-length: 182
expires: Fri, 04 Mar 2022 15:33:51 GMT

GET
H2 200 gray.js Show response
d3agakyjgjv5i8.cloudfront.net/prod/org/ 340 KB
85 KB 8ms
8ms Script
application/javascript 2600:9000:21f3:9a00:b:5584:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3agakyjgjv5i8.cloudfront.net/prod/org/gray.js?org=gray
Requested by: Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/powaBoot.js?org=gray
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9a00:b:5584:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bd299c13efefdc6b12501dfcc67dfaa56e094acb7194e760b1d9c07236315d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:31:43 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 16:17:05 GMT
server: AmazonS3
age: 73
etag: W/"6e4fe3639113cca0b9b70afb430f7b31"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: X0uAz_lDPUz_1tQBuwVN6zWtwv5mi1iJuLpUd0l7g9AkS3-bW1e2PQ==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 303ms
98ms Image
image/gif 52.4.120.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=fox19.com&p=%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F&u=CNSiV444QyzCGzI7v&d=fox19.com&g=39189&g0=%2Fnews&g1=Brittany%20Harry&g4=story&n=1&f=00001&c=0&x=0&m=0&y=2177&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1323&t=CcoZx9D3nGPrCy3tK3g9owaD4GJUt&V=129&i=BBB%20warns%20of%20scam%20targeting%20people%20with%20Roku%20devices&tz=0&sn=1&sv=Ci9a8EBOAjvJBVSuHhDgm28KB6Iadp&sd=1&im=067b2fff&_
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.120.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-120-17.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:53 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ 84 KB
29 KB 38ms
14ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e55"
vary: Accept-Encoding
x-hw: 1646407973.dop156.fr8.t,1646407973.cds254.fr8.hn,1646407973.cds107.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29875

GET
H/1.1 200
OK d3d3LmZveDE5LmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 84ms
18ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmZveDE5LmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:53 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=20509
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 45c5589bc846b640518efd3de3f4e33b
Content-Length: 16
Expires: Fri, 04 Mar 2022 21:14:42 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 146ms
115ms Image
image/gif 2.21.142.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=1.4472543840694696
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.142.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Sun, 03 Apr 2022 15:32:53 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 114 KB
40 KB 51ms
36ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NHS6L24&l=RCdataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

002c90a33ca74b008e98a2388bac0da580bef2b34216e85747f4bf49eb4da38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40736
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Mar 2022 15:32:53 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 48ms
10ms Script
application/javascript 143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 07:22:46 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 29774
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 8ifbLp12CGUUpbAcgF1_wgL1EENXIzY3jbKu31NVn8fITckHcnWNHQ==

GET
H3 200 pubads_impl_2022030101.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
122 KB 23ms
8ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

0bc44ea79e71bea23b78759ad6113a2106a0708b2db4988b73f47f3aa10f78fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124868
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 09:35:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Mar 2023 11:10:05 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 117 B
121 B 30ms
16ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.fox19.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

b5f2fbaa7db64a5469bd1ce623e892f94f6a195a5ce06054a1a9b621ba3fe574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96
x-xss-protection: 0
expires: Fri, 04 Mar 2022 15:32:53 GMT

OPTIONS
H2 204 findByUuid
gray-config-prod.api.cdn.arcpublishing.com/video/v1/ansvideos/ Frame 0
0 227ms
141ms Preflight 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-config-prod.api.cdn.arcpublishing.com/video/v1/ansvideos/findByUuid?uuid=4ba0e047-b1dd-41da-8861-3bf4cedb46de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Origin: https://www.fox19.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: x-requested-with
arc-deployment: gray
arc-context: index
arc-servername: api.gray.arcpublishing.com
arc-service: api
arc-organization: gray
arc-environment: index
arc-org-name: gray
arc-org-env: gray
arc-application: Content
arc-route: /content
cache-control: max-age=30
expires: Fri, 04 Mar 2022 15:33:23 GMT
date: Fri, 04 Mar 2022 15:32:53 GMT
strict-transport-security: max-age=31536000 ; preload

GET
H2 200 findByUuid Show response
gray-config-prod.api.cdn.arcpublishing.com/video/v1/ansvideos/ 6 KB
2 KB 868ms
867ms XHR
application/json 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-config-prod.api.cdn.arcpublishing.com/video/v1/ansvideos/findByUuid?uuid=4ba0e047-b1dd-41da-8861-3bf4cedb46de

Requested by

Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/org/gray.js?org=gray

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Resource Hash

03733b458e8a52a5873e4824f7cb676de09a2eb447bdcecf82a0692503fc78cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

Referer: https://www.fox19.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
x-org-rate-limit: 1200
cache-control: max-age=300
x-org-rate-limit-remaining: 1199
strict-transport-security: max-age=31536000 ; preload
content-length: 1874
x-org-rate-limit-interval: 5 minutes
origin-type: Content
expires: Fri, 04 Mar 2022 15:37:54 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 43ms
7ms Image
image/gif 2600:9000:2156:c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
age: 18141499
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: zxINE0AVmqYT8aXcYr8Cw7wenbPrtzIO3GNxmjfSpGmaTGQeFRg1Fg==

GET
H2 200 34.svg
www.fox19.com/pf/resources/images/weather/weather-condition-icons/svgs/ 7 KB
3 KB 31ms
31ms Image
image/svg+xml 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fox19.com/pf/resources/images/weather/weather-condition-icons/svgs/34.svg?d=232
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: f9eb6c867550109c6cce3fd0c4b4cde28024919576f6149ebf86ca27d7f74fbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 21:10:11 GMT
server: openresty
x-amz-request-id: A5KWSBNWNK6PE6B1
etag: W/"1d595a6d45fb37eb0edbcc239e9c5510"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=9
content-length: 2461
x-amz-id-2: O0WwYawonbBgB8n9iFJh4eH+OHsQ9a0WeJimklVVLiE77EJbVN08HrtmZ/v8u7tt8DKzkSbldpE=
expires: Sat, 04 Mar 2023 15:32:53 GMT

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/153615/ 99 KB
13 KB 16ms
16ms Stylesheet
text/css 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/153615/connatix.playspace.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ba2079aa9138b37a21f77b8dc51a0db401c136dc72e56c43891d6de5020ea217

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: br
last-modified: Fri, 04 Mar 2022 12:30:26 GMT
age: 10015
etag: "dd800b2810ec6bd88a9c8e059c4c6459"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 13591

OPTIONS
H3 200 448
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 0
0 152ms
134ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/448?email=&visitor=&stored_visitor=&pnespid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.fox19.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.fox19.com
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e6baacbfa5e01f0-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 448 Show response
api-esp.piano.io/publisher/fusion/lucid/data/ 2 KB
1 KB 151ms
137ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/448?email=&visitor=&stored_visitor=&pnespid=

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90de3732af4273d119c1d5006b29ac39cf3f9a8f0a1d0e54c8d7d0ae7388cbb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.fox19.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"777-yDNHXzoYnkOSOXG4ZFR/RlLXBmM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fox19.com
access-control-allow-credentials: true
cf-ray: 6e6baaccedb49b4b-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 39ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.fox19.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 42ms
19ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.fox19.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 15:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 2716ms
2715ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2546781694605826&correlator=3870549806293788&eid=31065294%2C31065452%2C31061690%2C31065515%2C44755510&output=ldjh&gdfp_req=1&vrg=2022030101&ptt=17&impl=fifs&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220304&iu_parts=63316753%2Cwxix%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=pt%3Dstory%26cid%3D56GRKW3TWVDORLOTL6FRLODL44%26position%3D1&eri=1&cookie_enabled=1&abxe=1&dt=1646407973836&lmt=1646407957&dlt=1646407973065&idt=733&biw=1600&bih=1200&oid=2&adxs=315&adys=229&ucis=1&adks=648018903&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x19&msz=970x0&ga_vid=1696628236.1646407974&ga_sid=1646407974&ga_hid=1307752300&ga_fc=false&fws=0&ohw=0&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ac561c3363efee9a9eaa67024d1f738cbb4d5caada7ee1b9f052378781c14d38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12117
x-xss-protection: 0
google-lineitem-id: 5848503808
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374061316
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fox19.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 627ms
626ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2546781694605826&correlator=3870549806293788&eid=31065294%2C31065452%2C31061690%2C31065515%2C44755510&output=ldjh&gdfp_req=1&vrg=2022030101&ptt=17&impl=fifs&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220304&iu_parts=63316753%2Cwxix%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1024x90&prev_scp=position%3D101%26pt%3Dstory%26cid%3D56GRKW3TWVDORLOTL6FRLODL44&eri=1&cookie_enabled=1&abxe=1&dt=1646407973845&lmt=1646407957&dlt=1646407973065&idt=733&biw=1600&bih=1200&oid=2&adxs=288&adys=1200&ucis=2&adks=3700643700&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x-1&msz=1024x-1&ga_vid=1696628236.1646407974&ga_sid=1646407974&ga_hid=1307752300&ga_fc=false&fws=512&ohw=0&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

788b11c5b2b9a6b6907cf4a2362898b0580d45cd9c745ee5d13bb27eadfaa5d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9463
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fox19.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 343ms
342ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2546781694605826&correlator=3870549806293788&eid=31065294%2C31065452%2C31061690%2C31065515%2C44755510&output=ldjh&gdfp_req=1&vrg=2022030101&ptt=17&impl=fifs&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220304&iu_parts=63316753%2Cwxix%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&prev_scp=pt%3Dstory%26cid%3D56GRKW3TWVDORLOTL6FRLODL44%26position%3D2&eri=1&cookie_enabled=1&abxe=1&dt=1646407973846&lmt=1646407957&dlt=1646407973065&idt=733&biw=1600&bih=1200&oid=2&adxs=270&adys=1268&ucis=3&adks=436498686&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=938x19&msz=728x0&ga_vid=1696628236.1646407974&ga_sid=1646407974&ga_hid=1307752300&ga_fc=false&fws=4&ohw=938&btvi=2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

b061038dc339511f2d02b4e83190d4487c2806b6ed7c033edc81bc726d455650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8099
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fox19.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 1290ms
1289ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2546781694605826&correlator=3870549806293788&eid=31065294%2C31065452%2C31061690%2C31065515%2C44755510&output=ldjh&gdfp_req=1&vrg=2022030101&ptt=17&impl=fifs&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220304&iu_parts=63316753%2Cwxix%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&prev_scp=pt%3Dstory%26cid%3D56GRKW3TWVDORLOTL6FRLODL44%26position%3D3&eri=1&cookie_enabled=1&abxe=1&dt=1646407973848&lmt=1646407957&dlt=1646407973065&idt=733&biw=1600&bih=1200&oid=2&adxs=270&adys=1795&ucis=4&adks=1466975870&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=938x19&msz=728x0&ga_vid=1696628236.1646407974&ga_sid=1646407974&ga_hid=1307752300&ga_fc=false&fws=4&ohw=938&btvi=3&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

1d43cca6db55d1213567e72a1f0ac57acac57efec7caeda3ab8930b4c22d328a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12070
x-xss-protection: 0
google-lineitem-id: 5863087189
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379115207
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fox19.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 2344ms
2343ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2546781694605826&correlator=3870549806293788&eid=31065294%2C31065452%2C31061690%2C31065515%2C44755510&output=ldjh&gdfp_req=1&vrg=2022030101&ptt=17&impl=fifs&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220304&iu_parts=63316753%2Cwxix%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&prev_scp=pt%3Dstory%26cid%3D56GRKW3TWVDORLOTL6FRLODL44%26position%3D4&eri=1&cookie_enabled=1&abxe=1&dt=1646407973849&lmt=1646407957&dlt=1646407973065&idt=733&biw=1600&bih=1200&oid=2&adxs=270&adys=1519&ucis=5&adks=3774015683&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=938x19&msz=728x0&ga_vid=1696628236.1646407974&ga_sid=1646407974&ga_hid=1307752300&ga_fc=false&fws=4&ohw=938&btvi=4&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

f5821582ee10c00612a1a1b8d776402e56e64b977d8eb0be314474963def7931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10646
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fox19.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 1673ms
1673ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2546781694605826&correlator=3870549806293788&eid=31065294%2C31065452%2C31061690%2C31065515%2C44755510&output=ldjh&gdfp_req=1&vrg=2022030101&ptt=17&impl=fifs&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220304&iu_parts=63316753%2Cwxix%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&prev_scp=pt%3Dstory%26cid%3D56GRKW3TWVDORLOTL6FRLODL44%26position%3D1&eri=1&cookie_enabled=1&abxe=1&dt=1646407973851&lmt=1646407957&dlt=1646407973065&idt=733&biw=1600&bih=1200&oid=2&adxs=1135&adys=1392&ucis=6&adks=3393779402&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x269&msz=300x250&ga_vid=1696628236.1646407974&ga_sid=1646407974&ga_hid=1307752300&ga_fc=false&fws=512&ohw=0&btvi=5&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

4b5e0ea8ae844b27f192ba38284e14e1958a0a2ecc08124430c931b2e1e0c4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9684
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fox19.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 2109ms
2108ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2546781694605826&correlator=3870549806293788&eid=31065294%2C31065452%2C31061690%2C31065515%2C44755510&output=ldjh&gdfp_req=1&vrg=2022030101&ptt=17&impl=fifs&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220304&iu_parts=63316753%2Cwxix%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&prev_scp=pt%3Dstory%26cid%3D56GRKW3TWVDORLOTL6FRLODL44%26position%3D2&eri=1&cookie_enabled=1&abxe=1&dt=1646407973852&lmt=1646407957&dlt=1646407973065&idt=733&biw=1600&bih=1200&oid=2&adxs=1135&adys=280&ucis=7&adks=2872222582&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x269&msz=300x250&ga_vid=1696628236.1646407974&ga_sid=1646407974&ga_hid=1307752300&ga_fc=false&fws=512&ohw=0&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

5ed7af905469d16428f0437f03f8eb717083496dd9c9a548c5274d492ddd8a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8372
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fox19.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C174 6 KB
4 KB 81ms
15ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 04 Mar 2022 15:32:53 GMT
expires: Sat, 04 Mar 2023 15:32:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=10477191&cs_ucfr=1&ns__t=1646407973859&ns_c=UTF-8&cv=3.5&c8=BBB%20warns%20of%20scam%20targeting%20people%20with%20Roku%20devices&c7=https%3A%2F%2Fwww.fox1...
https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1646407973859&ns_c=UTF-8&cv=3.5&c8=BBB%20warns%20of%20scam%20targeting%20people%20with%20Roku%20devices&c7=https%3A%2F%2Fwww.fox...

0
225 B

11ms
11ms

Image
text/plain

143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1646407973859&ns_c=UTF-8&cv=3.5&c8=BBB%20warns%20of%20scam%20targeting%20people%20with%20Roku%20devices&c7=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F&c9=
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H2
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:53 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: kBShwQVn6BAmBwFZBz5F9ALxPMxia2k345-sVgN9_EIECCz_lG7yQQ==
x-cache: Miss from cloudfront

Redirect headers

date: Fri, 04 Mar 2022 15:32:53 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1646407973859&ns_c=UTF-8&cv=3.5&c8=BBB%20warns%20of%20scam%20targeting%20people%20with%20Roku%20devices&c7=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F&c9=
content-length: 301
x-amz-cf-id: UhfmagiIdZf9nXK_1eCW8VBDWqNaQOsYfP_FumUjWqB4cX8ec-Ur4Q==

POST
H/1.1 200
OK story Show response
capi.connatix.com/core/ Frame 5E3E 198 B
509 B 478ms
109ms XHR
application/x-protobuf 18.217.122.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=153615
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.122.3 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-122-3.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 5ae398cfc88ead19ce0e3eee4e48bcbf814ffcd4e10aaba6095fc3deb05ac2e7

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox19.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 214

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHS6L24&l=RCdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 7080
date: Fri, 04 Mar 2022 13:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 04 Mar 2022 15:34:53 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 51 B
323 B 82ms
20ms XHR
application/json 2a02:26f0:6c00:1b8::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=PWDBA-7UQZ3-JGMRY-2PGGW-X42DY&d=www.fox19.com&t=5488027&v=1.720.0&sl=0&si=707530a5-4ddd-4b0a-8411-0d73a38d714f-r888is&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=677339
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/PWDBA-7UQZ3-JGMRY-2PGGW-X42DY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1b8::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 57bf0e71adfbbc815611563e7fca2f6d1017057728486873cd3f4f4372b6bd20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 04 Mar 2022 15:32:53 GMT
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 51
Content-Type: application/json

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1307752300&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F&ul=en-us&de=UTF-8&dt=BBB%20warns%20of%20scam%20targeting%20people%20with%20Roku%20devices&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChACEABBAAAAC~&jid=2005808931&gjid=138453697&cid=1696628236.1646407974&tid=UA-22223248-35&_gid=294873842.1646407974&_r=1&gtm=2wg320NHS6L24&cg1=%2Fnews&cg2=story&cg3=wxix&cg4=56GRKW3TWVDORLOTL6FRLODL44&cd1=05%2F15%2F2020&cd2=15&cd3=05&cd4=2020&cd5=story&cd6=1&cd7=News&cd8=wxix&cd9=wxix&cd10=56GRKW3TWVDORLOTL6FRLODL44&cd11=%2Fnews&cd12=PageBuilder%20Fusion%20-%20Arc%20Publishing&cd13=Brittany%20Harry&cd14=The%20BBB%20is%20warning%20people%20of%20a%20new%20scam%20that%27s%20targeting%20people%20with%20Roku%20devices&cd16=Fri%20Mar%2004%202022%2015%3A32%3A53%20GMT%2B0000%20(GMT)&cd17=%2B00%3A00&cd18=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&cd19=BBB%20warns%20of%20scam%20targeting%20people%20with%20Roku%20devices&cd35=Gray%20TV%20Stations%20(English)&cd36=staff&cd37=gray-original-content&cd38=6c4d5d7a-69c6-483e-8ffd-871ff31dbadb&cd39=reference_denormalized&cd40=default&z=310400881

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fox19.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fox19.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22223248-35&cid=1696628236.1646407974&jid=2005808931&gjid=138453697&_gid=294873842.1646407974&_u=YChACEAABAAAAC~&z=363949013

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fox19.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 04 Mar 2022 15:32:54 GMT
content-type: text/plain
access-control-allow-origin: https://www.fox19.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
11 KB 41ms
19ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a1b1f3eb8f887bfc7093ae77d0b8842c2b97253fb8c51d8fc469f353e1cfb3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 15:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10434
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 60ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 15:32:54 GMT

OPTIONS
H3 200 794
api-esp.piano.io/tracker/lucid/visit/ Frame 0
0 130ms
130ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/794?story_url=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F&visitor=kl5m9yonzft3d5h2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.fox19.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.fox19.com
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e6baacdcd5301f0-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 7081
date: Fri, 04 Mar 2022 13:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 04 Mar 2022 15:34:53 GMT

POST
H3 200 794 Show response
api-esp.piano.io/tracker/lucid/visit/ 65 B
637 B 120ms
120ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/794?story_url=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F&visitor=kl5m9yonzft3d5h2

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a426789334de7ce0c04b8a9626a673aeaa8748406b749031b19c9f3ddd7621c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.fox19.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
content-encoding: gzip
vary: X-HTTP-Method-Override
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"41-fX9YD5loFyKaPVQHnHjLgDEF0Y0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fox19.com
access-control-allow-credentials: true
cf-ray: 6e6baace99629b4b-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H3 200 iframeResizer.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/iframeResizer/ 11 KB
5 KB 23ms
22ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/iframeResizer/iframeResizer.min.js?v=vg.1.88.8-f49c03e&p=794

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 8818
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 24 Feb 2022 13:21:38 GMT
server: cloudflare
etag: W/"2e2f-17f2be4eed0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6e6baacdcf729b4b-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sat, 04 Mar 2023 15:32:54 GMT

GET
H3 200 state-machine.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/state-machine/ 4 KB
2 KB 28ms
28ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/state-machine/state-machine.min.js?v=vg.1.88.8-f49c03e&p=794

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 8818
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 24 Feb 2022 13:21:38 GMT
server: cloudflare
etag: W/"f2a-17f2be4eed0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6e6baacdcf7d9b4b-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sat, 04 Mar 2023 15:32:54 GMT

GET
H3 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/base/ 16 KB
5 KB 31ms
31ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/base/displayer.js?v=vg.1.88.8-f49c03e&p=794

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2539
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 24 Feb 2022 13:21:38 GMT
server: cloudflare
etag: W/"8abb-17f2be4eed0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6e6baacdcf869b4b-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sat, 04 Mar 2023 15:32:54 GMT

GET
H3 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/embedded/ 2 KB
1 KB 29ms
28ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/embedded/displayer.js?v=vg.1.88.8-f49c03e&p=794

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 8818
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 24 Feb 2022 13:21:38 GMT
server: cloudflare
etag: W/"19c7-17f2be4eed0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6e6baacdcf8b9b4b-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sat, 04 Mar 2023 15:32:54 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 39ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-81117537-17&cid=1696628236.1646407974&jid=913736758&gjid=436707250&_gid=294873842.1646407974&_u=ACCAgEABCAAAAE~&z=1113962204

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fox19.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 04 Mar 2022 15:32:54 GMT
content-type: text/plain
access-control-allow-origin: https://www.fox19.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1307752300&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F&ul=en-us&de=UTF-8&dt=BBB%20warns%20of%20scam%20targeting%20people%20with%20Roku%20devices&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ACCAgEABC~&jid=913736758&gjid=436707250&cid=1696628236.1646407974&tid=UA-81117537-17&_gid=294873842.1646407974&z=1537012048

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 08:57:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23697
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v2fqaEbnSYbMQzxlqIP1ObBAB60SIc9E-P5PI1O1YfEskStHXqerFFFo9XgopsYVcYw_uIrFMSCA Show response
reconditerespect.com/ 209 B
640 B 42ms
20ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2fqaEbnSYbMQzxlqIP1ObBAB60SIc9E-P5PI1O1YfEskStHXqerFFFo9XgopsYVcYw_uIrFMSCA

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2ikze901tKujlouk_xNfyzXdbc7gKXf7T6kC8b_HxA37TpEtR1A6inT1YQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

e96adab45ba37580e6018c0a1fec84ee85497e67aac1dba805c27a38b03907e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.fox19.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
access-control-allow-methods: POST, OPTIONS
x-datacenter: gce-europe-west1
date: Fri, 04 Mar 2022 15:32:54 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-c63t
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fox19.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-buildnumber: 478878929
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 209
expires: Fri, 04 Mar 2022 15:32:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4E48 13 KB
5 KB 23ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Mar 2022 15:32:40 GMT
expires: Sat, 04 Mar 2023 15:32:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 14
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DA42 783 B
1 KB 41ms
18ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5dd25bbd5d0d2910b0f0bbed74ea0af498db3b45ca8425d8f26ff41f001e2734

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-X122y8Ffn9xnuC87LW8eRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 04 Mar 2022 15:32:54 GMT
date: Fri, 04 Mar 2022 15:32:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-X122y8Ffn9xnuC87LW8eRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 v2caiMLKRCfPpiEdrAQ0qY6j8DgsqEwMr47MA8Hp2ye41aFIu4m52kBm4ZYX-faI1ShpcIv6hHnE Show response
reconditerespect.com/ 3 B
37 B 17ms
17ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2caiMLKRCfPpiEdrAQ0qY6j8DgsqEwMr47MA8Hp2ye41aFIu4m52kBm4ZYX-faI1ShpcIv6hHnE

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2ikze901tKujlouk_xNfyzXdbc7gKXf7T6kC8b_HxA37TpEtR1A6inT1YQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.fox19.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
access-control-allow-methods: POST, OPTIONS
x-datacenter: gce-europe-west1
date: Fri, 04 Mar 2022 15:32:54 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-c63t
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fox19.com
access-control-allow-credentials: true
x-buildnumber: 478878929
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H3 200 wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E48 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

c299cd7441c413e1fe1d6906628f36bdc1142e35fb5907ce8fefa36213db2dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 21:00:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 153167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13712
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 21:00:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DA42 0
0 55ms
55ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030101&jk=2546781694605826&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 get Show response
odb.outbrain.com/utils/ 39 KB
15 KB 402ms
358ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F&idx=0&rand=16040&key=NANOWDGT01&widgetJSId=AR_4&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=165&py=2370&vpd=1170&cw=938&activeTab=true&darkMode=false&settings=true&recs=true&version=2000617&sig=rLsZgIZ9&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=1&ogn=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 38fc426040b0a19088c3d6faa04048d509ea49d3823faa91b4ca5d94f3c1ad57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1646407974.239489,VS0,VE349
accept-ranges: bytes
x-served-by: cache-lga21934-LGA, cache-hhn4083-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: ceedc013b0e61ac84bdbc70decb01c52
content-encoding: gzip
content-length: 14778
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4E48 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yhj5IQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 792F 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Mar 2022 15:32:53 GMT
expires: Sat, 04 Mar 2023 15:32:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 092A 624 B
974 B 42ms
19ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjZv9K7ATAB&v=APEucNVQ55ib5dWxlSQeKLu9fkfGSOqio_dvdOZZGBcUKgY5WEvGgXDHiN3dtbjo98V-bjdKk8VHSwCaCypoG-ClzbY-XQA7xImKBqPzdHD3-zxYlMuVkOiLvb5CnQBruN3WD6srv6MBC3b9TgYqun1q4hrgzkb8EyXkV4flY6lKuexMl6Fp5pA

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 04 Mar 2022 15:32:54 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Mar 2022 15:32:54 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 792F 76 KB
32 KB 68ms
46ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARebhKqQdQw7PAxZVqu-HwslzV1xrKZfMZzL8lLqLZUMnwX4X2aKEhoDhBJxjbMTQRZtamUbAb68-VQuRtlq1AQUTmpLSP5edxKtbHwn3AubNFInV5Z-9phPO8xE-hqzZ3W9eUujNEk7ojcCKjfCqw_LWZzw&dbm_d=AKAmf-BW7pAZzPXJu-uLdVtoNvFmr5lWtJxQhtDCDbZEr6i3gYpGDctEBiLvsiMxhud8SGS9UkNMoJOypcG5qkdIMXdy0fFGZq25tWOPv2uFtA8AonZA4dO-Af0aYVehYrmFEgvYNSYypj6wKQ6H_mbi-DoxImIeg_1zk5ICpUYjM5grAapF1AFvffVETElW_5Rx5NRAPvorH7NaBkIbQVKaPBNvJnAVss57edlIE09kcfI27nNrv5hrgegi7ZMoN7QM90c5NaUuUcboJ3GOSPK6S-veLEmYP3UTSxQ_aPlr50013Lo4Le2LoGlNpHwuD33j1Lbi5TkBXyPVjbPDC8dlvUYP34v757alM1fA2jtLaZC2yb7KYJe4ozqluNmNFUlJKOl2IYeQ8ijrDP3OAWcXQYJNsymT7OVad905p8XtIuyqKbXy50c5k-mrYpbFqteEcNAHOrE6woMviAY6k5Krz4A9Qkmh-aIXgLJqNf7Cc0hgA_4seb6oPd-1haSnRcshShJa7zeMY4nlyh7OKhzyadpMU0sn3_D7QUfXvkvF7IZmt_DXeX0GzB31AZrIy0DzEQ5XRrgdllixMAIBGoJ92Ng1XljdHVZJ-1jqEMw1pxZvCAGKk3qtQOWdHRUogBtlIIffIzFaC0Jviw5yBTr5YnmrP7DW-WG6R6WAiRniPjvgqaEYk9y6sHJtIqgb2cQifmCNPsCEAP8qCB5CMgo31l9tQrte5rQw9b8sn2s4e-LuhQzFHyHfMNL18wbWXg_BJv_x6d85Dr42G1dZyxutikf92r71PCkl91AjPUtqEDMdP48V6Y1U7zb7n9bubMJ4o5nAqceHkhyCCkGp3Y7Vsnlho14cQ4bX65mw9vVueVqKy7mMPVVGMzxhalkzh9-9uSRPRrm5vISaKqOxXyWx1k_3LuuA3PU2wJ8VKWn9-1eCa4WeSvvkrGFuAsLBlCeVpq1ruOooYOu2gcBgnVEaVUQGxeyqNZ7Ft2F_56HL56IXL2DwdyeFBDS3trcjaAOyS7B5b1Z5pHgDtoIImMzJ2t4T5y_1PbWd1ihMjw4T8uv4_GMjz1ok8QD1VTj9VSiH2fntsx0XoYuEXFHVqxqsrZz7Zj4atAjv0LklGu0GXWRk0xo140ynBVcHRQw_cSpOY-qWkMdZPTm9v33iUm0uTqv0mFogtnG9p75TTJSlg18bo5DAmaLEkKg4nYZGfe-caNGnzN9FkfGCcGjRbax8lRP0aGKXvrCDiMhdpK1JcGKH_AmgJAO1maz3b96Ik0E5Q_NFoEXAw6ZMSapX8HWia1-NbGekqvvUzVAmJ7ugXEzpgh5X180Nq7ONtjw-ESZNpbM9MhW0b8I4w2fVWo9dDXb4M6Pe-rguHxQrtWIKH6Nx8Zrn7-nSsUC3DlCOIW0SLWEAsj0h0Bf_uqgJpz3jMHS7aHL0lkWqzQbQUcaY0w_Uht0of2TIYMX8NGrTC6DgwXD3HhfJgtIoc6FDxL6FO4dVvFAKjeyowEgkUZPBujdDfEEKoeWidFd5BhPwHtfoOEXhZ1cAr4Bkk_2DB29ykqhOub5fJGF1wwZmMDR-aadBTSuaFZgGDWa9o_HqhQhqrA_GTSRhkmcfSc9VNdIC1H3QA4Y64GOdTOkqtbdAWK78G0cSVhoUox73Hq3nbABm4TQIEZE_Z_jpOkO219d7jLkR4xYLpsVgzMg5stJud6AY3EkdF8Fumk5wItk0U102gYxRf539pZShztVB9jgnOlEfIXD0gDsjh_PDsWvCfGSWTxnlpFHC3RzDXJ6Jn78nL09-OpSuFhIh7u6DOVz4Fo6oeHQ5A5a9ZMdvH0VftnV73wkBkrqrd0YwytN6orGhl-GITUvMGpHHID4W4JgF5uXFCkVtpLhFzxkRTN8hTXwQ72_iCWPF1aJY2rBrVM5AGdF3RkkR4Y_r03Bi6X0Wlg48YYuCvIAzVEpUe2pAJDX6TTEb6WZCX05Lrq7ET0Hf8ivA8qkKofQG8ztnIc62sIy0e3k9QWpNYNl48iPlffUSargrNKw3kuyJkI5898h9xKhtTZY46i9nokR6meiMR1tHh5BucNklHmgnui5MRkCgPHqfbJR24mhaxGNrNCMfcOjh7ZS0cGhcwuiyUEinsTFGbDKhJm-MXQMF6TAw-MOZi-NLixgb1943T8oWqZ1TKhqa6sDC3ws4AqbQS6BuBZiiGuF1888sKZK9x7AFKLzmlk8f4TrAeJ3XtxJNSqFam_G4tDW0B0_fHNs0TTE20tXacqZ8KLciwTLUq-QDrWNRNRDcihc-JXQ2CR16CoV2W-33HguP-fdzK82Mx1z-R04skOL6iCX5BDG4A_4k-tOxSJFOBUku_ycxpCsBkN_7vaffejbzrRj5X0KO0f3evupwMmg8HUELyPyjV7G55QuJTSyO7Xg-q73PdHOddtp3S-qhpp5-Fwd0pQNLAAVWHwMdlT609e7rWc8uSYd0xLuGDt1D36lV24lKowJnEkDNIuIZBnCtm1qAGKsnBLXQFUjmED0Wdt_nj6ZHyvZtw9lXifL_JHoc5GL9CX0NbKUeszWUZjDL7vMoTiAudIWA0ACY8vsR8jyDPa5aMFxjEZUweJSJK4KkCqnJFp_aGuxX5yolwTqDc-GS2p0f8_h51sgv_WUN5mtvaAIxhlnYx11PzC6G7ydo1hw8PSBicwF6cqz6WIyK8fM2HKqpynSQX7uaZaqcGDWaARPy4n995Mds9PCiuxSMUBEXOq09hvzpWW_Brmk6IIZGEXifmz_O-VC73EKunNOYlOvymuPfNPHB9pHXo3Zgs1xpnHtCYBVwfDYV5KCPn84ib4hjC4-ugdkX2LYp-_6-lwuRRVWiR2qhxTLPEhawsAoyMT4pQ6JQ0y0_LHml_9seKoRXc_ZwCOZXJphZ-Oa9gH3c6Ppyc5-3_17T0SV6iJa5TTzDKjnUTm08HCGPHup0pU_qWDdsGGxoUwAUtr0NugAfBjr9OG7jFA796RDxjDLcPzZCqppF5mBGNJ3drF3nCBT3ary-o9LQA_jgIaIoWVPk8ejn_NahBCyCZQ5RGr6WC7vZIwiTJzfr-CtdRsy79uOtcYj1kqpnD4XzMxj9zARwdeQ7ckLOAh5yCIor8qXvbLEwc_7zUvQOwsLD0FtlL9zx6-YvtjHBaEJ6YARYVSuSWOH4LwxaFjCjC1Dpw14WTPjodsuZtDllC-BORohiHy-RhWOJpKyNd-vWJ76b26Em_11lumjKAkqKUn4nDNqAbiqctWFN77aiA1fAtsfROtWduNO-BIjwBkfsxsAriyXUTSVfAHgEq8C5gHKFbZIF5D_JTEDCAPAqN2K8&cid=CAASJ-RoaH7iuH0nk4F3DCSkfAbKyzgnJaIrYcZJZ9aI3c_W97ErmBG_4w&rfl=1%2Chttps%253A%252F%252Fwww.fox19.com%252F%240

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09e286f573860f775f315525e9ffdc9935d2f87471cb01435637a2e150a3caf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32541
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 792F 42 B
63 B 40ms
39ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CLsXt46UZIkBMDA7G2HqGRElFHL8cnrcUj_qcxh2L_g9XBURJ42CrVwesdwqz-jvJ5RdTnZUM3V5GNNDuuGqixctyUyuwvnCEtpBzFQKc7Y9YYpCQ

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 792F 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:31:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 792F 124 KB
39 KB 40ms
18ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 15:32:54 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 792F 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:32:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 792F 0
0 31ms
14ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR4h3fcQB6WAd2ofy663_WRAppTazgMdRi87IFnfifTcnxXqF_b_NTWXAlPlhybPbkW0aF5OKGJI1AmZtVek0jQuYH7Ww
Requested by: Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 092A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIEgAbMADu4FRrScNGbiav4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIEgAbMADu4FRrScNGbiav4&google_cver=1&C=1

43 B
1014 B

30ms
30ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIEgAbMADu4FRrScNGbiav4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjZv9K7ATAB&v=APEucNVQ55ib5dWxlSQeKLu9fkfGSOqio_dvdOZZGBcUKgY5WEvGgXDHiN3dtbjo98V-bjdKk8VHSwCaCypoG-ClzbY-XQA7xImKBqPzdHD3-zxYlMuVkOiLvb5CnQBruN3WD6srv6MBC3b9TgYqun1q4hrgzkb8EyXkV4flY6lKuexMl6Fp5pA
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:54 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 04 Mar 2022 15:32:54 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIEgAbMADu4FRrScNGbiav4&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 04 Mar 2022 15:32:54 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 092A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YiIxJt-6Q5lh4bXNVwV8kwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGJRq_IFVKvez9CWcuxDc8&google_cver=1

43 B
894 B

31ms
31ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGJRq_IFVKvez9CWcuxDc8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjZv9K7ATAB&v=APEucNVQ55ib5dWxlSQeKLu9fkfGSOqio_dvdOZZGBcUKgY5WEvGgXDHiN3dtbjo98V-bjdKk8VHSwCaCypoG-ClzbY-XQA7xImKBqPzdHD3-zxYlMuVkOiLvb5CnQBruN3WD6srv6MBC3b9TgYqun1q4hrgzkb8EyXkV4flY6lKuexMl6Fp5pA
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:54 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 04 Mar 2022 15:32:54 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGJRq_IFVKvez9CWcuxDc8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 092A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEN9H30PxXvQJ_f-W8TrUNXY&google_cver=1

43 B
1014 B

80ms
79ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEN9H30PxXvQJ_f-W8TrUNXY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjZv9K7ATAB&v=APEucNVQ55ib5dWxlSQeKLu9fkfGSOqio_dvdOZZGBcUKgY5WEvGgXDHiN3dtbjo98V-bjdKk8VHSwCaCypoG-ClzbY-XQA7xImKBqPzdHD3-zxYlMuVkOiLvb5CnQBruN3WD6srv6MBC3b9TgYqun1q4hrgzkb8EyXkV4flY6lKuexMl6Fp5pA

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:54 GMT
X-Proxy-Origin: 193.27.14.20; 193.27.14.20; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 25b21ea5-4862-4581-9094-d15475e97ee7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEN9H30PxXvQJ_f-W8TrUNXY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 092A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUyODY2OTI0Nzk4OTMyNDU5Nw%3D%3D

170 B
188 B

33ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUyODY2OTI0Nzk4OTMyNDU5Nw%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:54 GMT
X-Proxy-Origin: 193.27.14.20; 193.27.14.20; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d16f09ba-6e6c-4179-8ab2-48212a9a1f67
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUyODY2OTI0Nzk4OTMyNDU5Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 792F 106 KB
38 KB 59ms
6ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
Origin: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 16:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Mar 2022 16:09:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/elements/html/ Frame 792F 8 KB
3 KB 7ms
6ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARebhKqQdQw7PAxZVqu-HwslzV1xrKZfMZzL8lLqLZUMnwX4X2aKEhoDhBJxjbMTQRZtamUbAb68-VQuRtlq1AQUTmpLSP5edxKtbHwn3AubNFInV5Z-9phPO8xE-hqzZ3W9eUujNEk7ojcCKjfCqw_LWZzw&dbm_d=AKAmf-BW7pAZzPXJu-uLdVtoNvFmr5lWtJxQhtDCDbZEr6i3gYpGDctEBiLvsiMxhud8SGS9UkNMoJOypcG5qkdIMXdy0fFGZq25tWOPv2uFtA8AonZA4dO-Af0aYVehYrmFEgvYNSYypj6wKQ6H_mbi-DoxImIeg_1zk5ICpUYjM5grAapF1AFvffVETElW_5Rx5NRAPvorH7NaBkIbQVKaPBNvJnAVss57edlIE09kcfI27nNrv5hrgegi7ZMoN7QM90c5NaUuUcboJ3GOSPK6S-veLEmYP3UTSxQ_aPlr50013Lo4Le2LoGlNpHwuD33j1Lbi5TkBXyPVjbPDC8dlvUYP34v757alM1fA2jtLaZC2yb7KYJe4ozqluNmNFUlJKOl2IYeQ8ijrDP3OAWcXQYJNsymT7OVad905p8XtIuyqKbXy50c5k-mrYpbFqteEcNAHOrE6woMviAY6k5Krz4A9Qkmh-aIXgLJqNf7Cc0hgA_4seb6oPd-1haSnRcshShJa7zeMY4nlyh7OKhzyadpMU0sn3_D7QUfXvkvF7IZmt_DXeX0GzB31AZrIy0DzEQ5XRrgdllixMAIBGoJ92Ng1XljdHVZJ-1jqEMw1pxZvCAGKk3qtQOWdHRUogBtlIIffIzFaC0Jviw5yBTr5YnmrP7DW-WG6R6WAiRniPjvgqaEYk9y6sHJtIqgb2cQifmCNPsCEAP8qCB5CMgo31l9tQrte5rQw9b8sn2s4e-LuhQzFHyHfMNL18wbWXg_BJv_x6d85Dr42G1dZyxutikf92r71PCkl91AjPUtqEDMdP48V6Y1U7zb7n9bubMJ4o5nAqceHkhyCCkGp3Y7Vsnlho14cQ4bX65mw9vVueVqKy7mMPVVGMzxhalkzh9-9uSRPRrm5vISaKqOxXyWx1k_3LuuA3PU2wJ8VKWn9-1eCa4WeSvvkrGFuAsLBlCeVpq1ruOooYOu2gcBgnVEaVUQGxeyqNZ7Ft2F_56HL56IXL2DwdyeFBDS3trcjaAOyS7B5b1Z5pHgDtoIImMzJ2t4T5y_1PbWd1ihMjw4T8uv4_GMjz1ok8QD1VTj9VSiH2fntsx0XoYuEXFHVqxqsrZz7Zj4atAjv0LklGu0GXWRk0xo140ynBVcHRQw_cSpOY-qWkMdZPTm9v33iUm0uTqv0mFogtnG9p75TTJSlg18bo5DAmaLEkKg4nYZGfe-caNGnzN9FkfGCcGjRbax8lRP0aGKXvrCDiMhdpK1JcGKH_AmgJAO1maz3b96Ik0E5Q_NFoEXAw6ZMSapX8HWia1-NbGekqvvUzVAmJ7ugXEzpgh5X180Nq7ONtjw-ESZNpbM9MhW0b8I4w2fVWo9dDXb4M6Pe-rguHxQrtWIKH6Nx8Zrn7-nSsUC3DlCOIW0SLWEAsj0h0Bf_uqgJpz3jMHS7aHL0lkWqzQbQUcaY0w_Uht0of2TIYMX8NGrTC6DgwXD3HhfJgtIoc6FDxL6FO4dVvFAKjeyowEgkUZPBujdDfEEKoeWidFd5BhPwHtfoOEXhZ1cAr4Bkk_2DB29ykqhOub5fJGF1wwZmMDR-aadBTSuaFZgGDWa9o_HqhQhqrA_GTSRhkmcfSc9VNdIC1H3QA4Y64GOdTOkqtbdAWK78G0cSVhoUox73Hq3nbABm4TQIEZE_Z_jpOkO219d7jLkR4xYLpsVgzMg5stJud6AY3EkdF8Fumk5wItk0U102gYxRf539pZShztVB9jgnOlEfIXD0gDsjh_PDsWvCfGSWTxnlpFHC3RzDXJ6Jn78nL09-OpSuFhIh7u6DOVz4Fo6oeHQ5A5a9ZMdvH0VftnV73wkBkrqrd0YwytN6orGhl-GITUvMGpHHID4W4JgF5uXFCkVtpLhFzxkRTN8hTXwQ72_iCWPF1aJY2rBrVM5AGdF3RkkR4Y_r03Bi6X0Wlg48YYuCvIAzVEpUe2pAJDX6TTEb6WZCX05Lrq7ET0Hf8ivA8qkKofQG8ztnIc62sIy0e3k9QWpNYNl48iPlffUSargrNKw3kuyJkI5898h9xKhtTZY46i9nokR6meiMR1tHh5BucNklHmgnui5MRkCgPHqfbJR24mhaxGNrNCMfcOjh7ZS0cGhcwuiyUEinsTFGbDKhJm-MXQMF6TAw-MOZi-NLixgb1943T8oWqZ1TKhqa6sDC3ws4AqbQS6BuBZiiGuF1888sKZK9x7AFKLzmlk8f4TrAeJ3XtxJNSqFam_G4tDW0B0_fHNs0TTE20tXacqZ8KLciwTLUq-QDrWNRNRDcihc-JXQ2CR16CoV2W-33HguP-fdzK82Mx1z-R04skOL6iCX5BDG4A_4k-tOxSJFOBUku_ycxpCsBkN_7vaffejbzrRj5X0KO0f3evupwMmg8HUELyPyjV7G55QuJTSyO7Xg-q73PdHOddtp3S-qhpp5-Fwd0pQNLAAVWHwMdlT609e7rWc8uSYd0xLuGDt1D36lV24lKowJnEkDNIuIZBnCtm1qAGKsnBLXQFUjmED0Wdt_nj6ZHyvZtw9lXifL_JHoc5GL9CX0NbKUeszWUZjDL7vMoTiAudIWA0ACY8vsR8jyDPa5aMFxjEZUweJSJK4KkCqnJFp_aGuxX5yolwTqDc-GS2p0f8_h51sgv_WUN5mtvaAIxhlnYx11PzC6G7ydo1hw8PSBicwF6cqz6WIyK8fM2HKqpynSQX7uaZaqcGDWaARPy4n995Mds9PCiuxSMUBEXOq09hvzpWW_Brmk6IIZGEXifmz_O-VC73EKunNOYlOvymuPfNPHB9pHXo3Zgs1xpnHtCYBVwfDYV5KCPn84ib4hjC4-ugdkX2LYp-_6-lwuRRVWiR2qhxTLPEhawsAoyMT4pQ6JQ0y0_LHml_9seKoRXc_ZwCOZXJphZ-Oa9gH3c6Ppyc5-3_17T0SV6iJa5TTzDKjnUTm08HCGPHup0pU_qWDdsGGxoUwAUtr0NugAfBjr9OG7jFA796RDxjDLcPzZCqppF5mBGNJ3drF3nCBT3ary-o9LQA_jgIaIoWVPk8ejn_NahBCyCZQ5RGr6WC7vZIwiTJzfr-CtdRsy79uOtcYj1kqpnD4XzMxj9zARwdeQ7ckLOAh5yCIor8qXvbLEwc_7zUvQOwsLD0FtlL9zx6-YvtjHBaEJ6YARYVSuSWOH4LwxaFjCjC1Dpw14WTPjodsuZtDllC-BORohiHy-RhWOJpKyNd-vWJ76b26Em_11lumjKAkqKUn4nDNqAbiqctWFN77aiA1fAtsfROtWduNO-BIjwBkfsxsAriyXUTSVfAHgEq8C5gHKFbZIF5D_JTEDCAPAqN2K8&cid=CAASJ-RoaH7iuH0nk4F3DCSkfAbKyzgnJaIrYcZJZ9aI3c_W97ErmBG_4w&rfl=1%2Chttps%253A%252F%252Fwww.fox19.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:29:33 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/ Frame 792F 25 KB
9 KB 6ms
6ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

5421be34bc9ac3564a6daa35c769d13876e5fa7c4a5ed4892e9e8c65d31c1e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9662
x-xss-protection: 0
server: cafe
etag: 2172778821077356944
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:31:33 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 792F 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9913
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Mar 2023 12:47:41 GMT

GET
DATA 200
OK truncated
/ Frame 792F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4930d090eb385f7b03e9e79bf389ccc7befad74c5be85692f3d6a832f48b39ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A0E0 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Mar 2022 12:47:41 GMT
expires: Sat, 04 Mar 2023 12:47:41 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 9913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3630430972408758272/ Frame 1509 261 KB
31 KB 23ms
7ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3630430972408758272/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b6c5c61d31d9a294660a1999928903900aadb1eda143065f81b59e3c4770cfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 31830
date: Fri, 04 Mar 2022 13:52:42 GMT
expires: Sat, 04 Mar 2023 13:52:42 GMT
cache-control: public, max-age=31536000
age: 6012
last-modified: Thu, 20 Jan 2022 15:37:33 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 792F 0
571 B 117ms
80ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIZnxpCaCP-UhzpdUb3Pad9Ei7Dd3KAAayc9JS-Dmt4_4U6JlU6wIvtQcyKmu2Dsq94bM1tgzVbin5MWyGzKx7khKfZ8Y1ZHIcCwdift6nxHQ6mEUL9Ebfh38AKa8EmTqHRQoZ4YNiuxQkr5rJJhn2ACfCB8eXmmZ8aNOQJmvmF6w2kgFlJKfhnS8XxBKpmSixUv2tr_sP7YPueddTUc5LMXNAvRvHHdmht6P1l46vOBIxGcwA0DM-EOF3BjNeYYJPR_8kOVODlEBnzVnd7PnzBnKQEmvVb4ZdYjEL1gY6N0CMeoH9YaPOX9FdhkpYtSA24A_L4x4IH2T0B1R7Qrcv19ga_0OYjg9nGS6QCBjaBNeV_24G6xHRN_h397I1K9Kp-Ac-BhGJisp1ysJ-MsCWj81p8sB8SiIQixd21dNXtqbfGLw4qsbzPK7LXqGp7wl4JhVWLcbDNhMUQcXuTavQ-YNh_i2yUTdTQbaficYtioCryTY6byXHIezAgacbB-_cGVDwtfOeGuJr9hx839fUR8RODnoFKk9IjFJyeYqfLg-rrYj6nA1-embBTN20Ih3iRmWFl1DwP-syuyDwQmm3ut60hZVIFM-ETqEyCNEWG1Eg2fSwpcMEdWM-xgGl42VJgOliOhQAuCl_fjg5zV6pWXGhD7eJeSbHdNdRU6Mr06lKbfbT6I6p6vqG7ohfz_mRvRj3w8wPAagSdYxZVwXtjx8tsQK79LEttXEj3X5abLaXXPt0ldLtMw9sbg80x8f-bx7AIipfQsjugIwAWePx_U69OUniF7pQ35QmaLPPnyqZOAF3HElSLjAuudFxYE-72oVp85rfPrQdU-Ae5fD5DBDG88EwhzTCQoDDCja2EoY58xX3fndQ0tzEPv5VjXyMkzkCsan0kLuRZyVspmMJ4xNZuvIuTKPfJi1uyrGNZkNVGMRhaUjtXHch1m7J-LUq5ho3mSQhwx7ttyA0zgAIL3_D3MZ5JPpQQfNDEzRdIatuOZcqcKTkiH0X4bvRQ-zenVOyzvq8OPnH8-m13iRGe-6M5GiY_VXJKTIYRMx9xgHGWT_KyyloAfggswbZmDSAzKkgWyDAf3vwNrZ-JBsjRwk9t03u8wM9s1gicNFLRvvLTQkt1zQie5-3UsQnSXM-OpZJRuVIYPi1VgCUTOe_og5dJ3tk8txp3-Cf3W1gaVh8aqqmN1uLnOHUOQ&sai=AMfl-YRQ6S8aV966saS3GL-UY2NrePicUVlDnJtT3DlEMCJ0X8n7gDi4zV2LGPj5NqZnrkJMpzDYFXXeRYue8i0mVScPwgkRRYbueQOMEI5xfuSmzCrHCXp2-7k5AQWcB4Wv0Xp6lL204LpOK1pXif6N0V75avCsM2_TeyeVYfmL5gbvdm69v72ujfc2TyRRYWS4VNePnURHBgZtrrxQldrNEnfz_JOyz78&sig=Cg0ArKJSzEQOP5rC27TpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=82&cbvp=1&cstd=79&cisv=r20220302.58812&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 04 Mar 2022 15:32:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js Show response
pagead2.googlesyndication.com/bg/ Frame A0E0 35 KB
13 KB 9ms
9ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

c299cd7441c413e1fe1d6906628f36bdc1142e35fb5907ce8fefa36213db2dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 21:00:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 153167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13712
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 21:00:07 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 1509 29 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9581
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Mar 2022 12:53:13 GMT

GET
H3 200 VolvoNovum-Medium.woff2
s0.2mdn.net/sadbundle/3630430972408758272/ Frame 1509 38 KB
38 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3630430972408758272/VolvoNovum-Medium.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2675ab1d1852f1aa30e272d7c2b1b9616e1f4771a94860e0d92bc7fca6c3c48a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:52:42 GMT
x-content-type-options: nosniff
age: 6012
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39068
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:37:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 13:52:42 GMT

GET
H3 200 container.html Show response
7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2E1A 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Mar 2022 15:32:53 GMT
expires: Sat, 04 Mar 2023 15:32:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 792F 0
60 B 43ms
43ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIZnxpCaCP-UhzpdUb3Pad9Ei7Dd3KAAayc9JS-Dmt4_4U6JlU6wIvtQcyKmu2Dsq94bM1tgzVbin5MWyGzKx7khKfZ8Y1ZHIcCwdift6nxHQ6mEUL9Ebfh38AKa8EmTqHRQoZ4YNiuxQkr5rJJhn2ACfCB8eXmmZ8aNOQJmvmF6w2kgFlJKfhnS8XxBKpmSixUv2tr_sP7YPueddTUc5LMXNAvRvHHdmht6P1l46vOBIxGcwA0DM-EOF3BjNeYYJPR_8kOVODlEBnzVnd7PnzBnKQEmvVb4ZdYjEL1gY6N0CMeoH9YaPOX9FdhkpYtSA24A_L4x4IH2T0B1R7Qrcv19ga_0OYjg9nGS6QCBjaBNeV_24G6xHRN_h397I1K9Kp-Ac-BhGJisp1ysJ-MsCWj81p8sB8SiIQixd21dNXtqbfGLw4qsbzPK7LXqGp7wl4JhVWLcbDNhMUQcXuTavQ-YNh_i2yUTdTQbaficYtioCryTY6byXHIezAgacbB-_cGVDwtfOeGuJr9hx839fUR8RODnoFKk9IjFJyeYqfLg-rrYj6nA1-embBTN20Ih3iRmWFl1DwP-syuyDwQmm3ut60hZVIFM-ETqEyCNEWG1Eg2fSwpcMEdWM-xgGl42VJgOliOhQAuCl_fjg5zV6pWXGhD7eJeSbHdNdRU6Mr06lKbfbT6I6p6vqG7ohfz_mRvRj3w8wPAagSdYxZVwXtjx8tsQK79LEttXEj3X5abLaXXPt0ldLtMw9sbg80x8f-bx7AIipfQsjugIwAWePx_U69OUniF7pQ35QmaLPPnyqZOAF3HElSLjAuudFxYE-72oVp85rfPrQdU-Ae5fD5DBDG88EwhzTCQoDDCja2EoY58xX3fndQ0tzEPv5VjXyMkzkCsan0kLuRZyVspmMJ4xNZuvIuTKPfJi1uyrGNZkNVGMRhaUjtXHch1m7J-LUq5ho3mSQhwx7ttyA0zgAIL3_D3MZ5JPpQQfNDEzRdIatuOZcqcKTkiH0X4bvRQ-zenVOyzvq8OPnH8-m13iRGe-6M5GiY_VXJKTIYRMx9xgHGWT_KyyloAfggswbZmDSAzKkgWyDAf3vwNrZ-JBsjRwk9t03u8wM9s1gicNFLRvvLTQkt1zQie5-3UsQnSXM-OpZJRuVIYPi1VgCUTOe_og5dJ3tk8txp3-Cf3W1gaVh8aqqmN1uLnOHUOQ&sai=AMfl-YRQ6S8aV966saS3GL-UY2NrePicUVlDnJtT3DlEMCJ0X8n7gDi4zV2LGPj5NqZnrkJMpzDYFXXeRYue8i0mVScPwgkRRYbueQOMEI5xfuSmzCrHCXp2-7k5AQWcB4Wv0Xp6lL204LpOK1pXif6N0V75avCsM2_TeyeVYfmL5gbvdm69v72ujfc2TyRRYWS4VNePnURHBgZtrrxQldrNEnfz_JOyz78&sig=Cg0ArKJSzEQOP5rC27TpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=186&vt=11&dtpt=104&dett=3&cstd=79&cisv=r20220302.58812&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 15:32:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Volvo_Black.png
s0.2mdn.net/sadbundle/3630430972408758272/ Frame 1509 5 KB
5 KB 9ms
9ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630430972408758272/Volvo_Black.png

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5be30616d437d2baf9041a6648598542ae30fed30d261b002266e5d58969685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:52:42 GMT
x-content-type-options: nosniff
age: 6012
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4824
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:37:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 13:52:42 GMT

GET
H3 200 Flash.png
s0.2mdn.net/sadbundle/3630430972408758272/ Frame 1509 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630430972408758272/Flash.png

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baea5caffda9109fe3fe251376d60a25ea43c846fa7bb8dc4b15da44a78c6760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:52:42 GMT
x-content-type-options: nosniff
age: 6012
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3431
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:37:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 13:52:42 GMT

GET
H3 200 Floor_extend2.png
s0.2mdn.net/sadbundle/3630430972408758272/ Frame 1509 56 KB
56 KB 9ms
9ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630430972408758272/Floor_extend2.png

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f93264606087b4c1dd4e0bb8bf2ed92549c53fe8b5f095d214c4e72a765f5482

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:52:42 GMT
x-content-type-options: nosniff
age: 6012
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57259
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:37:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 13:52:42 GMT

GET
H3 200 Spritesheet_XC40_MY23_4.jpg
s0.2mdn.net/sadbundle/3630430972408758272/ Frame 1509 783 KB
783 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630430972408758272/Spritesheet_XC40_MY23_4.jpg

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a082bfd96630ab857ec08e4e0055175aae987aea275d450f048ec3fee5de5383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630430972408758272/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 23:34:13 GMT
x-content-type-options: nosniff
age: 57521
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 801309
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:37:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 23:34:13 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F1E3 624 B
299 B 36ms
18ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYgc3UuQEwAQ&v=APEucNUpz38r8IU14W4UKjRmRpnrlqvCHf4GBzbKnN7x5RvjH__c0fOlwm4q1-4fPdIKmd8yIaEU0PrhIIDtucBxT-AAS3KUwBqDzPtDkXTFy-uy-lwI4-e-37QMi0gxVEEMDrOjzTu26rvQSH63GFZwqWu2U9mCr3sYFgptbHrpxLTeLJ7pUYg

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 04 Mar 2022 15:32:54 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Mar 2022 15:32:54 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E29A 26 KB
16 KB 53ms
36ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8bzzh-wicwmX4zZnu9sLrU5mVx1R7gKSVkHkNIhXa_enH5T9QQJt7cQ0B-GcI1n7oorsQ1SU5Q3ojlrJiPzYLXtgGJBYbgHxJO27QCTghQ7_SQ5GcwN4YyEamQdKvnAVWN4b1--wq1QEWmaVYp5Acx-9s_Q&cry=1&dbm_d=AKAmf-CJ9aHcwqti60Qk98XvcITFOc9dPB0iJsJsoVrBiCfcF9ELOhGzsZwWdsfXQ0IkRn5K4C2mUuOvGEfP51c1BGABoSdbgjRTKPV8VBNbY73z3zOASydkRtZbT1ptzXupnCCDJNGfwQh7QGgkj0yV2A-NptvK-WnNEN3yZVmZEURg8NzAeccPdY599ivNUlaPbR0zRpZvYwFvjIdA8rm8YF0LWAvlGfcq14EjCcR9v0P_mg0aDn9SlCFzDY1gn-h6oY4X2vuTYbUWuvBN7tiI-3-32jEMFEzFx8jg8E4AdNPoRZhVfj_97o4oREPwUXkIEIvT41-VyB5UEg7dbO0FuDKjVPPR2GsDFhWugbnb_2H6iCLy4O3UTJ0Mszi5jcYUbJs8AYmT1aovb1D9GOvRxrFd-8iNE4AAwGGaviwtBEiImJU6rfrgbAUx91adtVrNRYucZwCdcg8aA8Y5l5SYdVauHgqlFo7JsLmyK7qSlWYtneVzqehRQ_XmIrHSYuF4AsJkyhi-Vx96OX0scaYA8l0etjCwQ6NuOF532YpFUha-EP0E8ptor5qW8tKttrv_F8D9zJc_HQSdkm7kJu18t9psZJHPUq_l33udBitHOtCEQySaroDRQ8PLwd6Xz13PqGBKzR91foUvNhmJgL5pDN2AKWdmg8XnvT97vgZ3Vle4wO2xCu7TjX0KIctyKeDpRbbUGKASBuktuOZbrc_xPhnTA3rxJepIf96K3sJocjXesqja_8IKkoNEzfCKfraYJp8y2exU_gy6oA6O2b7E9tY4lkXGQLhCkYpigDR1yOgJ7n7hkeClFd09oO4Fqr5acRTDNHHYz4JFryD5M-rq8cj31oXtXUaa-9rvlWI7Q6Bk9JPAki0E3mBeBU91nLqYXntQBRUEmkDIcq_TAGC3f1nDtY68P-dYM-krI9qnvltHJVbK5ECjARdxjsahjsAyyBUc0ldNyEiCniDd8njXt0GSfM1SJxvmst60jkAM6Coi6GGVzdjLwFGd15RfX9etHNG94pK4nRatjG7OIkruKimIxpaE0aRRSIjmYVnYlfSs1w7ULjADiyGPHkIeZq_GFsXVtjJCfr95k1pn-rdbMatM3gjm9n1SGndfjQVjVEPtOi9fLB-7HvxYI_x_WG3qe9edu028xog24w3HJ6Qqe6juy7CYcrGUXqURzT5RIl4aU32U2UmCt4Vdlrj-PEyQZ_TK2Kc59TAW_si475ZAL-EXHwYAmhiy_0VSAowty3a6NA0ErKSaYVfs4rax_DMRAhpf9DuWrKJ4wz_d13GDKEkEPfxrTTrFjvA_WPTWvaM7mi3c2PwZhe55NxpBdLByQGrZVk4Qq3xRhqfHcft_h5kLW9XgdYGsMTrm07U-1ds7dfyxK2zTGOHAGEEkfBYSoHwiI2n9O7IcdrpmHbtMHBeMHIg7XR4NjWddAXJpJ2sbM4vHgUQX_s6pHNk1-1aC6ZjPFq4sFxrRh6VHaTwFuGN0hyuvN2v4NWMVnLqoALN0TCyo0kMZBYnWabD9NVfj72cazXVvolaFWOHgsIsIOGvV68BpX_oQ-92LhedjlYMSlQA-41s-DBYby2L_j3jen2RhL6l88Ak_RlGWvsEjixVoIkOpxYGhCUsnaX3RyxS5EoRQGKGrAOrjpwWAD72AvJAI1uC2k4N8tIne3h9uC3RdxtiGfRc0zHb6GoTj1DmNE-jtk_iRqJyqgMZbbJ4v8F1vG6l-5pZwpoYwBizArQkaZWNgRbyDAlsGGeqrwsqwG1L-cZljA5Gj4e645NP2jbakKRK1SDj3Mttn27e_9-RDEbf2nh1hDW9bVTd8WjmaQCpZQULMHZnGc_UG-5rvXo9m9bmTq9C0W5AXT80Ui5-U-rTNwyeVK0mgCOCcXQgluXygzuJwwGRXO6vj7duRxx0ip9eZ3Rs0PqDy11QBed2_CzVFlY8iZe2O_-M5xGorRHCt1N3UZJyYFYyXm_ZpxcdvTMwVnfLXCMFRbmoqkCryWuY9dREUe9eP6I_6jyHQd4RGHgFaVCR6TasyeOL9B_4iwK-_HWvdOzvy7BrmYTrZr_zWJ_65esCcdXOYnpRrsLcmoAvK1k2AClxgRacJzs3migbU2KH3RvP14e-PLI-jZwbNEGtyxhmy9FCojTg6col0UetzKLYpAKWq9Kfk_ssOIMlFx5N3f2nbR38wZWK1p-Mfzq82PKPePhRsUb-NiArBC2C79PFUNnlksSUjnDmC_jWoJjdYDW-e6PrKcqH0xyxloRjX-wbE9wgXFKJ0NlzB2t6LAxA9tYov7zHILDZ4aFLd7LfuC7LqFm-DFw2azQOfkW8rVRGbb6apmfPbW_1i_K-fghFa0rl2fQl30SuZLh_24Iybhy-n5YZQZ83O9mPLbxXI2eLYK1juEfNniL4C7UoWOQSpiPG0lm_3_FdJKKqyqOzgNhsMI9ph0Z-A8WdZ0kkDPyep42Wh2fSKpkrz-BMzU8ljuevwFn6DrkAUtKrKdcRmCdcTCUmYOn6sDf4OBlM0RFXdHtZb7sjv7T5ipwpF3vNu1d--itJmvGRcTN4Pl_eA2Z-ndKIDPcW7YaL3UQrbgjYY3mIiffMNKnTyMqbNHvdR-_lJ3c7K-GtyCbMe8HA7-dH9xBqyJc_fHY5sx5qKWb6VMK6yNx3HGRknGa9z07UTuMRiNrHQJOGMqRM0iwX5hs7766dNExlPw6ItaBNjj2eW3vJADthHTVN9LYmas5vwPFWC-hD88YELhaaEVHfG0YDIef9Tiv28smAtrflgPcIbQwpZhMZWcx6B4Iy5CNnDCrHql46vRbmhyKi41QsoatBmGWqm15dO7oGuqfrsJaTRurwo_2roZhx4nptPlYvGWW0kuxe08DvU5Yw-URvMrAIt9516xK-3qJn-R363-mz87fc41qJN8NQRnK5sroiS8s5ukYB4WC5hiTO_kjzwdkVYcqH106eBxeatyjJLtbDtLnwhsO9Uk9F6Th2oL_m-k6ycFhQeW2cn2CsL1NypekQoeaFu2b758lCQpsA2wjfp5dhllWZmBVea05UNZCwqBe5BuEYB1epT7c85-4NRJ1MiH4E2QqOa6-zQLTGknrOcnkZVNMT5NGuvQM6Xfzk2_L9Hf3BR_YuIb-guxN3o_vvMkF-ktW1K-xPt0v7Kufucz_mcIzLAJHjqW6Fhhy1zl_nM1LaIN7vp_bhGWOnKKnS6g8_1BVqFWpPujJyTAYUvdM7VgzsWzfcqcBHB7MYGGbGdY4p2t3bNS0qx_8YghX02vYqqKDFmikRuIkNnV-rvyidyDrZFb8igiloEJLbhRTCU_JX-5zauhzZnrDXSUshEQDOpFUW1NtvfUA&cid=CAASKORooXj_j3OX8a_H8CvRsdfKi00YFTFa6h1PhMlEhQaAGBH5iLfe1LI&rfl=2%2Chttps%253A%252F%252Fwww.fox19.com%252F%240

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c38e538fe0450470efda32d2b97eb48c4a0019639e6f231928f30235dd78d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15976
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame E29A 2 KB
3 KB 77ms
20ms Script
text/javascript 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=50753021;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=55743575&extPm=55743575&extCr=389359233&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C5fqMJjEiYpmnC77G7_UP2aOReLiI5fxly72kqO4Oue7wyKoBEAEg-b_DI2CVoqCCsAegAZH-0aIDyAEJqQI1PdpABHeyPqgDAaoE7wFP0NvJU7VzyR3HIoy7getL5CTPo9rlc8IQlTLw_N-Zg5NKyTC_IZzXQmIyy-KMG4iqm186Ml5cX4Oqqx07-L_KmNeyAAM0Ov3GwUNHdZaOTwvxWx4TsLsM7VaetWXdY1jnYONstd7a-4Jhq73DuvP9cEWqEbYzhExnDVTugRodSzWvFmKyurcbAfJX6tL9oI6SCPfONWqVvZunsVfvNqF2vhyGdMO78dUW2CWITz3a-u_8deNCBffPfQCZ5Tx1UM4ybM7vokIji82Z5fJtjyISSY_T8W43V71MzJiOSq1WfMLDRUcsDW2g7lM8RTKzU8AE4NONqNYD4AQDkAYBoAZNgAfXga5dqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBO7vLcOyBOrie_dA9ATANgTCtgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAASKORooXj_j3OX8a_H8CvRsdfKi00YFTFa6h1PhMlEhQaAGBH5iLfe1LI&sig=AOD64_0LMyXCoYffn3wHeGUoEdBY9w2Lew&client=ca-pub-0883126725773026&dbm_c=AKAmf-AQ3c6HpSIq77WD53COxpEqPRrrNaO69P1Glh6wF8vL-KHSmOvJiZDsGE2aVO9FKV226E_XHVLG02_RhzWK6GHIGswPovsQHMdoiBGzFuLNVHfdSBT-tFzlCyIuI2FIC2LmvfCU-dPwnaN2G4l-1ztL2sF9mw&cry=1&dbm_d=AKAmf-BJ5OMBueeQ-LaguR45mzztDVnJUDgq2A45EvjSzGVqA8ggJSj2qOKOfCdRtYoGmDrKWFoZ_WQTcgG72XjcNpI2AsYHNXd98eEGSvn_D0iv9l_VSKTFw6h5Oq9MTNeUO6rk6DOjE0xSzcWjjf_g7vOhxMaaRyTS-0j80Fce2ZdmKwVmev7DpZeU57lUwUdOhh3implmYkMSwsZ06b1i8fV0_7-e884O7MSh2oyjUWruFisI8i_tOXSdxGRtdPG219n1InepHT-g17atcYJr4rPSVdbF7tVtcVbshfbryuB5FrOaDnLR_wjDITtZR04bdpKbF2dfmjPavvhCpkT88zl9avmYXo4VFr4SPEiJ3uTk8Jba7BanPH46bsp4tJX0-9Jwu3RiZ9GzVsBc39S-OL35vv9Jz3OxbdIA-nGaisRjhOxCwGNRQmcOte-4rSpNtParhVZP5WvLE0LSTgNKanwX_HY1HKMIoyXFxkqiB2tbd_Q2998k_jA26FKp65MyMPrLS45UEegqXGWDH0bZMT6O--uqag&adurl=

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6c04bace028d6ab6f66d92c6dfbc9f2c8c954d16a70533baefa684438e4d7eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:54 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2368
expires: -1

GET
H/1.1 200
OK ai.aspx Show response
m.exactag.com/ Frame E29A 43 B
1 KB 83ms
19ms Script
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=55743575&extPm=55743575&extCr=389359233&rnd=1646407974185241

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 Meerbusch, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Fr, 04 Mrz 2022 03:32:54 GMT
Server: Microsoft-IIS/8.5
Date: Fri, 04 Mar 2022 15:32:54 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1756
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame E29A 2 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:31:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E29A 124 KB
38 KB 49ms
32ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 15:32:54 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame E29A 15 KB
6 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:32:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E29A 0
0 17ms
15ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaToVXuoO08uYVbFVtt8VgDUoxHPXDQcXg9JQGOEVjjx5qINKzYeGGOlId1c6ubUD-cHGYUEHtvsWnD-yQy7zwSiw9ML_Q
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E29A 42 B
63 B 40ms
39ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cr2ydyBGZI2Db0Km6SdPegwg5hy5Ze538N30rGvVyzCCLiHkiKaivcFO-HQE4DP4JgzxWkooC_DU6Wt6s0JiE447sc69U3HLzEp3uPMRs4RViNXzA

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A0E0 0
20 B 43ms
42ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkIELJjEiYpCVEeKLlQeoz4noDwAAAAA4AeAEAg&bg=!kJOlk9fNAAb7UztL-1M7ACkAdvg8WvwffhoNYFJaGMT8SS3hJB-IwwuqS3HgoGh-WIuSUMtUMiPoLAIAAACEUgAAAAJoAQeZAu_BjA4RAKaWzBqAYVE14aEvqBJP5iD4QVfz-h6TLoA_cVoCMwI-6-GfFRHs0q2LWGP_v8U8-mVUwHXRjATmoCg_PGB0NZ8Omb-6dpp_M9fB33aeueoTLsx-x6X4AgdWHAEU2wjFVDwC30YXezV0mJetNZ3uFsRDca4mV5ocQQfA4Oa38L0tDKIJuUwpULsbQ0zLWszoPN8rzzyBwMWFwod_RLRzvvnTgnBsGsUur-GE79Wb-hcd4CiWYnqLBuDJcBxF6viqSETNnXagwzv4SZvGlLQCCV8nuL3_cfR6bnvVtGBPbBszhsOimQ-yYmQ8yNJNgXzqLkopY9QkKMZweLKgskLwZi_vkER0XXoQ3nIcpYdgmoKE4VPUmiy6fu5tzDZRHkwbf97q45hLgPdBfuin8TcsZFRBpUaNAwbtB7sQFt9QkecVX3fldFIVGkd0doWJlwp49jyYEedWRHYqFFLkBU1TplH5i9De5PLtmLXiDFFsd8w1EXrpBDD68GvBeCtTL-fovNWMj3Pf6msk2wtbtR54jAjeepyUpKeWnswoBeaW93_YIgBfOwgxfsFeokrdC8CtjCoDO2_KS0Wk_cBsRPnkYhXmRqMYk29we5qOIr6EICjgH1z_IRJFu9hAcRt-vmm7jXHgEvmK88wdovbkSvBBMaj9hJpS75WYuMzHtaoUMMslAUliqcxOAxTeGw3g5WK3AMtVdTMEheQj0MoycKjzDa9NzZ_sbrzdNnh1WmA1jW2YkuiKHlyvFEB71ra_yb3tkPCzzQ5LuVd-5ehxFM8gmKMsXBMJrtkkI_sRJ37vCEbcvuHiozkMuJWtkeF0ZZ5VGMcLHORKiGPY7BDftPICJ1qX5ZwM0UutISGJ7WFNbJIaU9o1yzlTZg3sou1GrE_pcvJm-aU8y3F5-o_jPCiOd-Mfciuyh9CH1uSOhdddz2zM5uKEf95-PpqMgAXtMFxyZW8lwiyu6OKPxkoOgt4OnXR_O-s4k6tcuFB2

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F1E3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGJRq_IFVKvez9CWcuxDc8&google_cver=1

43 B
894 B

25ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGJRq_IFVKvez9CWcuxDc8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYgc3UuQEwAQ&v=APEucNUpz38r8IU14W4UKjRmRpnrlqvCHf4GBzbKnN7x5RvjH__c0fOlwm4q1-4fPdIKmd8yIaEU0PrhIIDtucBxT-AAS3KUwBqDzPtDkXTFy-uy-lwI4-e-37QMi0gxVEEMDrOjzTu26rvQSH63GFZwqWu2U9mCr3sYFgptbHrpxLTeLJ7pUYg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:54 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 04 Mar 2022 15:32:54 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGJRq_IFVKvez9CWcuxDc8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F1E3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YiIxJt-6Q5lh4bXNVwV8kwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGJRq_IFVKvez9CWcuxDc8&google_cver=1

43 B
894 B

36ms
36ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGJRq_IFVKvez9CWcuxDc8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYgc3UuQEwAQ&v=APEucNUpz38r8IU14W4UKjRmRpnrlqvCHf4GBzbKnN7x5RvjH__c0fOlwm4q1-4fPdIKmd8yIaEU0PrhIIDtucBxT-AAS3KUwBqDzPtDkXTFy-uy-lwI4-e-37QMi0gxVEEMDrOjzTu26rvQSH63GFZwqWu2U9mCr3sYFgptbHrpxLTeLJ7pUYg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:54 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 04 Mar 2022 15:32:54 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGJRq_IFVKvez9CWcuxDc8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F1E3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKJUkhiqh-zitrfz3OkFxkQ&google_cver=1

43 B
1014 B

305ms
305ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKJUkhiqh-zitrfz3OkFxkQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYgc3UuQEwAQ&v=APEucNUpz38r8IU14W4UKjRmRpnrlqvCHf4GBzbKnN7x5RvjH__c0fOlwm4q1-4fPdIKmd8yIaEU0PrhIIDtucBxT-AAS3KUwBqDzPtDkXTFy-uy-lwI4-e-37QMi0gxVEEMDrOjzTu26rvQSH63GFZwqWu2U9mCr3sYFgptbHrpxLTeLJ7pUYg

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:54 GMT
X-Proxy-Origin: 193.27.14.20; 193.27.14.20; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ed96aca1-882d-4abb-884c-aebf889d8672
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKJUkhiqh-zitrfz3OkFxkQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F1E3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUyODY2OTI0Nzk4OTMyNDU5Nw%3D%3D

170 B
188 B

20ms
20ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUyODY2OTI0Nzk4OTMyNDU5Nw%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:54 GMT
X-Proxy-Origin: 193.27.14.20; 193.27.14.20; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9a1ab3c9-b4b8-4b94-a21c-2af6969706d4
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUyODY2OTI0Nzk4OTMyNDU5Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/ Frame E29A 25 KB
9 KB 7ms
7ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8bzzh-wicwmX4zZnu9sLrU5mVx1R7gKSVkHkNIhXa_enH5T9QQJt7cQ0B-GcI1n7oorsQ1SU5Q3ojlrJiPzYLXtgGJBYbgHxJO27QCTghQ7_SQ5GcwN4YyEamQdKvnAVWN4b1--wq1QEWmaVYp5Acx-9s_Q&cry=1&dbm_d=AKAmf-CJ9aHcwqti60Qk98XvcITFOc9dPB0iJsJsoVrBiCfcF9ELOhGzsZwWdsfXQ0IkRn5K4C2mUuOvGEfP51c1BGABoSdbgjRTKPV8VBNbY73z3zOASydkRtZbT1ptzXupnCCDJNGfwQh7QGgkj0yV2A-NptvK-WnNEN3yZVmZEURg8NzAeccPdY599ivNUlaPbR0zRpZvYwFvjIdA8rm8YF0LWAvlGfcq14EjCcR9v0P_mg0aDn9SlCFzDY1gn-h6oY4X2vuTYbUWuvBN7tiI-3-32jEMFEzFx8jg8E4AdNPoRZhVfj_97o4oREPwUXkIEIvT41-VyB5UEg7dbO0FuDKjVPPR2GsDFhWugbnb_2H6iCLy4O3UTJ0Mszi5jcYUbJs8AYmT1aovb1D9GOvRxrFd-8iNE4AAwGGaviwtBEiImJU6rfrgbAUx91adtVrNRYucZwCdcg8aA8Y5l5SYdVauHgqlFo7JsLmyK7qSlWYtneVzqehRQ_XmIrHSYuF4AsJkyhi-Vx96OX0scaYA8l0etjCwQ6NuOF532YpFUha-EP0E8ptor5qW8tKttrv_F8D9zJc_HQSdkm7kJu18t9psZJHPUq_l33udBitHOtCEQySaroDRQ8PLwd6Xz13PqGBKzR91foUvNhmJgL5pDN2AKWdmg8XnvT97vgZ3Vle4wO2xCu7TjX0KIctyKeDpRbbUGKASBuktuOZbrc_xPhnTA3rxJepIf96K3sJocjXesqja_8IKkoNEzfCKfraYJp8y2exU_gy6oA6O2b7E9tY4lkXGQLhCkYpigDR1yOgJ7n7hkeClFd09oO4Fqr5acRTDNHHYz4JFryD5M-rq8cj31oXtXUaa-9rvlWI7Q6Bk9JPAki0E3mBeBU91nLqYXntQBRUEmkDIcq_TAGC3f1nDtY68P-dYM-krI9qnvltHJVbK5ECjARdxjsahjsAyyBUc0ldNyEiCniDd8njXt0GSfM1SJxvmst60jkAM6Coi6GGVzdjLwFGd15RfX9etHNG94pK4nRatjG7OIkruKimIxpaE0aRRSIjmYVnYlfSs1w7ULjADiyGPHkIeZq_GFsXVtjJCfr95k1pn-rdbMatM3gjm9n1SGndfjQVjVEPtOi9fLB-7HvxYI_x_WG3qe9edu028xog24w3HJ6Qqe6juy7CYcrGUXqURzT5RIl4aU32U2UmCt4Vdlrj-PEyQZ_TK2Kc59TAW_si475ZAL-EXHwYAmhiy_0VSAowty3a6NA0ErKSaYVfs4rax_DMRAhpf9DuWrKJ4wz_d13GDKEkEPfxrTTrFjvA_WPTWvaM7mi3c2PwZhe55NxpBdLByQGrZVk4Qq3xRhqfHcft_h5kLW9XgdYGsMTrm07U-1ds7dfyxK2zTGOHAGEEkfBYSoHwiI2n9O7IcdrpmHbtMHBeMHIg7XR4NjWddAXJpJ2sbM4vHgUQX_s6pHNk1-1aC6ZjPFq4sFxrRh6VHaTwFuGN0hyuvN2v4NWMVnLqoALN0TCyo0kMZBYnWabD9NVfj72cazXVvolaFWOHgsIsIOGvV68BpX_oQ-92LhedjlYMSlQA-41s-DBYby2L_j3jen2RhL6l88Ak_RlGWvsEjixVoIkOpxYGhCUsnaX3RyxS5EoRQGKGrAOrjpwWAD72AvJAI1uC2k4N8tIne3h9uC3RdxtiGfRc0zHb6GoTj1DmNE-jtk_iRqJyqgMZbbJ4v8F1vG6l-5pZwpoYwBizArQkaZWNgRbyDAlsGGeqrwsqwG1L-cZljA5Gj4e645NP2jbakKRK1SDj3Mttn27e_9-RDEbf2nh1hDW9bVTd8WjmaQCpZQULMHZnGc_UG-5rvXo9m9bmTq9C0W5AXT80Ui5-U-rTNwyeVK0mgCOCcXQgluXygzuJwwGRXO6vj7duRxx0ip9eZ3Rs0PqDy11QBed2_CzVFlY8iZe2O_-M5xGorRHCt1N3UZJyYFYyXm_ZpxcdvTMwVnfLXCMFRbmoqkCryWuY9dREUe9eP6I_6jyHQd4RGHgFaVCR6TasyeOL9B_4iwK-_HWvdOzvy7BrmYTrZr_zWJ_65esCcdXOYnpRrsLcmoAvK1k2AClxgRacJzs3migbU2KH3RvP14e-PLI-jZwbNEGtyxhmy9FCojTg6col0UetzKLYpAKWq9Kfk_ssOIMlFx5N3f2nbR38wZWK1p-Mfzq82PKPePhRsUb-NiArBC2C79PFUNnlksSUjnDmC_jWoJjdYDW-e6PrKcqH0xyxloRjX-wbE9wgXFKJ0NlzB2t6LAxA9tYov7zHILDZ4aFLd7LfuC7LqFm-DFw2azQOfkW8rVRGbb6apmfPbW_1i_K-fghFa0rl2fQl30SuZLh_24Iybhy-n5YZQZ83O9mPLbxXI2eLYK1juEfNniL4C7UoWOQSpiPG0lm_3_FdJKKqyqOzgNhsMI9ph0Z-A8WdZ0kkDPyep42Wh2fSKpkrz-BMzU8ljuevwFn6DrkAUtKrKdcRmCdcTCUmYOn6sDf4OBlM0RFXdHtZb7sjv7T5ipwpF3vNu1d--itJmvGRcTN4Pl_eA2Z-ndKIDPcW7YaL3UQrbgjYY3mIiffMNKnTyMqbNHvdR-_lJ3c7K-GtyCbMe8HA7-dH9xBqyJc_fHY5sx5qKWb6VMK6yNx3HGRknGa9z07UTuMRiNrHQJOGMqRM0iwX5hs7766dNExlPw6ItaBNjj2eW3vJADthHTVN9LYmas5vwPFWC-hD88YELhaaEVHfG0YDIef9Tiv28smAtrflgPcIbQwpZhMZWcx6B4Iy5CNnDCrHql46vRbmhyKi41QsoatBmGWqm15dO7oGuqfrsJaTRurwo_2roZhx4nptPlYvGWW0kuxe08DvU5Yw-URvMrAIt9516xK-3qJn-R363-mz87fc41qJN8NQRnK5sroiS8s5ukYB4WC5hiTO_kjzwdkVYcqH106eBxeatyjJLtbDtLnwhsO9Uk9F6Th2oL_m-k6ycFhQeW2cn2CsL1NypekQoeaFu2b758lCQpsA2wjfp5dhllWZmBVea05UNZCwqBe5BuEYB1epT7c85-4NRJ1MiH4E2QqOa6-zQLTGknrOcnkZVNMT5NGuvQM6Xfzk2_L9Hf3BR_YuIb-guxN3o_vvMkF-ktW1K-xPt0v7Kufucz_mcIzLAJHjqW6Fhhy1zl_nM1LaIN7vp_bhGWOnKKnS6g8_1BVqFWpPujJyTAYUvdM7VgzsWzfcqcBHB7MYGGbGdY4p2t3bNS0qx_8YghX02vYqqKDFmikRuIkNnV-rvyidyDrZFb8igiloEJLbhRTCU_JX-5zauhzZnrDXSUshEQDOpFUW1NtvfUA&cid=CAASKORooXj_j3OX8a_H8CvRsdfKi00YFTFa6h1PhMlEhQaAGBH5iLfe1LI&rfl=2%2Chttps%253A%252F%252Fwww.fox19.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

5421be34bc9ac3564a6daa35c769d13876e5fa7c4a5ed4892e9e8c65d31c1e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9662
x-xss-protection: 0
server: cafe
etag: 2172778821077356944
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:31:33 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E29A 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9913
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Mar 2023 12:47:41 GMT

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 37ms
34ms Image
image/svg+xml 2.21.142.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.142.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
last-modified: Mon, 20 Dec 2021 10:37:08 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1639997232.317797"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7090
expires: Sun, 03 Apr 2022 15:32:54 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 68ms
67ms Image
image/svg+xml 2.21.142.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.142.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
last-modified: Mon, 20 Dec 2021 10:37:08 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1639997209.278109"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Sun, 03 Apr 2022 15:32:54 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 369ms
93ms Fetch
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=b44e119cd153ae6c21782d368673c004_1436_1646407974531&tm=1094&eT=0&widgetWidth=938&widgetHeight=1625&widgetX=165&widgetY=2481&wRV=2000617&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=480&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Fri, 04 Mar 2022 15:32:55 GMT
content-encoding: gzip
X-TraceId: de129c24c01c4982922586c12363f1cf
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000617/module/ 37 KB
14 KB 206ms
206ms Script
application/x-javascript 2.21.142.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000617/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.142.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8914a689b4c6bc3492109d491272e1c4139c3678b88c42acfa2ffb17f47e5583

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 13:04:25 GMT
server: AkamaiNetStorage
etag: "2b9ce00552a49b2d3401d88b8842a385:1646227642.368547"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13568
expires: Fri, 04 Mar 2022 19:32:54 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 30 KB
11 KB 255ms
255ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F&idx=1&rand=69632&key=NANOWDGT01&widgetJSId=AR_2&va=true&et=true&format=html&pdobuid=-1&t=YjQ0ZTExOWNkMTUzYWU2YzIxNzgyZDM2ODY3M2MwMDQ=&adblck=false&abwl=false&px=165&py=4121&vpd=2921&cw=938&activeTab=true&darkMode=false&settings=true&recs=true&version=2000617&sig=rLsZgIZ9&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=1&ogn=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bf10f35cce0088067c3b98bc2d27aad12f5503c067aca690286d11eb0ec1143f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1646407975.689813,VS0,VE249
accept-ranges: bytes
x-served-by: cache-lga21965-LGA, cache-hhn4083-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: c7638d5d99d43fc8a266325683cb5924
content-encoding: gzip
content-length: 10685
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6ImI4NDIzMDNkMjc2MDY4MzNhZmQ1ODEzZmZhMzE1MTU2Yjg0YmIwODg0MWUwNDQ3YTgxZjZhZTM5NTAxNWE2YTYiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 61 KB
62 KB 66ms
20ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImI4NDIzMDNkMjc2MDY4MzNhZmQ1ODEzZmZhMzE1MTU2Yjg0YmIwODg0MWUwNDQ3YTgxZjZhZTM5NTAxNWE2YTYiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 563825459964839d27a239a965f359e5ff2172bf45e57a85db7096e4820c194d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
cache-control: max-age=2280058
last-modified: Mon, 10 Jan 2022 09:22:37 GMT
x-traceid: 5fa465699ce5122ccee9abc51b09669f
timing-allow-origin: *
content-length: 62808
content-type: image/webp

GET
H2 200 eyJpdSI6IjlhZDc1ZjgzNDIyMTUzMTAzNzU3NTc1YjEyZTE2YWYwMTZhN2JjMGIyN2E4NmZiMTQwNTY2MWZmYTFjMTc5MzAiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 101 KB
101 KB 97ms
51ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjlhZDc1ZjgzNDIyMTUzMTAzNzU3NTc1YjEyZTE2YWYwMTZhN2JjMGIyN2E4NmZiMTQwNTY2MWZmYTFjMTc5MzAiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 67bc704da2f2bf441d64ff6b976be17b447980b31fdc336849006a6cbbf2ca80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
cache-control: max-age=1889357
last-modified: Mon, 31 Jan 2022 01:05:50 GMT
x-traceid: ff73df428a2a85ec0d1de51c87c19cae
timing-allow-origin: *
content-length: 103234
content-type: image/webp

GET
H2 200 eyJpdSI6IjU5MDdmNzBiNDVlMzc5ZTZiYTBjY2Q1NGM4YjAxYjZkNmJiN2IxMDIxY2Y0MDIyNTA0NTZiNzJlNDcyMWEwZDkiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 151 KB
151 KB 100ms
55ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU5MDdmNzBiNDVlMzc5ZTZiYTBjY2Q1NGM4YjAxYjZkNmJiN2IxMDIxY2Y0MDIyNTA0NTZiNzJlNDcyMWEwZDkiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 324a8f2a1df551c6a8ed2eebd312d7280187ed024ade9a2fb4f9295e6361441c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
cache-control: max-age=1898090
last-modified: Fri, 24 Dec 2021 06:26:59 GMT
x-traceid: 1e6b7e72c5c26a0e13104748aea72bd5
timing-allow-origin: *
content-length: 154334
content-type: image/webp

GET
H2 200 eyJpdSI6IjgzYmZjOTFhYWI4NzRmYjY3ZjAwYzQwOGRmN2YzZjIzNmJlYTJlZTVhYmIxYjk0ZTQwYTc3YjVkYTlkY2VlYTYiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 47 KB
47 KB 100ms
55ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjgzYmZjOTFhYWI4NzRmYjY3ZjAwYzQwOGRmN2YzZjIzNmJlYTJlZTVhYmIxYjk0ZTQwYTc3YjVkYTlkY2VlYTYiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 046dede87f053b8cc0cbee1bf82d2a8c391399c14a639d6e8741f4247b699917

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
cache-control: max-age=1213806
last-modified: Thu, 20 Jan 2022 18:39:41 GMT
x-traceid: 5c452c0e3be358132e167468f749970d
timing-allow-origin: *
content-length: 47900
content-type: image/webp

GET
H2 200 eyJpdSI6ImIzZTFmNzhhZTMxZTZlOTk3NWI2Nzc0NmE1NTYzNGUzYjFkZWMzNGIzMTdmOGY3MWM4NDI5MTgyMzAzNzVjNzgiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 85 KB
86 KB 100ms
55ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImIzZTFmNzhhZTMxZTZlOTk3NWI2Nzc0NmE1NTYzNGUzYjFkZWMzNGIzMTdmOGY3MWM4NDI5MTgyMzAzNzVjNzgiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b7b96cd8e231c8dbbc4687987fc0a1f0b7d6274faa03d4a8595aa101bc7bfb39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
cache-control: max-age=1287042
last-modified: Sun, 15 Aug 2021 07:37:39 GMT
x-traceid: c808841db49acea7ab120e4f08c9c49
timing-allow-origin: *
content-length: 87210
content-type: image/webp

GET
H2 200 eyJpdSI6IjFmODVmYTY4NjNiMDE4MDljZjczNDljM2IzZjUxYzdhNzFiN2NjYWJlNThlZTZlNTQ0OTI4OGRjODc2OTdlM2YiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 139 KB
139 KB 100ms
55ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjFmODVmYTY4NjNiMDE4MDljZjczNDljM2IzZjUxYzdhNzFiN2NjYWJlNThlZTZlNTQ0OTI4OGRjODc2OTdlM2YiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d1076973062c58419caff8383060413c979f7a71fc44e469fcb6164da5ca0af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
cache-control: max-age=253078
last-modified: Thu, 28 Oct 2021 08:19:33 GMT
x-traceid: 88289a40b0cb578d630b030aa3b5510c
timing-allow-origin: *
content-length: 142106
content-type: image/webp

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame E29A 33 KB
16 KB 99ms
17ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=50753021;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=55743575&extPm=55743575&extCr=389359233&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C5fqMJjEiYpmnC77G7_UP2aOReLiI5fxly72kqO4Oue7wyKoBEAEg-b_DI2CVoqCCsAegAZH-0aIDyAEJqQI1PdpABHeyPqgDAaoE7wFP0NvJU7VzyR3HIoy7getL5CTPo9rlc8IQlTLw_N-Zg5NKyTC_IZzXQmIyy-KMG4iqm186Ml5cX4Oqqx07-L_KmNeyAAM0Ov3GwUNHdZaOTwvxWx4TsLsM7VaetWXdY1jnYONstd7a-4Jhq73DuvP9cEWqEbYzhExnDVTugRodSzWvFmKyurcbAfJX6tL9oI6SCPfONWqVvZunsVfvNqF2vhyGdMO78dUW2CWITz3a-u_8deNCBffPfQCZ5Tx1UM4ybM7vokIji82Z5fJtjyISSY_T8W43V71MzJiOSq1WfMLDRUcsDW2g7lM8RTKzU8AE4NONqNYD4AQDkAYBoAZNgAfXga5dqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBO7vLcOyBOrie_dA9ATANgTCtgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAASKORooXj_j3OX8a_H8CvRsdfKi00YFTFa6h1PhMlEhQaAGBH5iLfe1LI&sig=AOD64_0LMyXCoYffn3wHeGUoEdBY9w2Lew&client=ca-pub-0883126725773026&dbm_c=AKAmf-AQ3c6HpSIq77WD53COxpEqPRrrNaO69P1Glh6wF8vL-KHSmOvJiZDsGE2aVO9FKV226E_XHVLG02_RhzWK6GHIGswPovsQHMdoiBGzFuLNVHfdSBT-tFzlCyIuI2FIC2LmvfCU-dPwnaN2G4l-1ztL2sF9mw&cry=1&dbm_d=AKAmf-BJ5OMBueeQ-LaguR45mzztDVnJUDgq2A45EvjSzGVqA8ggJSj2qOKOfCdRtYoGmDrKWFoZ_WQTcgG72XjcNpI2AsYHNXd98eEGSvn_D0iv9l_VSKTFw6h5Oq9MTNeUO6rk6DOjE0xSzcWjjf_g7vOhxMaaRyTS-0j80Fce2ZdmKwVmev7DpZeU57lUwUdOhh3implmYkMSwsZ06b1i8fV0_7-e884O7MSh2oyjUWruFisI8i_tOXSdxGRtdPG219n1InepHT-g17atcYJr4rPSVdbF7tVtcVbshfbryuB5FrOaDnLR_wjDITtZR04bdpKbF2dfmjPavvhCpkT88zl9avmYXo4VFr4SPEiJ3uTk8Jba7BanPH46bsp4tJX0-9Jwu3RiZ9GzVsBc39S-OL35vv9Jz3OxbdIA-nGaisRjhOxCwGNRQmcOte-4rSpNtParhVZP5WvLE0LSTgNKanwX_HY1HKMIoyXFxkqiB2tbd_Q2998k_jA26FKp65MyMPrLS45UEegqXGWDH0bZMT6O--uqag&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:54 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 15:16:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 05 Mar 2022 18:51:21 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2FD3 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Mar 2022 12:47:41 GMT
expires: Sat, 04 Mar 2023 12:47:41 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 9913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js Show response
pagead2.googlesyndication.com/bg/ Frame 2FD3 35 KB
13 KB 7ms
6ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

c299cd7441c413e1fe1d6906628f36bdc1142e35fb5907ce8fefa36213db2dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 21:00:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 153167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13712
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 21:00:07 GMT

GET
H2 200 cloudfrontVideoTracker.png
d1d3jupgwm7m5r.cloudfront.net/prod/ 95 B
410 B 38ms
8ms Image
image/png 2600:9000:2156:600:1b:7b40:7bc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1d3jupgwm7m5r.cloudfront.net/prod/cloudfrontVideoTracker.png?org=gray&event=powaRender&uuid=4ba0e047-b1dd-41da-8861-3bf4cedb46de&timestamp=1646407974750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:600:1b:7b40:7bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 19:13:56 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Mon, 06 Aug 2018 14:48:43 GMT
server: AmazonS3
age: 73139
etag: "60cf42b4d05caf10cf8bb15c0817a7b4"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 95
x-amz-cf-id: _igBjdeFB02vo7PyBIYMZ2SDF6or9BoMaxErENjW5oaaA5yMRMgQTQ==

GET
H2 200 t_1c302ca2a3db40339a62054c427e9814_name_t_7383afecbb0f4bf0ace0ee9a2e6ecd47_name_file_1280x720_2000_v3_1_.jpg
do0bihdskp9dy.cloudfront.net/05-09-2021/ 64 KB
65 KB 525ms
493ms Image
image/jpeg 2600:9000:2156:8c00:16:e423:f180:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://do0bihdskp9dy.cloudfront.net/05-09-2021/t_1c302ca2a3db40339a62054c427e9814_name_t_7383afecbb0f4bf0ace0ee9a2e6ecd47_name_file_1280x720_2000_v3_1_.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8c00:16:e423:f180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d4f70aafc5957ec7a2a9de9f30da42712d341f02f7e72be0d76855804b5719d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:56 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Sun, 09 May 2021 02:08:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "a3696ab5e2b1712d0701bd0fcef8f3b0"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 65713
x-amz-cf-id: IEOnIhip6kGXqDMld_9_QGdn8EGXpqv9Rii6ck-N4P7r-z4_uQQzXQ==

GET
H2 206 file_1280x720_2000_v3_1.mp4
d1l66zlxaqpl1u.cloudfront.net/gray/2021/05/09/60974483c9e77c000736baae/ 747 KB
0 542ms
498ms Media
application/octet-stream 2600:9000:2315:4200:13:fb92:3480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1l66zlxaqpl1u.cloudfront.net/gray/2021/05/09/60974483c9e77c000736baae/file_1280x720_2000_v3_1.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:4200:13:fb92:3480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.fox19.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 04 Mar 2022 15:32:56 GMT
via: 1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
last-modified: Sun, 09 May 2021 02:10:19 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
etag: "9cd27403bb69e13880f2a4f5f5bb8ec6-13"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
Content-Range: bytes 0-66082381/66082382
x-cache: Miss from cloudfront
accept-ranges: bytes
Content-Length: 66082382
x-amz-cf-id: vl6n6XHa8CPgShj1G3sIPtRymh34uClqj4YK-Rv_3bH5paq22beJMA==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030101&jk=2546781694605826&bg=!KCulK2_NAAb7UztL-1M7ACkAdvg8WqYsk-wv48hXcPf8njJdB7D-riz0d-Iqw13CsrkEKpOM_vE8cQIAAABeUgAAAAJoAQcKAJu4SFJ9_WXVLF2c0YxIx89NaAaCyA86x8aKlYMr2gzM1hdtejFfzje6npv4vmTb7Y3HO-SJmLXbnVdXbxtAjs8Zdx8EFdbkbW87UmMpF0lFiRCqPpN0jDVeDvBtD_5DGz6HIc0YZGDex3MMY4Gp3hzT6KAz2NLxddSX6d8yXiz7ObT75pr3Hl7NfvcXXUOESzNuUHvYuHCyWf3rzJkCoH3CKtaTBaeG2GgaomF0qn3NBR5VKYHitHp4uRy3wfG2J6Ltd8-viy1NEYGtYapQ1C4skszkWzwiJrYjYfRuHz4MD2cAxMuK3h1MwrM6XVy8R7Anh_rODc9IKZpY1pcSMhdTYp_fiN4ysyX7RJA_mo6418Dj5niikFCjs0xkOFZQQDeuv9IZWDVaAEfcAG2MJZ2kMBoGRMwXoDRJt46_hyAa_YrfsUeVgJs6PVZpT5GJS9Jgp2GhWukbLEZWEm_vyE1b5T_czT64dMOY2aG-6FWRTj24cXp6QXMWiVF-KU3llNUnMv9fT4k2egpRinENMXcA7wuaevxVqdYSJ3xUYh_SPB9SldO-dHEt9LrbKGVX0sifqXXZnkZBlw9Ggz1XmG5hfJ3a3texgMBEQizM4ziixq2tbrtMfmAbAacdccJugzF0x4vW3NRAYNfLzogTda2-72aZo26p13-urPFETT5X5TklI2CXKwn4yrElCxUsdruHiT3rQe2dI5ALOO4OJ8bkQEYuuITTquvxx1KoP-_UCXSXzqGGmGxqF5FdhLKnZL2VahURKwanO5yfv1-BbRQnfaO_MDgx1L6eRumUWC8SzKN8FUz6-fK8RmvYKTQEHWzScSnswEi2RhplXIX2aLaBnZmF62JXQaC86SlrQCEvvG2G6qfaR9TD_Q5o8IhdRSfySAcEgqRV80xB082YV0gjICEnMpPOgIYlTFbPW7vI4GpL0oQ8GtRCebbkNHKTcEblz8Q88u4uetUtKC6WPyGZu0QJUPt1tbgOlouUitNFdRAt9izs5f36pZuGpI4OHxHXfjpImBD7sIIKT9cToKPME4T3dhkyAULd0cUcjYD_wsdcKVQ43OouleN2m2A9h5vH1v38xm2z2iJwyN-qbQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame E29A 2 KB
1 KB 87ms
16ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=1623176&plc=50753021&sid=1366186&dvregion=0&unit=728x90
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 09:35:31 GMT
Server: Microsoft-IIS/10.0
ETag: "8f6388f116ecd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1163

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2FD3 0
20 B 46ms
45ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlWMrJjEiYuXjIqWNjuwPpume2AkAAAAAOAHgBAI&bg=!ERKlElbNAAb7UztL-1M7ACkAdvg8WsYdEko5wC_bZ6k2e_arnI3cEGKLlfM4ZNowSnBgnB48w7VCogIAAAB6UgAAAAJoAQeZAzM5VCKPpNTt4GyzEfM25ACKnvMT5RgUyDvNBv-ifgpFkS15hK4j15G3FywIg-wiU5wk0EJq02UMiZmWj1Bp0l_2k7H7nRYocWmFCnIVQinsWP-DUvGLBIST6lkylt69x5OF2tAlmFA-fT2lQ1gSflp4mWD0CSaG6mIqdwFAlG-rQnYwHX_4BB5A7OeHUCnP5gW6MHub0SvZk52MNnGO6skuT0WjptPT1erBnK2ZXRB8B2xwKYef2SvCEqIU83IUXlLBMopGDrk36Ms_nsYvoC-VfFqsiRrjlbMav85dRgbfFlDKY3PqKJdRvgWPiCYylPmnuhrcUjOZFtWzclUBNDn9mMxeVT9BwtdK7XJaQKy8DKmQS5YponG9OASPBZH0iU7t_TXOsLra0wAlSxUtyqaCS5F6xaFXgFRxR9gYQatddZ5J1bOzXL9o8EUXdiBcTz7SUGHsoG5Vi-EDulMQeJpAMGCsFmmchvYFK3J3jFY9lIU3jXDtEFDcWJEuRtP_-is7hoDRNyxlPpnE6w7bRxjYtr0IpxqKEISbaYLPhqIBIUA3AqwjmU48YEjo6OOYOOtq5ukcBO5phQd2C7WzD3Ai02-nON6HaLRtkZhpgKkU-BxBpF3VzAnq1mq-lmTC4E1PGhuoGD_SVQCIjDcySLYxqMUzApksDMznl7_1YzjDsM7mK7gNKq0eUeyqZizUrSqUw8RbL2_FZm7GF4IgWaewJ-DJ5UbNRUN1OQ0PiGOR9q1o24crAJ3-qQDYhDZQThINmaSWSpuEzW5-Y_jiXPNkr1XMV_Tt1YKZ3xNmkLaLs9euStRfds-bzDSuCNyQL_flxsX3azSPDoUXfdMWE2f2H3udlISmlyQE4jxJCErgp0rZUVoDOk7DoCEAy4E9ps1zVC_6aj-8PzeYh_oMhna670jHDiINGgyT4BY2pWbzn3uopbKNQKGoB-lLxtCAoUOkFNo9ty5GtsveeRffv15Hc8_Zsb639AZmliuHyBRN9hCd-IXV05EBPuKO7cx6WwfX6LHtYD3lqnO7RHnwEIfNvD3aQGIp25K_xvxDlvfp3hvFqMhikBAyKuutWjLiMB03Xdw

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal101.js Show response
cdn.doubleverify.com/ Frame E29A 55 KB
18 KB 15ms
15ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=1623176&plc=50753021&sid=1366186&dvregion=0&unit=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 09:35:46 GMT
Server: Microsoft-IIS/10.0
ETag: "08517fa16ecd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18088

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 156 KB
34 KB 954ms
934ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F&settings=true&recs=true&widgetJSId=AR_4&key=NANOWDGT01&version=2000617&apv=true&sig=rLsZgIZ9&format=html&rand=35011&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=1&scrW=1600&scrH=1200&t=YjQ0ZTExOWNkMTUzYWU2YzIxNzgyZDM2ODY3M2MwMDQ=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=1&lastCardIdx=0&fAB=8728-59448&layeredTestInfo=8728-59448-,11743-0-,11837-82666-&dpr=1&cw=938&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.fox19.com%2F2020%2F05%2F15%2Fbbb-warns-scam-targeting-people-with-roku-devices%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000617/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 69e9f9b0366232b8cd1aacab480e708420b7b54a83828b8683403f70ae751522

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:55 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1646407975.946089,VS0,VE927
accept-ranges: bytes
x-served-by: cache-lga21953-LGA, cache-hhn4083-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 456612a5627f22202b8e9fe2df8ddcf5
content-encoding: gzip
content-length: 34897
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame E29A 2 KB
1 KB 108ms
14ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_734985837323&jsTagObjCallback=__tagObject_callback_734985837323&num=6&ctx=11655933&cmp=1623176&plc=50753021&sid=1366186&advid=&adsrv=&unit=728x90&isdvvid=&uid=734985837323&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.40&dvpx_strhd=0.40&brid=3&brver=99&bridua=3&dup=null&chro=1&hist=2&winh=90&winw=1024&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&m1=13&noc=4&fcifrms=5&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=149&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D7%40I%60h%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D7%40I%60h%5D4%40%3ETar9EEADTbpTauTauf7h4_46h%6053a772baeb35a2b257b6_g4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTauf7h4_46h%6053a772baeb35a2b257b6_g4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=7.00&callbackName=__verify_callback_734985837323
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: f75cedbe094455da5a5609d8de23d5b44138ae9df2d9963b39782e9af8b18ce6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:55 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 1
Connection: keep-alive
Expires: 03/03/2022 15:32:55

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 74ms
74ms Image
image/png 2.21.142.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.142.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:55 GMT
last-modified: Mon, 20 Dec 2021 10:37:08 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1639997226.754678"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Sun, 03 Apr 2022 15:32:55 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 119ms
119ms Image
image/svg+xml 2.21.142.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.142.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:55 GMT
last-modified: Mon, 20 Dec 2021 10:37:08 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1639997209.278109"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Sun, 03 Apr 2022 15:32:55 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 186ms
91ms Fetch
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=824c7094cb63b0734df061b586b91788_1436_1646407974882&tm=1373&eT=0&widgetWidth=938&widgetHeight=411&widgetX=165&widgetY=4175&wRV=2000617&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=31&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Fri, 04 Mar 2022 15:32:55 GMT
content-encoding: gzip
X-TraceId: 8e60b57d4c6e4b1997867096031662ad
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame E29A 0
305 B 24ms
8ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=77b1e6482d374c25b6cf2ffbf1eb2fb0&vfdur=109&cbust=1646407975055596
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:55 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 03/03/2022 15:32:55

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame E29A 11 KB
5 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 14:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5008
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 18:23:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 04 Mar 2022 15:47:42 GMT

GET
H3 200 impl_v85.js Show response
www.googletagservices.com/dcm/ Frame E29A 42 KB
17 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v85.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17382
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:13:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Mar 2023 12:47:42 GMT

GET
H2 200 B9689862.280630144;dc_ver=85.248;sz=728x90;u_sd=1;dc_adk=1362464665;ord=liuac4;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=2,https%3A%2F%2Fwww.fox19.com%2F$0;xdt=1;crlt=3!'q-c3vPz;... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame E29A 45 KB
23 KB 74ms
46ms Script
text/javascript 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=85.248;sz=728x90;u_sd=1;dc_adk=1362464665;ord=liuac4;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=2,https%3A%2F%2Fwww.fox19.com%2F$0;xdt=1;crlt=3!'q-c3vPz;sttr=19;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

5adbf6c2a05d195c91117d53cac039827afcfa3ccb699b99cd995ed764172480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22632
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4080 0
0 43ms
42ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4DjjysMSyh0jMeUopp_yVuxVRpYQR8lMGdc_t_dcuOGBIqR9PrvArENpiMoUdylCj0ulCC3jRKfMSXB_e_6HCt7xfSmtZacmYy-0kmKv6sMNhWi2Stw5USHB_Z88jaKmsupZNqHZAbzi0GcCFEJM_y9QdZts8Rt7GsFH6jm6-CN1HbmXKVQKbHq9mrr1Dc3X-ZrxoOjq3Z35V0I0hFkSZBSYy6-81uWDkvj8a-WTzscXlR2CBXmvsCQB3itAvh_267HRRu3HjnguLRqLvDknewBJ4ScX00ymlIit20cpysp2lgSRvpmJAyd4&sai=AMfl-YQVSM1c-y0jZsyymnqTCp-Nfrw5rAm-uvHl8N__JXwwLc-TLm49qUPS4SDXSVSHyTLyYbYlTVS_RRlZhL22zOcMvLVfUDRK_a0R7J0W&sig=Cg0ArKJSzL0BTFO8OsfpEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 15:32:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 4080 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:31:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4080 124 KB
38 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 15:32:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4080 0
0 15ms
15ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSunRKmKfbvtUQCRz0FkwgowIt0eFptKKpgvE4xg1oKZXEcSmrlAMosv_9Lkj9sSbud6Nh-
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 17545743137168950595
tpc.googlesyndication.com/simgad/ Frame 4080 141 KB
141 KB 8ms
7ms Image
image/gif 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17545743137168950595

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a77f4223fe2163b450c8c577a5c938833adc93c580bb441c7a9ec9ee1f3c5a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 10:13:32 GMT
x-content-type-options: nosniff
age: 278363
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144148
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:29:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Mar 2023 10:13:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/elements/html/ Frame E29A 8 KB
3 KB 6ms
6ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=85.248;sz=728x90;u_sd=1;dc_adk=1362464665;ord=liuac4;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=2,https%3A%2F%2Fwww.fox19.com%2F$0;xdt=1;crlt=3!'q-c3vPz;sttr=19;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:29:33 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E29A 0
23 B 56ms
42ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstG0y1mWTk8znilUydFoDT_4bOHxC1syPqmG_cPJPBZgIvroTRMFzvzIlZN1ANJYZy8fGCLaGWoxO9Tip95aphe_Jq64LdHk6PH0GkSA_ca30uHoaLuq9GvS980JWOcIxAGkAzl8_uC40yvTicstA&sig=Cg0ArKJSzFv_Th0-hF35EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220302.59165&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 15:32:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E29A 41 KB
15 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9914
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Mar 2023 12:47:41 GMT

GET
H3 200 17721130591974731406
s0.2mdn.net/simgad/ Frame E29A 69 KB
70 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17721130591974731406

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 23:08:05 GMT
x-content-type-options: nosniff
age: 231890
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71148
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 22:07:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Mar 2023 23:08:05 GMT

GET
H2 204 / Show response
track.adform.net/adfserve/ Frame E29A 0
333 B 22ms
21ms Script
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=50753021;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=55743575&extPm=55743575&extCr=389359233&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C5fqMJjEiYpmnC77G7_UP2aOReLiI5fxly72kqO4Oue7wyKoBEAEg-b_DI2CVoqCCsAegAZH-0aIDyAEJqQI1PdpABHeyPqgDAaoE7wFP0NvJU7VzyR3HIoy7getL5CTPo9rlc8IQlTLw_N-Zg5NKyTC_IZzXQmIyy-KMG4iqm186Ml5cX4Oqqx07-L_KmNeyAAM0Ov3GwUNHdZaOTwvxWx4TsLsM7VaetWXdY1jnYONstd7a-4Jhq73DuvP9cEWqEbYzhExnDVTugRodSzWvFmKyurcbAfJX6tL9oI6SCPfONWqVvZunsVfvNqF2vhyGdMO78dUW2CWITz3a-u_8deNCBffPfQCZ5Tx1UM4ybM7vokIji82Z5fJtjyISSY_T8W43V71MzJiOSq1WfMLDRUcsDW2g7lM8RTKzU8AE4NONqNYD4AQDkAYBoAZNgAfXga5dqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBO7vLcOyBOrie_dA9ATANgTCtgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAASKORooXj_j3OX8a_H8CvRsdfKi00YFTFa6h1PhMlEhQaAGBH5iLfe1LI&sig=AOD64_0LMyXCoYffn3wHeGUoEdBY9w2Lew&client=ca-pub-0883126725773026&dbm_c=AKAmf-AQ3c6HpSIq77WD53COxpEqPRrrNaO69P1Glh6wF8vL-KHSmOvJiZDsGE2aVO9FKV226E_XHVLG02_RhzWK6GHIGswPovsQHMdoiBGzFuLNVHfdSBT-tFzlCyIuI2FIC2LmvfCU-dPwnaN2G4l-1ztL2sF9mw&cry=1&dbm_d=AKAmf-BJ5OMBueeQ-LaguR45mzztDVnJUDgq2A45EvjSzGVqA8ggJSj2qOKOfCdRtYoGmDrKWFoZ_WQTcgG72XjcNpI2AsYHNXd98eEGSvn_D0iv9l_VSKTFw6h5Oq9MTNeUO6rk6DOjE0xSzcWjjf_g7vOhxMaaRyTS-0j80Fce2ZdmKwVmev7DpZeU57lUwUdOhh3implmYkMSwsZ06b1i8fV0_7-e884O7MSh2oyjUWruFisI8i_tOXSdxGRtdPG219n1InepHT-g17atcYJr4rPSVdbF7tVtcVbshfbryuB5FrOaDnLR_wjDITtZR04bdpKbF2dfmjPavvhCpkT88zl9avmYXo4VFr4SPEiJ3uTk8Jba7BanPH46bsp4tJX0-9Jwu3RiZ9GzVsBc39S-OL35vv9Jz3OxbdIA-nGaisRjhOxCwGNRQmcOte-4rSpNtParhVZP5WvLE0LSTgNKanwX_HY1HKMIoyXFxkqiB2tbd_Q2998k_jA26FKp65MyMPrLS45UEegqXGWDH0bZMT6O--uqag&adurl=;js=1;adfxid=1x;2190;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0;bsdata=1&CREFURL=https%3A%2F%2Fwww.fox19.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:55 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E29A 0
23 B 42ms
41ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 15:32:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E29A 124 KB
38 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 15:32:55 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4080 0
0 42ms
42ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9e7HTGmaeMWunVTt_l5QmRDHJaFyu94G_9LjJpQBJNx7h8nIMMexf9HkslmlIZ1xelPvjjM9cNfx_ZxqH_3rZqBjvWitQCXyyLITf8a7GUHiT_PoXP7uSYnHW_E2ro6meMclf327_kGb8fjz2v17IKuRMva5nJ4Oxpvt90jcT2LNLd07i7vV9iRNYiHdbW3D87OuWkYSD_Xk0w_JyxFg1Zb7QogkJV2zwdkacqGAzf-b2ZP6yc8DrMe-oI4IEfdVTt4_EYpWoRoqTPplKrc-c9eAl32iTSzL_W19bovzf1E5F8GekVkt0S2SdfA&sai=AMfl-YQFCNbf7MIlrnoBz_fCLPiOnmxOaxRdghCWBI_vTyj15KXF5WxyAigcbSi1GeL5uvfZpCH_glYWT4yXLA1B_o7kGm0tVJzJLIq6JQh7&sig=Cg0ArKJSzMJp5Na-2ilMEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 15:32:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 04 Mar 2022 15:32:55 GMT

GET
DATA 200
OK truncated
/ Frame 4080 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f8175051b2e95174c336a771e14d48b832c609e1114de764a63a837190ad6c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2DC7 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Mar 2022 12:47:41 GMT
expires: Sat, 04 Mar 2023 12:47:41 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 9914
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E29A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 169ae06232bfaa9b7dca9eda994725882c01195f7a136fe15361dde537803c00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2DC7 35 KB
13 KB 7ms
6ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:28:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13728
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Mar 2023 13:28:14 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DC7 0
20 B 46ms
45ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOW7aJzEiYrCFCNOp7gOAkoyoCgAAAAA4AeAEAg&bg=!FRalFlLNAAb7UztL-1M7ACkAdvg8WlF7dxfnAWgS0wJWhO8GWPnm9UqOuPqt2tp1A00fVhCXpIk38QIAAABRUgAAAAJoAQeZAyUFTKrd7M4fn71wg-9Fp9p6yE6M2hq8Y2Khbmjn_lPS-xMSB3zPLUDIaiO97hHhdXW86LqjeMeE-9n0n1S8BI8wMGT0o7mS1sPTqh6zDDr5WRtsQ1W9YIOOT_FhlP2NdcA5B88UsdwM-ldRMoEDHcAoi0hWmvwO5a1WkhbD0rxKIlseMbgqgVHpekmzoe5o9HF3eHklNGos9OduxdjaQdmSuLy_Koqt3up_tLXa_qxZf7IE4txMnQuxAdxTg3ikV609PNSxVEn3a40rktJ5lZaAX_3UGRvljFueLlynFoyuIpZAoPVnL1CjR70saK027Fkh7JKvgznNEqDeygN4vE5y-e1HZoz1ui1HGl03chn-ItmsArtX9c2V8eIWqHXjCPqagpyR5kAFSlj45x4gvCMKWbVpPh-DLHxIjQrXwHHCRLz7QqbFU3kITAizwfYgm4mJzuBDULlfClKiqH2LKBBMssCKliyh4mbYIuDWOkvlqc66K3WoD2vt7uTyr7PEvsq-jhy6Y5mg689fIvG6KclqITNGki4IeUmWi-C62PYPinR2sVD_VJNLW5tjcVDyBkrHrUnGWmmxWMt2lIH1U_hScNnRq3Jr7ljosJfzfZvpVpo9zMDJZ2hzyjHwPgR_wap2W1_arSp77G15ocG5_RYZ7igpgtopmo_SEKfKPkniHUeaJ7tfv3PO6uJWqcVY0VKlz5iG27FSTeeNFODKat_yne8rVL4VXlHfUQ7yYao_oamzFIs6__VfU17bsFV-iY8-sM_EMQoRrOEbWWuYOXezAOljTs_dWhFYNQIeoQt89rmGaGEJrBuKwmXEC4oaiHxBHfgml7vW07NBfxhAju8UTiabSalsgUaKGz91UxsNq5G3X72UAgXpjEKvW8-QNA3kmTYr6MGEIE1NqztlzDoCmuYST2k9yjz_Pu-SjEk4ggkXWw1n4TJk8RDr5jRuQq2Fi-AF4rOEfNQ1mypzcvlR59k4JKk0J3BQLllfK2EWxh-kBHQ8lhbpY5Hbjv9m-h26qeO1qlx733TEGwrFoZ9BDZtPYDlC20z06daG8fhAx3QaluFn

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AB95 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Mar 2022 15:32:53 GMT
expires: Sat, 04 Mar 2023 15:32:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 853B 640 B
318 B 20ms
18ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRC_t8b5Ahjn68zAATAB&v=APEucNXqpSBV5f2MXJTavsPoN05r3F--hTuEfHA8aPMVjGE1SqCb8yN5a4mTI0mf2QFQciKwaEPuLgrtyJpafPOSivc-eyji8w-kMffTDYjBcka7a3D33uLYXyeNv9-1kKEAv1HMNDQKGAkqL1DKfi8hDsKIeNCRGrr7W57rQsKWcw3EohuWKHM

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 04 Mar 2022 15:32:55 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Mar 2022 15:32:55 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AB95 26 KB
16 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COKn12Sa2CsXSFa0dzSQKGasRNi4tAa5Uj2tFdGnp_5xo-QwfuUPaf3qXC6wAbXXw_w5F0UlH4gWvA08RsGhR6qw5VhrjlYfeAoiFfFCbAkus4ajlVEx32lQSyvWSssr9JgBQK1cepZqE_He27KXACp2t-0w&cry=1&dbm_d=AKAmf-AXPAmWbzvzx8wpNeOQXsgDrm1HlszgHeNpJT8YLnAAgW-aC7hg9Ai7fkmz1xs-Sb8bjsdU_7BBtNRjLLqBM074ePF6mVAZXKcSuWxdHEqqkiRZeKgIWvJAUMPLdkKtaxD4dcXMPb6N_4262YNy8uDKf0DtWl_RKkIbsOCOhFXrqEH2SOczb3w6tFeq9KIWzH_NXrWeyszA7MVTgnf4rhUL6zWxh7B9zNcUXkHBKeP799A5ibeJfBkBJKpe4RtBWxpdoWelW-3TKLJNEq8t0i85Oo0RgxDGzHIl9jrSaLPUUbZbNQ2TVzScGn7jqLdcEVF1dHXB-dkFteGFHeRcZYTz3vtutS7I44LaxiHb745l7Q6aLCFDPEM6NI0Lr1OE-fhyv-OtzsnByCKoKbMqPjA_was8_bXMleSq6oQ9H5zXO4yy_sgTR5K362mpYfPHHHnhECI5N6xHAgYRkJJ3uJzVNpMPOa2RGQyjCDr-HExiNuW9wgQFuvmYSmrJ6Wkra8IqeYt_M6O6FPFNTVsSxDd9brUFZn5C-KIekU9495fe8EqXmKU_wiiw76YayroI4v1lEFLwGIG7AtCauZ1Vw-IbMJWRY6qwv9-v16YYAOYQofLyxjj7OKz7efbeQQPIUYVbxB_7bvxV1QUYvtXLQ0RiN7gSAX9wHmR-uDh3S5ErD8CVW02R0LkACKblymq4ut7rPecGhk2NgQqTv279_7YjwxYjjulj9eOOzJ0cjR9eHFhvLgExUx1ssPYAHTablfdFQZIdh1s3bpS04ZdvF6ctyaNEqG84Yaf7RRkxvNDePCa0oPeIhEfiNLD7qvp4iWpEP1Elt1G09-iYb1yVrxQDPXnnovtOhFYreYC587lJFdK1vFC1Q23zyzgztW1Pu3O1pNu_RutaIjWIwWGu-LbAHgqwzBYRbec9TRsIUzKk2svvzp3g1MZUr62dGGs58X1m1GkawlYukTjrGLK0f4-Eln9octN7Nz_6NpT04bFKOR5ifx6kq5HzTA9yzk6G7dPq46Qk8crtVEYQ7aoqQUjA81NzF4F9qfoIi6-dFZoB_rV8tI5-CkXetu2lhb9QNkYe2vPoO_K9supC5zSQcVgXIZcaRqzx9sqZGg_tQvpbn-wZe1m_zhZX3PSUz8HfvKMGnWmXJlotPkKo_hN2xNW2ba2oOGRi9QEz8fWKfx8vcQVJZEBdBWWuk39FtfCTf5LAbh3jzLRMGB0wqscoc5CqKyh-G2XqeZS9m4h-kGjU6AmHF48Cn424Mquu6UQgqE7NFOR4ooDsq55FlHl3QpT4HCd6rgmNgDCr0pt3EKzvVs6gpFMw_0-ypCSZXXsXbwci89bdlyaUOuvjBLOXJP5Xev5cvkj0zTT16xzC1E_XT3IloOxswegpWI39DbNe2t2yasOnJ_k_3sbLlPO00BjTyhrjQ8jj7BABf1kdWuO2oi6uAMotM--EekR3KFL31NL6SDtciBhIyjpzN-vgpWNEvN_P0SpU7E9GiWI1dpN09pKCeEfAubMCIPjeBfKVOzWnyJ-drrH6YB_YJ--TlX6isdbb73IhLBzjQhwWAdpms5E0bFkxzabazMpWC80VcM6huOIWz8CyuM7XW6TBh9CmNx74CMm_i4R5XDp2xpGoDvnrywRKJUkZO0I3yF9dUSK78FdXdlDKoBguiHWZ6v3zTqt5fcocXng8bMy4DCJrWaIPYVO99HzTk86fbDJ7I7Yq3HS3Zrujpes5b6m0JwhLtrD_R4V2-Kj0AxBNJaEgwbqC_ZJSmusVTe5wQx1a-FFRUDFI4yWNJloL6fy2TSQResw2fD3mvaGmV972xWiBJevCEVFQ-HBMe0N9dBQ9O5etO6qJRCl573wJiiFonHM7G0UYx82cknJTfg-wLq6OFJJwjttWupukcxcTMjlpwu2Cae4haSTsFjzILaZ-_npvytSxhqlsIWKzD9tC9WMUEaXF7Pleu6wmmuQNIXWxb-bTKjqVW1qmRtzPCifUUdgzjffJbRE0rvvw4aKQwx60gC3jEJQ6mV0nDQ2NS_NeZKyGpnpBsTwzveq-zpZ_jTyrVHgLkJ-opG9jSRRE8dlLo5nRTgIeiR5TDK3BRTsuyVNJOwTa_VQwm3kco231kjhdZvZ4D9rH9hwxekgbOmsk75lWelCQjIGfioYbXqcGsUqYzRkmB6tyACxpXRewuEXpmeOlv5sRMTe-EZol48s2LaTz0GO9ucoStBTgSDCR9UP9XAZVDzW9NNRhFgv1BVCbvileedBtfs5qxab_pGNbxXdXr-Dx6OZqDL_R3ZR5eVSwEcG-a4barBeMhsQg20Nj4SebMkhbNepmQwtjYdLFdxm5h31zZygPfuNnxRxqpUQ4N7jXEz1UP0yzQysgVhaTrlkXpSMHj577uteJnKrt_ILvP4KPcV4Qv41_6KGMyskwZz-9Yt5NTCJntPkzVnf1GMEI2T03xpLuuB3OMEhrJsIzliuIe1uI3yp7hxJ5-UFtjxQ1XSRk6o-nxxjKMCh_hGC7nPnpgpS8jj5fl1_yQoKybRBQWFdIxk--yBNpDmbrOysCqK5g3u9IxdLx-JcJ5nzqTNRrsQhdrP72Ex7BTg_L4YHsdjiO8eMOs0ZWn59XRgnX0dhYPr_BQvqCoA8WxZCsoHnoN0oB6_uEa0rY3AIDaJ48gwaZ2e3F5WeN1tEKvyHGctqkp3D_ETgphWG6YDDtkcpbBbzX75RCAymv2i-yjwO3rpba3y063FoEpLfWZ9oAcoKhNXSM7P8unr4UtmzQLPscLL46fuCAJPWm8YQOOuwymjeZl1t5DHD4GHvxIX9lIlkw4ppmVwFHXBb9yny1BFYMc0CNIfvMkFPwOTU61rpyHUNf__ECx8hf1zEEmMg-_Z3KZS3mgmKFeWbratHn47neUuegL6pKsUnJoPHSxcXeQVLkUFSRsJC0sunC6pfmvtR3eYijRlngozhI20S_M17fz9TaIgw4VtMnsInHhnYNBVPe2p-jXyC3YFEdEP2XsP3iorzEu8ZFIGW_watkQrbADoudvYpNwuFrl9yDGH0bbz2KNpGJ2Z64uMJrlmhVveL3gntNU70m43kf3hNtJA&cid=CAQSLgCNIrLMB1ewdCuxGvfBgjCRdjrhn6jGJZT0AM1zekwG6vKspFCU1pf4PiFxZTE&rfl=1%2Chttps%253A%252F%252Fwww.fox19.com%252F%240

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1982828d76f0f84b5662fb5ef66a547ca7f37e6f86d87d217052f3e2040160e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15994
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB95 42 B
63 B 40ms
39ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DIKj8G1OCxYSdcO_ellPNt3QtsBzMAMWoFRooN4LFkF1ObvOLTtktJk12BWLDtkaKwPBnb8_bFCFgS3Y02hbLsLVucvxBSR33DlSN0nCSMlLXTMkE

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame AB95 2 KB
1 KB 15ms
14ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=174157&plc=6273193&sid=18330&dvregion=0&unit=300x600
Requested by: Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 09:35:31 GMT
Server: Microsoft-IIS/10.0
ETag: "8f6388f116ecd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1163

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame AB95 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:31:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB95 124 KB
38 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 15:32:55 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame AB95 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:32:19 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 853B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELEKsYjl9LfhgcurgfbNAuc&google_cver=1

43 B
114 B

24ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELEKsYjl9LfhgcurgfbNAuc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRC_t8b5Ahjn68zAATAB&v=APEucNXqpSBV5f2MXJTavsPoN05r3F--hTuEfHA8aPMVjGE1SqCb8yN5a4mTI0mf2QFQciKwaEPuLgrtyJpafPOSivc-eyji8w-kMffTDYjBcka7a3D33uLYXyeNv9-1kKEAv1HMNDQKGAkqL1DKfi8hDsKIeNCRGrr7W57rQsKWcw3EohuWKHM
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:55 GMT
via: 1.1 google
server: OXGW/17.2.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELEKsYjl9LfhgcurgfbNAuc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 853B 43 B
305 B 40ms
16ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRC_t8b5Ahjn68zAATAB&v=APEucNXqpSBV5f2MXJTavsPoN05r3F--hTuEfHA8aPMVjGE1SqCb8yN5a4mTI0mf2QFQciKwaEPuLgrtyJpafPOSivc-eyji8w-kMffTDYjBcka7a3D33uLYXyeNv9-1kKEAv1HMNDQKGAkqL1DKfi8hDsKIeNCRGrr7W57rQsKWcw3EohuWKHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:55 GMT
content-encoding: gzip
server: OXGW/17.2.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 853B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESELLAjHyju6trCGmHQSDPcXs&google_cver=1

23 B
172 B

112ms
47ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESELLAjHyju6trCGmHQSDPcXs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRC_t8b5Ahjn68zAATAB&v=APEucNXqpSBV5f2MXJTavsPoN05r3F--hTuEfHA8aPMVjGE1SqCb8yN5a4mTI0mf2QFQciKwaEPuLgrtyJpafPOSivc-eyji8w-kMffTDYjBcka7a3D33uLYXyeNv9-1kKEAv1HMNDQKGAkqL1DKfi8hDsKIeNCRGrr7W57rQsKWcw3EohuWKHM
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:55 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 04 Mar 2022 15:32:55 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESELLAjHyju6trCGmHQSDPcXs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 853B 23 B
172 B 123ms
41ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRC_t8b5Ahjn68zAATAB&v=APEucNXqpSBV5f2MXJTavsPoN05r3F--hTuEfHA8aPMVjGE1SqCb8yN5a4mTI0mf2QFQciKwaEPuLgrtyJpafPOSivc-eyji8w-kMffTDYjBcka7a3D33uLYXyeNv9-1kKEAv1HMNDQKGAkqL1DKfi8hDsKIeNCRGrr7W57rQsKWcw3EohuWKHM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:55 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 04 Mar 2022 15:32:55 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/ Frame AB95 25 KB
9 KB 7ms
6ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COKn12Sa2CsXSFa0dzSQKGasRNi4tAa5Uj2tFdGnp_5xo-QwfuUPaf3qXC6wAbXXw_w5F0UlH4gWvA08RsGhR6qw5VhrjlYfeAoiFfFCbAkus4ajlVEx32lQSyvWSssr9JgBQK1cepZqE_He27KXACp2t-0w&cry=1&dbm_d=AKAmf-AXPAmWbzvzx8wpNeOQXsgDrm1HlszgHeNpJT8YLnAAgW-aC7hg9Ai7fkmz1xs-Sb8bjsdU_7BBtNRjLLqBM074ePF6mVAZXKcSuWxdHEqqkiRZeKgIWvJAUMPLdkKtaxD4dcXMPb6N_4262YNy8uDKf0DtWl_RKkIbsOCOhFXrqEH2SOczb3w6tFeq9KIWzH_NXrWeyszA7MVTgnf4rhUL6zWxh7B9zNcUXkHBKeP799A5ibeJfBkBJKpe4RtBWxpdoWelW-3TKLJNEq8t0i85Oo0RgxDGzHIl9jrSaLPUUbZbNQ2TVzScGn7jqLdcEVF1dHXB-dkFteGFHeRcZYTz3vtutS7I44LaxiHb745l7Q6aLCFDPEM6NI0Lr1OE-fhyv-OtzsnByCKoKbMqPjA_was8_bXMleSq6oQ9H5zXO4yy_sgTR5K362mpYfPHHHnhECI5N6xHAgYRkJJ3uJzVNpMPOa2RGQyjCDr-HExiNuW9wgQFuvmYSmrJ6Wkra8IqeYt_M6O6FPFNTVsSxDd9brUFZn5C-KIekU9495fe8EqXmKU_wiiw76YayroI4v1lEFLwGIG7AtCauZ1Vw-IbMJWRY6qwv9-v16YYAOYQofLyxjj7OKz7efbeQQPIUYVbxB_7bvxV1QUYvtXLQ0RiN7gSAX9wHmR-uDh3S5ErD8CVW02R0LkACKblymq4ut7rPecGhk2NgQqTv279_7YjwxYjjulj9eOOzJ0cjR9eHFhvLgExUx1ssPYAHTablfdFQZIdh1s3bpS04ZdvF6ctyaNEqG84Yaf7RRkxvNDePCa0oPeIhEfiNLD7qvp4iWpEP1Elt1G09-iYb1yVrxQDPXnnovtOhFYreYC587lJFdK1vFC1Q23zyzgztW1Pu3O1pNu_RutaIjWIwWGu-LbAHgqwzBYRbec9TRsIUzKk2svvzp3g1MZUr62dGGs58X1m1GkawlYukTjrGLK0f4-Eln9octN7Nz_6NpT04bFKOR5ifx6kq5HzTA9yzk6G7dPq46Qk8crtVEYQ7aoqQUjA81NzF4F9qfoIi6-dFZoB_rV8tI5-CkXetu2lhb9QNkYe2vPoO_K9supC5zSQcVgXIZcaRqzx9sqZGg_tQvpbn-wZe1m_zhZX3PSUz8HfvKMGnWmXJlotPkKo_hN2xNW2ba2oOGRi9QEz8fWKfx8vcQVJZEBdBWWuk39FtfCTf5LAbh3jzLRMGB0wqscoc5CqKyh-G2XqeZS9m4h-kGjU6AmHF48Cn424Mquu6UQgqE7NFOR4ooDsq55FlHl3QpT4HCd6rgmNgDCr0pt3EKzvVs6gpFMw_0-ypCSZXXsXbwci89bdlyaUOuvjBLOXJP5Xev5cvkj0zTT16xzC1E_XT3IloOxswegpWI39DbNe2t2yasOnJ_k_3sbLlPO00BjTyhrjQ8jj7BABf1kdWuO2oi6uAMotM--EekR3KFL31NL6SDtciBhIyjpzN-vgpWNEvN_P0SpU7E9GiWI1dpN09pKCeEfAubMCIPjeBfKVOzWnyJ-drrH6YB_YJ--TlX6isdbb73IhLBzjQhwWAdpms5E0bFkxzabazMpWC80VcM6huOIWz8CyuM7XW6TBh9CmNx74CMm_i4R5XDp2xpGoDvnrywRKJUkZO0I3yF9dUSK78FdXdlDKoBguiHWZ6v3zTqt5fcocXng8bMy4DCJrWaIPYVO99HzTk86fbDJ7I7Yq3HS3Zrujpes5b6m0JwhLtrD_R4V2-Kj0AxBNJaEgwbqC_ZJSmusVTe5wQx1a-FFRUDFI4yWNJloL6fy2TSQResw2fD3mvaGmV972xWiBJevCEVFQ-HBMe0N9dBQ9O5etO6qJRCl573wJiiFonHM7G0UYx82cknJTfg-wLq6OFJJwjttWupukcxcTMjlpwu2Cae4haSTsFjzILaZ-_npvytSxhqlsIWKzD9tC9WMUEaXF7Pleu6wmmuQNIXWxb-bTKjqVW1qmRtzPCifUUdgzjffJbRE0rvvw4aKQwx60gC3jEJQ6mV0nDQ2NS_NeZKyGpnpBsTwzveq-zpZ_jTyrVHgLkJ-opG9jSRRE8dlLo5nRTgIeiR5TDK3BRTsuyVNJOwTa_VQwm3kco231kjhdZvZ4D9rH9hwxekgbOmsk75lWelCQjIGfioYbXqcGsUqYzRkmB6tyACxpXRewuEXpmeOlv5sRMTe-EZol48s2LaTz0GO9ucoStBTgSDCR9UP9XAZVDzW9NNRhFgv1BVCbvileedBtfs5qxab_pGNbxXdXr-Dx6OZqDL_R3ZR5eVSwEcG-a4barBeMhsQg20Nj4SebMkhbNepmQwtjYdLFdxm5h31zZygPfuNnxRxqpUQ4N7jXEz1UP0yzQysgVhaTrlkXpSMHj577uteJnKrt_ILvP4KPcV4Qv41_6KGMyskwZz-9Yt5NTCJntPkzVnf1GMEI2T03xpLuuB3OMEhrJsIzliuIe1uI3yp7hxJ5-UFtjxQ1XSRk6o-nxxjKMCh_hGC7nPnpgpS8jj5fl1_yQoKybRBQWFdIxk--yBNpDmbrOysCqK5g3u9IxdLx-JcJ5nzqTNRrsQhdrP72Ex7BTg_L4YHsdjiO8eMOs0ZWn59XRgnX0dhYPr_BQvqCoA8WxZCsoHnoN0oB6_uEa0rY3AIDaJ48gwaZ2e3F5WeN1tEKvyHGctqkp3D_ETgphWG6YDDtkcpbBbzX75RCAymv2i-yjwO3rpba3y063FoEpLfWZ9oAcoKhNXSM7P8unr4UtmzQLPscLL46fuCAJPWm8YQOOuwymjeZl1t5DHD4GHvxIX9lIlkw4ppmVwFHXBb9yny1BFYMc0CNIfvMkFPwOTU61rpyHUNf__ECx8hf1zEEmMg-_Z3KZS3mgmKFeWbratHn47neUuegL6pKsUnJoPHSxcXeQVLkUFSRsJC0sunC6pfmvtR3eYijRlngozhI20S_M17fz9TaIgw4VtMnsInHhnYNBVPe2p-jXyC3YFEdEP2XsP3iorzEu8ZFIGW_watkQrbADoudvYpNwuFrl9yDGH0bbz2KNpGJ2Z64uMJrlmhVveL3gntNU70m43kf3hNtJA&cid=CAQSLgCNIrLMB1ewdCuxGvfBgjCRdjrhn6jGJZT0AM1zekwG6vKspFCU1pf4PiFxZTE&rfl=1%2Chttps%253A%252F%252Fwww.fox19.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

5421be34bc9ac3564a6daa35c769d13876e5fa7c4a5ed4892e9e8c65d31c1e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9662
x-xss-protection: 0
server: cafe
etag: 2172778821077356944
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:31:33 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AB95 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9914
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Mar 2023 12:47:41 GMT

GET
H/1.1 200
OK dvbs_src_internal101.js Show response
cdn.doubleverify.com/ Frame AB95 55 KB
18 KB 17ms
17ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=174157&plc=6273193&sid=18330&dvregion=0&unit=300x600
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 09:35:46 GMT
Server: Microsoft-IIS/10.0
ETag: "08517fa16ecd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18088

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 962D 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Mar 2022 12:47:41 GMT
expires: Sat, 04 Mar 2023 12:47:41 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 9914
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame AB95 1 KB
902 B 13ms
13ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_853410206666&jsTagObjCallback=__tagObject_callback_853410206666&num=6&ctx=3758893&cmp=174157&plc=6273193&sid=18330&advid=&adsrv=&unit=300x600&isdvvid=&uid=853410206666&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=99&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&aUrlD=-1&m1=13&noc=4&fcifrms=7&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=149&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D7%40I%60h%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D7%40I%60h%5D4%40%3ETar9EEADTbpTauTauf7h4_46h%6053a772baeb35a2b257b6_g4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D7%40I%60h%5D4%40%3ETaua_a_Tau_dTau%60dTau333%5CH2C%3FD%5CD42%3E%5CE2C86E%3A%3F8%5CA6%40A%3D6%5CH%3AE9%5CC%40%3CF%5C56G%3A46DTau&dvp_exetime=2.50&callbackName=__verify_callback_853410206666
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: c123bd5216a9b8431b7d5520d5eec306d0b6f5602134487bde23af2c82b90773

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:55 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 0
Connection: keep-alive
Expires: 03/03/2022 15:32:55

GET
H3 200 wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js Show response
pagead2.googlesyndication.com/bg/ Frame 962D 35 KB
13 KB 7ms
6ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

c299cd7441c413e1fe1d6906628f36bdc1142e35fb5907ce8fefa36213db2dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 21:00:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 153168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13712
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 21:00:07 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame AB95 0
305 B 56ms
56ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=8f7eb6b5910d48ec87b1847cece34cf8&vfdur=14&cbust=1646407975658119
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:55 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 03/03/2022 15:32:55

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/4/174157;6273193;201;jsappend;DV360;DV360RETARGET1PDRETARGETDCO300x600DCPMNOVFCTFY23AONADESBHOMEPAGEV1/ Frame AB95 2 KB
3 KB 101ms
28ms Script
text/javascript 209.197.3.19
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://servedby.flashtalking.com/imp/4/174157;6273193;201;jsappend;DV360;DV360RETARGET1PDRETARGETDCO300x600DCPMNOVFCTFY23AONADESBHOMEPAGEV1/?ft_custom=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI9aKhgT2oAr-3xvkCsALu9L0MQAHSAioYASITCKuvjdTjrPYCFSqI_QcdL2YO5SgBMAE42O3xoeQPQAJIAViZgSAQ5-vMwAHf7wBcc1NutE6xfy8fRyU6%2C16377205109%2C403912167%2CABAjH0hJG6NnKBcjoNNZmR1Tshbx&ftOBA=1&ft_domain=www.fox19.com&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.fox19.com%2F&us_privacy=${US_PRIVACY}&cachebuster=729553.6020403774&ft_keyword=SB_DE&ft_c1=SB_DE&ft_section=%5BPUBLISHER%20AUCTION%20MACRO%5D
Requested by: Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app2.lhr11 /
Resource Hash: 542a73016aea19163e9fa7931c12a02806874d967cbffa64908c75b9462889a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:55 GMT
Server: prod-xre-app2.lhr11
X-HW: 1646407975.dop216.lo4.t,1646407975.cds239.lo4.shn,1646407975.dop216.lo4.t,1646407975.cds003.lo4.sc,1646407975.cds003.lo4.p
Content-Type: text/javascript
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 2284
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame AB95 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65b548c1926d6590653cd1bed63e6a6963e8a24d2cabb85378b04ae0d5aa72d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK j-6273193-3300636.js Show response
cdn.flashtalking.com/xre/627/6273193/3300636/js/ Frame AB95 98 KB
23 KB 120ms
53ms Script
text/javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/xre/627/6273193/3300636/js/j-6273193-3300636.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/4/174157;6273193;201;jsappend;DV360;DV360RETARGET1PDRETARGETDCO300x600DCPMNOVFCTFY23AONADESBHOMEPAGEV1/?ft_custom=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI9aKhgT2oAr-3xvkCsALu9L0MQAHSAioYASITCKuvjdTjrPYCFSqI_QcdL2YO5SgBMAE42O3xoeQPQAJIAViZgSAQ5-vMwAHf7wBcc1NutE6xfy8fRyU6%2C16377205109%2C403912167%2CABAjH0hJG6NnKBcjoNNZmR1Tshbx&ftOBA=1&ft_domain=www.fox19.com&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.fox19.com%2F&us_privacy=${US_PRIVACY}&cachebuster=729553.6020403774&ft_keyword=SB_DE&ft_c1=SB_DE&ft_section=%5BPUBLISHER%20AUCTION%20MACRO%5D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 635c802f93cbfeb063c4317421d187fc2c3087b714b7c7c92ed6ac8ad50b497d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jan 2022 16:51:01 GMT
Server: Flashtalking (AKA)
ETag: W/"11760647255be802c404e0573bd20038"
Vary: Accept-Encoding
X-Varnish: 378610862
Cache-Control: max-age=807
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript; charset=utf-8
Content-Length: 22907
Expires: Fri, 04 Mar 2022 15:46:22 GMT

GET
H2 206 file_1280x720_2000_v3_1.mp4
d1l66zlxaqpl1u.cloudfront.net/gray/2021/05/09/60974483c9e77c000736baae/ 415 KB
0 54ms
53ms Media
application/octet-stream 2600:9000:2315:4200:13:fb92:3480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1l66zlxaqpl1u.cloudfront.net/gray/2021/05/09/60974483c9e77c000736baae/file_1280x720_2000_v3_1.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:4200:13:fb92:3480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.fox19.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=753664-

Response headers

date: Fri, 04 Mar 2022 15:32:56 GMT
via: 1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
last-modified: Sun, 09 May 2021 02:10:19 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
etag: "9cd27403bb69e13880f2a4f5f5bb8ec6-13"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
Content-Range: bytes 753664-66082381/66082382
x-cache: Hit from cloudfront
accept-ranges: bytes
Content-Length: 65328718
x-amz-cf-id: 7qBtmhOP9WZ2VVuXS8Rh6NbDDdDIOcE5WzQaZfhC4y39Q_96gyGRTA==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 962D 0
20 B 42ms
42ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2zlOJzEiYs_4IrSrx_APs6COsAQAAAAAOAHgBAI&bg=!SkmlSQ3NAAb7UztL-1M7ACkAdvg8WrQSta1ZXEeGjqUtN6Xp-VgHxiJ-sqqMepp6DyrjqJanBrCTVQIAAABdUgAAAAFoAQeZAvLZp4xSdYQe492d4uZOn63FqIFFjA44vDcmc9PZdXwnmChiDepxczaFiJ6grUZcALF3y0kVvfO-4yU18KKOxaUn6RIoym7vjFWetBLATsFpPLZFydJRhc44yj3I_fiq_8F9T5-UndofBloYWkVRk1Bv8FfZYl_i-BOv9ZsQHC216s9wpn7TEH3YLCm5MhiBrBvTEK0zPujnCMivb5VtCTeopFGv0Z4WyKLJN3CenRkTaGKiHSupiDr3dSVtjPXraJ271FJmgAU9rTYSTu0SvByL3lt1bsxz4ONAArVuc3-Hq46_jOsMnvH74KZIwB8C_BirDHAPj6yNDrBm2JuExqqfhoC1zCtUqWVKWk0iFzCAgS7fmT4WvZPTyMG3Cl4_z2LzqTsVpvp4l0moWQjxYEVPg5fPRI4PZpr_TH_bHhZv1IgZUfzPd2dXxhR4k7xZrCJZxb7IqOhRvT8FDJiVxL9qMq1v-39Dhz5PHjeP4dTxxdwfUmnH2wFt7qi1tEr-hnobDFZWwc9QzUIdRB7_tAnVD33fapVotTN56w-ft7PVdhVLy8V3F6vqL7V2kBVpLh5_aOoQSAt-YLkaDfEX3eu1Q0vsjwGTuk977zGz1S3xVzD2mmmwpes-P2smaL2kg_hRnQnVvtVJMFs0XZnhmpzhE1CsXbLvtycMnfm3mvdOmvs2bRKYAQXKB6WiOKsKMSIFm4ue9d20mOYvidQth6bkpRSdiHk4wqztwiX_epBREOkK8aUJa2DTdIN6VxY3wQUcwpIw-UjFGr4bfBnDECjzMkD84yoGjHuG_kFja8R14nYUxHSIYufVoDOYhzZArXPwnUpMRPrsnkWgZeAMbDozUS8Qj8LAL_Kz6z7oqYS0u3b6Bkxpl1HmtQqMOQGWbFWPASVA-eLZWYScKGK31vjR9DR5uh454JAzgnlUX1uX6NP8D62U22ox6ktXuA-8L4nWF9v19dcRQVe9wVWU_htq0Bl-9gJCNFso-nZdnkGbMEH3

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 reel.js Show response
widgets.outbrain.com/nanoWidget/2000617/module/ 25 KB
9 KB 29ms
29ms Script
application/x-javascript 2.21.142.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000617/module/reel.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.142.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1c465b4b9b5a06d44cde2f14437b6928352b48fe321b1704cd16967c2fb28c69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:55 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 13:04:25 GMT
server: AkamaiNetStorage
etag: "36a628983c07a4ee4af2c241f825a457:1646227636.774523"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 8362
expires: Fri, 04 Mar 2022 19:32:55 GMT

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000617/module/ 503 B
811 B 22ms
22ms Script
application/x-javascript 2.21.142.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000617/module/singleAnimationOnFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.142.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6f227fd2fa39124019ba277873910301281c96b0d40e5534baa3e10a0e893c86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:55 GMT
last-modified: Wed, 02 Mar 2022 13:04:25 GMT
server: AkamaiNetStorage
etag: "fe971284cabc8ac18a22bc52c82dde10:1646227638.955956"
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 503
expires: Fri, 04 Mar 2022 19:32:55 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 90ms
90ms Fetch
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=7c417b81751ad8f05e7dad3c4ca8b8e6_1436_1646407975313&tm=2320&eT=0&widgetWidth=938&widgetHeight=553&widgetX=165&widgetY=4215&wRV=2000617&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=973&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Fri, 04 Mar 2022 15:32:55 GMT
content-encoding: gzip
X-TraceId: 80eb0e27e14bbc93aaa0a2891da8b597
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 95ms
94ms Fetch
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=f356bdbd11e5343055c5f9b0895e2c2a_1436_1646407975363&tm=2329&eT=0&widgetWidth=938&widgetHeight=353&widgetX=165&widgetY=4788&wRV=2000617&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=973&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Fri, 04 Mar 2022 15:32:55 GMT
content-encoding: gzip
X-TraceId: 7e7436eb64da2bd1906354c2c241faa2
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 181ms
90ms Fetch
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=d6f151729d42955195b37d9f31827fa4_1436_1646407975521&tm=2329&eT=0&widgetWidth=938&widgetHeight=400&widgetX=165&widgetY=5161&wRV=2000617&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=973&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Fri, 04 Mar 2022 15:32:56 GMT
content-encoding: gzip
X-TraceId: e903a7a2142488f19c6a7a9fb3cee966
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 190ms
96ms Fetch
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=3fa87646f728348ea86294b3f681eefe_1436_1646407975561&tm=2330&eT=0&widgetWidth=938&widgetHeight=353&widgetX=165&widgetY=5581&wRV=2000617&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=973&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Fri, 04 Mar 2022 15:32:56 GMT
content-encoding: gzip
X-TraceId: 6a6344e047c7a2c8c1d84bd05793e270
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 271ms
91ms Fetch
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=e7d8ae9a0b5a9073ad772e7a13021b2d_1436_1646407975753&tm=2330&eT=0&widgetWidth=938&widgetHeight=421&widgetX=165&widgetY=5954&wRV=2000617&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=973&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Fri, 04 Mar 2022 15:32:56 GMT
content-encoding: gzip
X-TraceId: f53caef4df560be28145ce37ad4f9652
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 285ms
95ms Fetch
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=97d7d5de0b41495fa6b8e47714abb744_1436_1646407975800&tm=2330&eT=0&widgetWidth=938&widgetHeight=353&widgetX=165&widgetY=6395&wRV=2000617&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=973&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Fri, 04 Mar 2022 15:32:56 GMT
content-encoding: gzip
X-TraceId: 468ebfd061472651b3e4e36180e12b00
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6IjhhNTNiNzViMTVlMmI2ZDAxYTk0MTQ2Nzk4MGQ1Yzk4NjMyZmFkNjJiMDljZmMwMmFlODliMTk5M2Y4N2RlODYiLCJ3IjoxNDUsImgiOjQwLCJkIjoyLjAsImNzIjowLCJmIjoyfQ.png
images.outbrainimg.com/transform/v3/ 10 KB
11 KB 19ms
19ms Image
image/png 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhhNTNiNzViMTVlMmI2ZDAxYTk0MTQ2Nzk4MGQ1Yzk4NjMyZmFkNjJiMDljZmMwMmFlODliMTk5M2Y4N2RlODYiLCJ3IjoxNDUsImgiOjQwLCJkIjoyLjAsImNzIjowLCJmIjoyfQ.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2141c6a10b876436eb2be9d078c4e7fa90944397a416e9d6191168307dcb89c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:55 GMT
cache-control: max-age=1940036
last-modified: Fri, 09 Apr 2021 17:38:14 GMT
x-traceid: b5754d7afd181e6e887bc653eec4204d
timing-allow-origin: *
content-length: 10735
content-type: image/png

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame AB95 8 KB
4 KB 15ms
15ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3758893&cmp=174157&sid=18330&plc=6273193&num=&adid=&advid=&adsrv=29&btreg=6273193&btadsrv=flashtalking&crt=3300636&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&234661274
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/627/6273193/3300636/js/j-6273193-3300636.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 0069c4e8f50de07f23bd6f728799056532afe37d36be546fc40dbf2cf1095150

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Mar 2022 11:07:37 GMT
Server: Microsoft-IIS/10.0
ETag: "80224e4ee2ed81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3291

GET
H2 200 durly.js Show response
c.evidon.com/ Frame AB95 4 KB
2 KB 25ms
7ms Script
application/x-javascript 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/durly.js?;coid=6250;nid=156277;ad_w=300;ad_h=600;check_container=true;&862644351
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/627/6273193/3300636/js/j-6273193-3300636.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c7bf4752dbdffa34676c24001c158ccec95d09708252c7ea385f0aa00b263c33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:55 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 17:51:55 GMT
server: AkamaiNetStorage
etag: "f1438f07da47f1927ec8f4abb86d21b9:1642701115.070549"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1605

GET
H/1.1 200
OK ftpagefold_v4.7.2.js Show response
cdn.flashtalking.com/pageFold/ Frame AB95 16 KB
5 KB 10ms
10ms Script
application/javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/627/6273193/3300636/js/j-6273193-3300636.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: d4cca151da580d8c4eff92b9f0075f84d436ce2408ca54179bda81f07fdca867

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Jan 2021 15:22:24 GMT
Server: Flashtalking (AKA)
ETag: W/"7d51eab9e0281fbc7a42c8c379a64900"
Vary: Accept-Encoding
X-Varnish: 410401180 407543901
Cache-Control: max-age=78760
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 5119
Expires: Sat, 05 Mar 2022 13:25:35 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame AB95 0
338 B 105ms
28ms Image
text/plain 99.80.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=uoj57punt&campaignid=27143449&advertiserid=9642282&placementid=326509078&adid=518698891&creativeid=164981903&siteid=5775970&431841701
Requested by: Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.96.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-96-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:56 GMT
cache-control: private, no-cache, no-store
x-request-time: D=42 t=1646407976
x-served-by: beacon-n001-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

impression_pixel
t.myvisualiq.net/ul_cb/ Frame AB95
Redirect Chain

https://t.myvisualiq.net/impression_pixel?r=236057000&et=i&ago=212&ao=842&aca=27143449&si=5775970&ci=164981903&pi=326509078&ad=518698891&advt=9642282&chnl=-28&vndr=1316&sz=10262&u=~-~DBM_1637720510...
https://t.myvisualiq.net/ul_cb/impression_pixel?r=236057000&et=i&ago=212&ao=842&aca=27143449&si=5775970&ci=164981903&pi=326509078&ad=518698891&advt=9642282&chnl=-28&vndr=1316&sz=10262&u=~-~DBM_1637...

43 B
573 B

9ms
8ms

Image
image/gif

18.185.143.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/ul_cb/impression_pixel?r=236057000&et=i&ago=212&ao=842&aca=27143449&si=5775970&ci=164981903&pi=326509078&ad=518698891&advt=9642282&chnl=-28&vndr=1316&sz=10262&u=~-~DBM_16377205109_403912167_ABAjH0hJG6NnKBcjoNNZmR1Tshbx~-~|174157_23802752_3300636&pt=i
Requested by: Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 18.185.143.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-143-172.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Fri, 04 Mar 2022 15:32:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://t.myvisualiq.net/ul_cb/impression_pixel?r=236057000&et=i&ago=212&ao=842&aca=27143449&si=5775970&ci=164981903&pi=326509078&ad=518698891&advt=9642282&chnl=-28&vndr=1316&sz=10262&u=~-~DBM_16377205109_403912167_ABAjH0hJG6NnKBcjoNNZmR1Tshbx~-~|174157_23802752_3300636&pt=i
Date: Fri, 04 Mar 2022 15:32:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3 200 B27143449.326509078;dc_trk_aid=518698891;dc_trk_cid=164981903;kw=~-~DBM_16377205109_403912167~-~;u=~-~DBM_16377205109_403912167_ABAjH0hJG6NnKBcjoNNZmR1Tshbx~-~;ord=1646407975;dc_dbm_token=AD1EzRQAA...
ad.doubleclick.net/ddm/trackimp/N1153793.3349700DISPLAYVIDEO360/ Frame AB95 42 B
63 B 46ms
30ms Image
image/gif 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1153793.3349700DISPLAYVIDEO360/B27143449.326509078;dc_trk_aid=518698891;dc_trk_cid=164981903;kw=~-~DBM_16377205109_403912167~-~;u=~-~DBM_16377205109_403912167_ABAjH0hJG6NnKBcjoNNZmR1Tshbx~-~;ord=1646407975;dc_dbm_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI9aKhgT2oAr-3xvkCsALu9L0MQAHSAioYASITCKuvjdTjrPYCFSqI_QcdL2YO5SgBMAE42O3xoeQPQAJIAViZgSAQ5-vMwAHf7wBcc1NutE6xfy8fRyU6;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&832639414

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EDF7 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Mar 2022 15:32:53 GMT
expires: Sat, 04 Mar 2023 15:32:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK /
servedby.flashtalking.com/state/6273193;3300636;23802752;271;875E4A3A-A054-579B-0BF7-A299C3AB020A/ Frame AB95 42 B
420 B 22ms
21ms Image
image/gif 209.197.3.19
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/state/6273193;3300636;23802752;271;875E4A3A-A054-579B-0BF7-A299C3AB020A/?cachebuster=726988528
Requested by: Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app12.lhr11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:55 GMT
Server: prod-xre-app12.lhr11
X-HW: 1646407975.dop216.lo4.t,1646407975.cds239.lo4.shn,1646407975.dop216.lo4.t,1646407975.cds003.lo4.sc,1646407975.cds003.lo4.p
Content-Type: image/gif
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame AB95 1 B
377 B 68ms
8ms Image
text/plain 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?218709980-6273193;3300636;23802752-304-0-5176946DE8F50A-951456973
Requested by: Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:56 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Fri, 04 Mar 2022 15:32:56 GMT

GET
H/1.1 200
OK dv-measurements2324.js Show response
cdn.doubleverify.com/ Frame E720 507 KB
94 KB 17ms
17ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2324.js
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5edea351ddb007fa060f3f28a672ed5b46fe0e4736597e172587f6a2c08ea6af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Mar 2022 09:57:27 GMT
Server: Microsoft-IIS/10.0
ETag: "801da916e52ed81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95783

GET
H2 200 ba.js Show response
c.evidon.com/geo/ Frame AB95 41 KB
12 KB 7ms
7ms Script
application/x-javascript 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/ba.js?r220120
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=6250;nid=156277;ad_w=300;ad_h=600;check_container=true;&862644351
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a28b9871dc80175bbb6cbaadf100abc925d5e106f0254c8f8a13d34141d90bfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:56 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 17:51:35 GMT
server: AkamaiNetStorage
etag: "1e1cf06df2b98e267c5e511e819fb810:1642701095.049463"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 12426

GET
H2 200 4.gif
c.evidon.com/a/ Frame AB95 43 B
335 B 8ms
8ms Image
image/gif 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/a/4.gif
Requested by: Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:56 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2010 17:07:29 GMT
server: AkamaiNetStorage
etag: "65786c291a4603aa5150a1884452838d:1271351254"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/gif
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 53

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FC2B 499 B
336 B 19ms
18ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEYxM-iwwEwAQ&v=APEucNWRSWCaUF0WfgmZsSb45hpesdD-1xbsd4nBsKjvErxH13d6s15S4RcwfwxH05X-BD-WYBwa3pYiqwB2QT4WkvmfLqZ-0h8Y36J5t5NJ5MJ67zjWniw5acjsUC53Kfi4Jr9YgrESklmzlLrpAz4OnXMYqxg_TAS2QF3JLx4ZJQtHGYmkeRw

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 04 Mar 2022 15:32:56 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Mar 2022 15:32:56 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EDF7 75 KB
32 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BinjbuN-CvF4DZLJG4VvpITaeXNvSyd5cjyI1-SqoF3P42CU7mKtAaWOuGczQ5VKjPW1GIuXJdw28jHjAFURGqTYqM5Q4jAK0yl6xSkdLMF1g9vIx7NT-HxLaD6qOWJna5n4kta_ZL2xngQTFm-10kTJ3da9JoGz8L3zs6EnlcWdRRU9k&cry=1&dbm_d=AKAmf-BmYl8rGy5Yl4A40ktUHTinMVlN3aAy5FIC3pA9NbgMsP8eBlHpbhl2rhybu_Wy6k2xtwptpBvQaNgBXPD7syRaBYWLuRY3RtxybNciA5YOlZVrR9KB4__ssxk4KhWFDOGTMKM4yxvZXwFmUP32DuYYcfb12F2K1xsfDC8i_c72_n5AlR5RlG4ua4whY92DpD6ahAuTO_cbtKwuBgZ3c6_FxHZYaNyvLN1r5y4_eZMwVCGiacSCsQF3Sb5V3AAFZcv5Ca8lZG8eZc3WcDQAwc6wuvMgTw344iex0H1NFwwvZz51zbYHrOZY8nsdfD1cbzGT94lI7Vc3vIJc0D_heCNcawTlcaJnAyOXHXAIx4uXMmKT5JEIbDqBo8tTmh0_IjeOvbCbH10gl6gKGfBe7JSPmhkxO8yX0R_PCpJGbwPERLG9vdkYERCFq-LNSLiZBqMik96V-iP6IOZ22yWeWHnI88rr9BnBaEA6UOzVD8f4jVRK53WhXmPMO5p354VYsjiO-1-wUQkjxTmAH3rScABQqVGbbN0xWc1317xSExyH-XKOggp1qhjjiWpT0FYo72o6vEhhEbf1l0Iv6BSbAKoeWr9Fybe8XF1ZyNZLeRj-5AdPaPejQJxCyT-qyzkQ63f_ctsiAEfZlBTNMf44r_EYK7eFd9AO5jn3daFezI4u0rhyGWZbsee2fCbICExjPFrw5V-ttnLdWiJtOlo_Q7rbW-fMTP6Ww-PyS4MlstbXSuG3F7XrMD34xSRHwY3e6HYqFORDoRdqVLo65t41eQlTIMyQ4yBWNPLVxhm2z7-fpTIj5XhBC7G_O3DiRma8KN3TwrVeHDozRRP9t7AVRCLoIuac5jVx55P_FqlB_GMgiF6jgp35uTejNilsaGGlJ5KXI49eBGa-keKrBe7tpELg-0Unyyxh5YOK_nqWH1q79PE7PIuSRlg3pDdWy4_SyZE6rS4pIfizwSyPkmTV_8WXjOq2bNRWjHywoohqFiYQr4Ju_X6J0LCfkGFIroCx53T7LzTAtfItvNHgKZG-vbt7Qz9LgvfJ91FP06M7JkbgT_MyGSTRrSvq4tSO0JDEOOGDecVyb71j2xsgvW51Uu1LHXFdWOJ576WSyxJeLvwRsZPkUbEW9Rhyleev8svgrXaePXzMQtXOZ5BFyxd_mXNEA0QQOfyb3S9sDrcr0Mhfz6bbRYWTt4KNmYGGENsK0bU-VqsZ-_d7gKBXfLUhobzcORV5YrR_uUoh23d_8dpfkPEg2vBie_VUR96ueDNj48QrefbxOKCL885Ub-VqdSonMSkjD-ijpNwKLO-hJpmWM8pXG63l4VW-bv7oYz8twxq0fuiaM-AVkJsU49zzMCGcRjI5mpduanHemiXZ8JWbO2hXRZD_GyRuhlZI5Gmq0wLW_ulLyTA35mwrIlFaj0DHxycgfXo5WdL1Ah4fx77K4Os-vIvm36H9l_JyekA6-eGAq4jf4KZXE5aijrweOxo3BOO3G6SirDo5dLv3sI-MMv2QMv7S3Agc5wtIScTQl5d6qLugv7h0nJyLPR4PYBaz6zyIZcvKWMJDZk5GwxuvILay7OF5zjqLE4hxKtFOAg7g-TMnLNv1IwrqKErhAlgyJvYboQYaxzJjXC6sdLI_bL8NzcVCKxC0dz6XqkyBP0Vb0Z-sR3gLMQ7wIQ9jilSG5kAchGexczQbHM7kjoc-LeNOKVFTxGj4fbK6dW1Dnm-guwa76w5EdzF5b9_ga04r-o6pZemUx2C7shTCzA1OI5jtTpOUYWbaqH_fRDE8uw5hzobrBU4RGlh4DG0zx843aqFUOdplTVEEpnxM-P_5PLUUj8cYgKdsDtIwknOkoczgGLKc2kfiupXQ0gHQ4ZmCYKhhRcB5lsj0BAhvfE8DprVWbjUBihX2NAZBPccr6YbNlCAnhq58-2VQtlo-Je4wNWuE1PXDUfbvDGiC_X6BKLkGeufskZYPyGdFPZlYw77TGh6lQ5tPJihBNaZefyJNHupuon9pWLAT85gYOuFpBNNKWWVZ5lpxZmSZBrFw5ItC7t9z5nyLpAFX9eKLvEfwumlUNDQ6reKmcJjpALbRDEMVIX2cYBPFXEOmKhcwV3Cxa8FAKth-W8LSaL-_iuSvWk12A0J7T-GC_JZvFDrmcPsiiryFz18vDdVOajNEVnfpC-4BbH2_KkMcsrR0cDGWiBh8xz3tpNZpEzzh1yXlP20nbT0VYr5saF_zkK6YVT8MsCzkuFyXCt0PSE5ZWrUc90SAZNbLcPvPFCvu9yRmQ1lAOQoRgqGx5rOUoTTMuSoM1iva_E5ZNOWhG3A71Y2jUwfAdyizicR6_HN-5K71JjHp28CO6HTUSkjknx72Agq92PasoXCao0cKvUufhSaAWKHjKBKH1QM_f2WWor6UEBtFhTOx9PFP-oWB0U61E5nWexu2PQEV5K8zKqrHiY2IKDFqjLJoBuOBAFkLDWl0o6fc40Lhe-xK_GzszR-a8LylV648t5xmM4JIyE_8BdP03NShFxQkFPKVNTa1-07AohAk-Um98ZylSMY51cJ32NFZHVf28_0zI3AYdLvnZpt76vGKAgrND7HfECajms6voBsuNa3GvpVFsjiZzKqKhStd4kowI-kdwRSYlXswImkjkW5HyUIkT-q9-4zRvz0nCWLfwIrLEOG-lbdLMmfhXPo6kvLjenRG3QmDDRaQDm3POm4mv9QwiNEz87GIBWH8Sh36lagnRbQHsuibteTUsxCPBQfbhtyR0U2eJyUkKajS5MzDXp9l5KxldQE4pg3hE6ajQLsN6yOWrWgVPDemRyLZCoBBr5H1CXFVdq1OjlxtATT1t5JuM-kYHLitcSH52xne366HTtU-L-vgfT1GgV2moIRT9hyF9hf3fYVhCdJYARATZ95s_ytsi8bEawbhz4FICmSACgLTwLd4xMb0xPsVefcLlinLTJmKEcGD7rEszG0kQizyr_nJN4-bszVrc4ZjPlPLfMa9rpcYRdCEQFmfgk8dAPwTCwBvgXSNLzrVXxNwwk0x5G6w61vN3dlnhM-R1LSYewirIDsHoQfoAjweL2mPnZRfZUEr71XxUrKIDiB-2wFtaAgbjENYMP5VadZcq5Wtcwx8CiyyUttClmg1dNkECSetaKxh2w_WLulJkCJYlTu8AV67XNoUoUUlXC4zYOuiBbs2V16vodsK-UbqDdg-NF21RE2YDPYQ1EX4Du715gI-snSa0xBI4fT0_RNHAWGULMmUeAFFVp3nLpb5YZe5Sr-iraEKzI-d7qOD6C8OTdnGruLo-PkpXtXoUZ96D6o_77GGp7swxdr5dFdpfVXCWxy3G6ewTNMC_pqj1cxWgG3bkZVVNAMJrN9elZUJh9IFghGaKWytPN19TjXR9QAW_Ez4UZ5ioWjPDwAEgjeqMYYtqJ3qcDvP-GuJEJ54mBCoyLgadAJdfGz7eP3fIk7Pitsk2UfxBgTDKvirTPkFQIV3ZwXXqyGucuscv4GDg7sauMpFow6r1_lXawlNxbrGC1qJ7RF8SsUKbB010QlS2K8LS5pxjSJFTdUoPMXMEn7ddlXZceqy6qrlqojveGXrMDn3shiKTFGo1Gws4YnXCgkVSUyoVf8ktHvd4Cnt12GPkf2xsBW8Jg_k5JCo2fBO&cid=CAASJ-RozVU38wS5hALdS6rKaA8bMtU765E9sXqAL1uoEqhBW5MzifL8kA&rfl=1%2Chttps%253A%252F%252Fwww.fox19.com%252F%240

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c91b59635f79a10b1f383ac63524d5c58e554a1e755f6d356f602617b8b6d38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32625
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EDF7 42 B
65 B 39ms
39ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AT3sL8VFHhjgK0MipwVKEY6yIdHXF21-yihaWb_Plx6kSzVzLaBUFkLAEniwI8-uo5wPV3GSffkbfU5Pmkg31gN3pKOULnvgDFPYUjOv9hroT3JSs

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame EDF7 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:31:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EDF7 124 KB
38 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 15:32:56 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame EDF7 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:32:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EDF7 0
0 15ms
14ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmyuRV3V4xAN77x3xkLgK-sOWzUNjg8Qw4iesG74Em8E585SknJcDmRoobgNPfbPDATaIMznoAa9nETQKNPSpYcvlk5g
Requested by: Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 e.js Show response
c.evidon.com/a/ Frame AB95 6 KB
2 KB 8ms
8ms Script
application/x-javascript 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/a/e.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220120
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6599efc9733b1cc77e86041522e867b57d40e5865c799bcc16f9ebad194bddd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:56 GMT
content-encoding: gzip
last-modified: Tue, 18 Oct 2016 17:40:59 GMT
server: AkamaiNetStorage
etag: "ef75514192b58c83b25afc1276afc691:1476812459"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1825

GET
H2 200 156277.js Show response
c.evidon.com/a/n/6250/ Frame AB95 1 KB
746 B 8ms
8ms Script
application/x-javascript 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/a/n/6250/156277.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220120
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a009f90bfa2d1d172769b3135166963b3b6e6750dbfb5d67e7b0c26c250be3d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:56 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 19:37:54 GMT
server: AkamaiNetStorage
etag: "b3622582548410b0f37395452257a30e:1644262674.496298"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=600
accept-ranges: bytes
access-control-allow-headers: *
content-length: 449

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame FC2B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAzy6NccuBqK936ttTnyDRk&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAzy6NccuBqK936ttTnyDRk&google_cver=1&__user_check__=1&sync_id=5d3b327e-9bd0-11ec-ae76-14bc9e680206

43 B
548 B

18ms
17ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAzy6NccuBqK936ttTnyDRk&google_cver=1&__user_check__=1&sync_id=5d3b327e-9bd0-11ec-ae76-14bc9e680206
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEYxM-iwwEwAQ&v=APEucNWRSWCaUF0WfgmZsSb45hpesdD-1xbsd4nBsKjvErxH13d6s15S4RcwfwxH05X-BD-WYBwa3pYiqwB2QT4WkvmfLqZ-0h8Y36J5t5NJ5MJ67zjWniw5acjsUC53Kfi4Jr9YgrESklmzlLrpAz4OnXMYqxg_TAS2QF3JLx4ZJQtHGYmkeRw
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 68
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESEAzy6NccuBqK936ttTnyDRk&google_cver=1&__user_check__=1&sync_id=5d3b327e-9bd0-11ec-ae76-14bc9e680206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 41
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC2B
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NWQzOGVhYTYtOWJkMC0xMWVjLTgxZDUtMTYyNjE1MGMwNTA2

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NWQzOGVhYTYtOWJkMC0xMWVjLTgxZDUtMTYyNjE1MGMwNTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEYxM-iwwEwAQ&v=APEucNWRSWCaUF0WfgmZsSb45hpesdD-1xbsd4nBsKjvErxH13d6s15S4RcwfwxH05X-BD-WYBwa3pYiqwB2QT4WkvmfLqZ-0h8Y36J5t5NJ5MJ67zjWniw5acjsUC53Kfi4Jr9YgrESklmzlLrpAz4OnXMYqxg_TAS2QF3JLx4ZJQtHGYmkeRw

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NWQzOGVhYTYtOWJkMC0xMWVjLTgxZDUtMTYyNjE1MGMwNTA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 141
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame FC2B 0
194 B 35ms
7ms Image
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:56 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame E720 2 KB
1 KB 133ms
11ms Script
text/javascript 213.254.244.108
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=58&ttfrms=23&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D7%40I%60h%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D7%40I%60h%5D4%40%3ETar9EEADTbpTauTauf7h4_46h%6053a772baeb35a2b257b6_g4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D7%40I%60h%5D4%40%3ETaua_a_Tau_dTau%60dTau333%5CH2C%3FD%5CD42%3E%5CE2C86E%3A%3F8%5CA6%40A%3D6%5CH%3AE9%5CC%40%3CF%5C56G%3A46DTau&srcurlD=0&aUrlD=-1&ssl=https:&dfs=399&ddur=18&uid=1646407976063169&jsCallback=dvCallback_1646407976063872&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2324&tgjsver=2324&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=8&brh=2&sdf=2&dvp_epl=374&noc=4&ctx=3758893&cmp=174157&sid=18330&plc=6273193&crt=3300636&btreg=6273193&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=31954741420.026585&dvp_tukv=159549014910.92645&dvp_uuid=38902817899.52202&dvp_strhd=0.2999992370605469&dvpx_strhd=0.2999992370605469&dvp_tuid=210322762077
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2324.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.108 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: dc57c29e27c99776495430eb5ef3945daff99a9d4bf3d6cff4ceb72e7242dbfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:56 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 03/03/2022 15:32:56

GET
H3 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame EDF7 169 KB
59 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
Origin: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 17:15:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Mar 2022 17:15:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/elements/html/ Frame EDF7 8 KB
3 KB 7ms
6ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BinjbuN-CvF4DZLJG4VvpITaeXNvSyd5cjyI1-SqoF3P42CU7mKtAaWOuGczQ5VKjPW1GIuXJdw28jHjAFURGqTYqM5Q4jAK0yl6xSkdLMF1g9vIx7NT-HxLaD6qOWJna5n4kta_ZL2xngQTFm-10kTJ3da9JoGz8L3zs6EnlcWdRRU9k&cry=1&dbm_d=AKAmf-BmYl8rGy5Yl4A40ktUHTinMVlN3aAy5FIC3pA9NbgMsP8eBlHpbhl2rhybu_Wy6k2xtwptpBvQaNgBXPD7syRaBYWLuRY3RtxybNciA5YOlZVrR9KB4__ssxk4KhWFDOGTMKM4yxvZXwFmUP32DuYYcfb12F2K1xsfDC8i_c72_n5AlR5RlG4ua4whY92DpD6ahAuTO_cbtKwuBgZ3c6_FxHZYaNyvLN1r5y4_eZMwVCGiacSCsQF3Sb5V3AAFZcv5Ca8lZG8eZc3WcDQAwc6wuvMgTw344iex0H1NFwwvZz51zbYHrOZY8nsdfD1cbzGT94lI7Vc3vIJc0D_heCNcawTlcaJnAyOXHXAIx4uXMmKT5JEIbDqBo8tTmh0_IjeOvbCbH10gl6gKGfBe7JSPmhkxO8yX0R_PCpJGbwPERLG9vdkYERCFq-LNSLiZBqMik96V-iP6IOZ22yWeWHnI88rr9BnBaEA6UOzVD8f4jVRK53WhXmPMO5p354VYsjiO-1-wUQkjxTmAH3rScABQqVGbbN0xWc1317xSExyH-XKOggp1qhjjiWpT0FYo72o6vEhhEbf1l0Iv6BSbAKoeWr9Fybe8XF1ZyNZLeRj-5AdPaPejQJxCyT-qyzkQ63f_ctsiAEfZlBTNMf44r_EYK7eFd9AO5jn3daFezI4u0rhyGWZbsee2fCbICExjPFrw5V-ttnLdWiJtOlo_Q7rbW-fMTP6Ww-PyS4MlstbXSuG3F7XrMD34xSRHwY3e6HYqFORDoRdqVLo65t41eQlTIMyQ4yBWNPLVxhm2z7-fpTIj5XhBC7G_O3DiRma8KN3TwrVeHDozRRP9t7AVRCLoIuac5jVx55P_FqlB_GMgiF6jgp35uTejNilsaGGlJ5KXI49eBGa-keKrBe7tpELg-0Unyyxh5YOK_nqWH1q79PE7PIuSRlg3pDdWy4_SyZE6rS4pIfizwSyPkmTV_8WXjOq2bNRWjHywoohqFiYQr4Ju_X6J0LCfkGFIroCx53T7LzTAtfItvNHgKZG-vbt7Qz9LgvfJ91FP06M7JkbgT_MyGSTRrSvq4tSO0JDEOOGDecVyb71j2xsgvW51Uu1LHXFdWOJ576WSyxJeLvwRsZPkUbEW9Rhyleev8svgrXaePXzMQtXOZ5BFyxd_mXNEA0QQOfyb3S9sDrcr0Mhfz6bbRYWTt4KNmYGGENsK0bU-VqsZ-_d7gKBXfLUhobzcORV5YrR_uUoh23d_8dpfkPEg2vBie_VUR96ueDNj48QrefbxOKCL885Ub-VqdSonMSkjD-ijpNwKLO-hJpmWM8pXG63l4VW-bv7oYz8twxq0fuiaM-AVkJsU49zzMCGcRjI5mpduanHemiXZ8JWbO2hXRZD_GyRuhlZI5Gmq0wLW_ulLyTA35mwrIlFaj0DHxycgfXo5WdL1Ah4fx77K4Os-vIvm36H9l_JyekA6-eGAq4jf4KZXE5aijrweOxo3BOO3G6SirDo5dLv3sI-MMv2QMv7S3Agc5wtIScTQl5d6qLugv7h0nJyLPR4PYBaz6zyIZcvKWMJDZk5GwxuvILay7OF5zjqLE4hxKtFOAg7g-TMnLNv1IwrqKErhAlgyJvYboQYaxzJjXC6sdLI_bL8NzcVCKxC0dz6XqkyBP0Vb0Z-sR3gLMQ7wIQ9jilSG5kAchGexczQbHM7kjoc-LeNOKVFTxGj4fbK6dW1Dnm-guwa76w5EdzF5b9_ga04r-o6pZemUx2C7shTCzA1OI5jtTpOUYWbaqH_fRDE8uw5hzobrBU4RGlh4DG0zx843aqFUOdplTVEEpnxM-P_5PLUUj8cYgKdsDtIwknOkoczgGLKc2kfiupXQ0gHQ4ZmCYKhhRcB5lsj0BAhvfE8DprVWbjUBihX2NAZBPccr6YbNlCAnhq58-2VQtlo-Je4wNWuE1PXDUfbvDGiC_X6BKLkGeufskZYPyGdFPZlYw77TGh6lQ5tPJihBNaZefyJNHupuon9pWLAT85gYOuFpBNNKWWVZ5lpxZmSZBrFw5ItC7t9z5nyLpAFX9eKLvEfwumlUNDQ6reKmcJjpALbRDEMVIX2cYBPFXEOmKhcwV3Cxa8FAKth-W8LSaL-_iuSvWk12A0J7T-GC_JZvFDrmcPsiiryFz18vDdVOajNEVnfpC-4BbH2_KkMcsrR0cDGWiBh8xz3tpNZpEzzh1yXlP20nbT0VYr5saF_zkK6YVT8MsCzkuFyXCt0PSE5ZWrUc90SAZNbLcPvPFCvu9yRmQ1lAOQoRgqGx5rOUoTTMuSoM1iva_E5ZNOWhG3A71Y2jUwfAdyizicR6_HN-5K71JjHp28CO6HTUSkjknx72Agq92PasoXCao0cKvUufhSaAWKHjKBKH1QM_f2WWor6UEBtFhTOx9PFP-oWB0U61E5nWexu2PQEV5K8zKqrHiY2IKDFqjLJoBuOBAFkLDWl0o6fc40Lhe-xK_GzszR-a8LylV648t5xmM4JIyE_8BdP03NShFxQkFPKVNTa1-07AohAk-Um98ZylSMY51cJ32NFZHVf28_0zI3AYdLvnZpt76vGKAgrND7HfECajms6voBsuNa3GvpVFsjiZzKqKhStd4kowI-kdwRSYlXswImkjkW5HyUIkT-q9-4zRvz0nCWLfwIrLEOG-lbdLMmfhXPo6kvLjenRG3QmDDRaQDm3POm4mv9QwiNEz87GIBWH8Sh36lagnRbQHsuibteTUsxCPBQfbhtyR0U2eJyUkKajS5MzDXp9l5KxldQE4pg3hE6ajQLsN6yOWrWgVPDemRyLZCoBBr5H1CXFVdq1OjlxtATT1t5JuM-kYHLitcSH52xne366HTtU-L-vgfT1GgV2moIRT9hyF9hf3fYVhCdJYARATZ95s_ytsi8bEawbhz4FICmSACgLTwLd4xMb0xPsVefcLlinLTJmKEcGD7rEszG0kQizyr_nJN4-bszVrc4ZjPlPLfMa9rpcYRdCEQFmfgk8dAPwTCwBvgXSNLzrVXxNwwk0x5G6w61vN3dlnhM-R1LSYewirIDsHoQfoAjweL2mPnZRfZUEr71XxUrKIDiB-2wFtaAgbjENYMP5VadZcq5Wtcwx8CiyyUttClmg1dNkECSetaKxh2w_WLulJkCJYlTu8AV67XNoUoUUlXC4zYOuiBbs2V16vodsK-UbqDdg-NF21RE2YDPYQ1EX4Du715gI-snSa0xBI4fT0_RNHAWGULMmUeAFFVp3nLpb5YZe5Sr-iraEKzI-d7qOD6C8OTdnGruLo-PkpXtXoUZ96D6o_77GGp7swxdr5dFdpfVXCWxy3G6ewTNMC_pqj1cxWgG3bkZVVNAMJrN9elZUJh9IFghGaKWytPN19TjXR9QAW_Ez4UZ5ioWjPDwAEgjeqMYYtqJ3qcDvP-GuJEJ54mBCoyLgadAJdfGz7eP3fIk7Pitsk2UfxBgTDKvirTPkFQIV3ZwXXqyGucuscv4GDg7sauMpFow6r1_lXawlNxbrGC1qJ7RF8SsUKbB010QlS2K8LS5pxjSJFTdUoPMXMEn7ddlXZceqy6qrlqojveGXrMDn3shiKTFGo1Gws4YnXCgkVSUyoVf8ktHvd4Cnt12GPkf2xsBW8Jg_k5JCo2fBO&cid=CAASJ-RozVU38wS5hALdS6rKaA8bMtU765E9sXqAL1uoEqhBW5MzifL8kA&rfl=1%2Chttps%253A%252F%252Fwww.fox19.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:29:33 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/ Frame EDF7 25 KB
9 KB 6ms
6ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

5421be34bc9ac3564a6daa35c769d13876e5fa7c4a5ed4892e9e8c65d31c1e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9662
x-xss-protection: 0
server: cafe
etag: 2172778821077356944
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:31:33 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame EDF7 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Mar 2023 12:47:41 GMT

GET
DATA 200
OK truncated
/ Frame EDF7 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65d2ed0e57665b991b91e0e3d404da772afdf5762660666980a58997ce6b7d46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2822 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Mar 2022 12:47:41 GMT
expires: Sat, 04 Mar 2023 12:47:41 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 9915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11475707399726046606/ Frame C197 123 KB
25 KB 16ms
15ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11475707399726046606/index.html?e=69&leftOffset=0&topOffset=0&c=hvI7DbRtl6&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8fbc8557204270cef240073623ca7581c5ac5663313d4b7f91ac99fd7a9c710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Fri, 04 Mar 2022 15:32:56 GMT
expires: Sat, 04 Mar 2023 15:32:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Jun 2021 10:59:21 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame EDF7 0
24 B 53ms
53ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuX9E7u2b8NEwITNjDRtNA8Whs3r9DYjZ7EuwyrwVPDVqTrIlvpZiJZUavc6JHNc8yBhWRbz7bmA59LzTAOZ2KVXsdWZB6Mk50jxk48OI1NRjtt_ksU9HVLWy8KzjDFa7to7O43iVEid6HqFIfNqrB2KQ7s3ss-XccCu9OAfQzP919e-fmRXLKQlBhghwsCqFBoW9GF3oKzCaJ18vTRnZPuQimfSqGE77bF9b32iYYEK45O0riDOCvI3OBCrxZ6osKMMwyEXLJH_JPx291yD85YbDw9kp3dtIcePiqTbeqZvcpDkATGdr5Lkk_hWaX4lQzhPOY0vpdGftA46CMs7O8SRYrR8sLs_VSQ_y5bEhJq0EEjon5VBngH8wgAgl79D3vE453vHDbgCXh_c662obQjBMhNmCGjlzDt-1OErOZuddjpPrqTOOYVkwc_6K2kMB7b8B82RzfIKbPsqrI4pnfPziPOTvFy4vOXF0T-0osgblMioIioQ3D4PadOdMKqOszVilK1bxpKtCVo-ucnRgWYh93R0Gosh2H0POt36zTuGW0EYuEYptsgi5KoPPugwZi_8TrsdaGOMoyCjSyi5T-PHYrbRMOGiuhF4zZ71Xg0wu1YsNXXJJTUlUP1Jhw0lD8c0R9lrKhudjNTi0bjyUPKwe02qsZ4u6i-hum6cmCbyfsuSRO7KYL5rkzhlPgkihoZDk94LDLBxTIcIDgAm5dLnOgOSZSTjcpX3DHwVQ5DSwaFUuhwUszTtyh_nogyJLGE63Dj-T1K56vSDyZY8eAXlNh-YnkuuGQsT2jTlOYxRNL-u14ALnS0H9IEdlTphRmB4IP5F6k8PWQq9oyqnxWJFlcbMnV3GhHB3B_mE66LYsdJo59OsFqPLF-P-4lbdjJxCrodcxA0XtXZY2epbgUDbjEweu5kELt3Xfrw9NjCMM1tiWjrJX_QoKsvRteqnRUEZ21IdTG0YsZzQNMKVzkKyfJHY3wsH3LjEzT50mlJYLQ-Xu-tR8fgIHmGteN6Eky7HHx8iUs7i-pQCJoKVOnDc--GYrCXmRdU8-DHpjSGphH2EirCpZwxUtXPXZa0rPEnK1SA8nwJxDnowoRzA3zxZt60hYbQhU1Y0zpLS-DaFfOTZpqfaOY_vUOC55Nyyzm3f4hzXqoVlVFfSt0tjadp1kNH6wMTqA6vvs8DfcJ-xMa_PVmv_DHwyJaszZ6oQoM&sai=AMfl-YSqIJCIN1B1vFPyL73R-HL7FVDnxujUrZ4LHiI0glOFKhGE_1GAt4rX3PduGjW5FX4yqF1-7FpsN8dbp6goeEpWFcZTz9OVl8NRG70M23RbPKg6104ppOu7oZ7wEMmNPO9RAZqg_RSqxWiUgvQVw0qRiKfP9FBLYRdOS19qXcqvtyI9zbcl7tGgidCQB7gKRuJYVPBNNSBzG0p_igPMXUA5vhtDUVk&sig=Cg0ArKJSzMQkPDyucAIVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=45&cbvp=1&cstd=40&cisv=r20220302.06473&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 04 Mar 2022 15:32:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame C197 110 KB
38 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11475707399726046606/index.html?e=69&leftOffset=0&topOffset=0&c=hvI7DbRtl6&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11475707399726046606/index.html?e=69&leftOffset=0&topOffset=0&c=hvI7DbRtl6&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:15:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Mar 2022 15:15:32 GMT

GET
H3 200 wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js Show response
pagead2.googlesyndication.com/bg/ Frame 2822 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

c299cd7441c413e1fe1d6906628f36bdc1142e35fb5907ce8fefa36213db2dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 21:00:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 153169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13712
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 21:00:07 GMT

GET
H3 200 CASans-Bold.woff2
s0.2mdn.net/sadbundle/11475707399726046606/ Frame C197 22 KB
22 KB 8ms
8ms Font
application/octet-stream 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11475707399726046606/CASans-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11475707399726046606/index.html?e=69&leftOffset=0&topOffset=0&c=hvI7DbRtl6&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

942eb33e5f9459667b4fcdb7ddfad2cea5180f44d5e1836782a539639cb740a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11475707399726046606/index.html?e=69&leftOffset=0&topOffset=0&c=hvI7DbRtl6&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 07:47:11 GMT
x-content-type-options: nosniff
age: 373545
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22700
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 10:59:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Feb 2023 07:47:11 GMT

GET
H3 200 CASans-Regular.woff2
s0.2mdn.net/sadbundle/11475707399726046606/ Frame C197 22 KB
22 KB 9ms
9ms Font
application/octet-stream 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11475707399726046606/CASans-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11475707399726046606/index.html?e=69&leftOffset=0&topOffset=0&c=hvI7DbRtl6&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

641527a5cf4838c96126427f0451507debed6fcabe8f01403e8ce00aa6975422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11475707399726046606/index.html?e=69&leftOffset=0&topOffset=0&c=hvI7DbRtl6&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 10:17:44 GMT
x-content-type-options: nosniff
age: 18912
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22424
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 10:59:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 10:17:44 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202072236000/ Frame 4FB5 220 KB
61 KB 40ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 298516
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61519
x-xss-protection: 0
server: sffe
date: Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "609f9f524fc23ab6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Mar 2023 04:37:40 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 4FB5 16 KB
6 KB 51ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 298516
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5708
x-xss-protection: 0
server: sffe
date: Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4c9170e21c83610c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Mar 2023 04:37:40 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 4FB5 96 KB
29 KB 51ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 298516
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29623
x-xss-protection: 0
server: sffe
date: Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f660f99fdfd5d6c6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Mar 2023 04:37:40 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 4FB5 5 KB
2 KB 55ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 298516
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1844
x-xss-protection: 0
server: sffe
date: Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0f41eb8e6d0a727"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Mar 2023 04:37:40 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 4FB5 42 KB
13 KB 55ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 298516
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13623
x-xss-protection: 0
server: sffe
date: Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14164defe327400f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Mar 2023 04:37:40 GMT

GET
DATA 200
OK truncated
/ Frame 4FB5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d4491c5794063de3d3a1044bd3c3cbf6747d34d48b10e4454122438b5714523

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 7591764179748689708
tpc.googlesyndication.com/simgad/ Frame 4FB5 15 KB
15 KB 9ms
8ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7591764179748689708?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlvVTKVrj9V-ReDKmS_g7JJHr4JZQ

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc1279ca75f43a22f2305d76b685e99c5dd06c45cdc34c4cca9a313c69f851e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 23:27:02 GMT
x-content-type-options: nosniff
age: 57954
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15226
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 14:25:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 Mar 2023 23:27:02 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4FB5 2 KB
2 KB 8ms
8ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 73988
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 04 Mar 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4FB5 295 B
319 B 7ms
6ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 35362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 05 Mar 2022 05:43:34 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4FB5 0
0 81ms
80ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CV1OTJzEiYsegOv-t9u8PlceTmAv5kobNaPPWh_7JD7Hd8MTLARABIPm_wyNglaKggrAHoAGF2pjZA8gBAqkCNT3aQAR3sj7gAgCoAwHIAwiqBKUCT9A70dbkujsL6uzOp7r0BSUxkVTrESud6RIk9y32KSGLXGf8Hpi_fwbtRhcKpRTMmku2umJiy0Ed-rrPXTpolBTe2BrVXjEb4KpltjvOXdkt9VAL-_MzXBQT24zC-UQP3dnyjo4NY28zGvMRHsScoZO-yJTvOdiYVSOuqzIpp5rB2ladbZ2FYLUAR6ktuMzR98gR2YFTOeT7TMynl1oSW2hohhMWgDoHeFK-2E4zGM33y8giyL1kw2JyQXINgmB4daLrnZIWVARURtl3CIWv2uZiukT7eZsgqb5iyqYWX0DcXmpqFaz9Sl6Iu4pLzb0kHm5t-VHzF9i6YFrTmR0QoVLVB1nb0V4BpuuuQ9qPcEqUa17PSIgzF7qbAIC9oEPSV4uupvvABNfx_r34A-AEAZIFBAgEGAGSBQQIBRgEoAYCgAey8pAoqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ9Z8H0ggJCIDhgBAQARgdgAoDyAsB2BML0BUBgBcBshceChwIABIUcHViLTA4ODMxMjY3MjU3NzMwMjYY2ZAd&sigh=fq_l6HEwa6E&uach_m=[UACH]&cid=CAQSLQCNIrLMg-4Y1Dvb3JeBfadVGjm7dnaESm6MWq4U8IJG_xGB3Zizfx9efotbNBgB
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E29A 42 B
64 B 47ms
44ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLe53waifQCG4KaEH_mK0Tt306DCJ7jYWVcq6XdtFWnLe9zJQLNmINEfgMXcqYuLXHiRRA16JRmVtNpF2LXjr8lnl8PKqE&sig=Cg0ArKJSzEU_n_NAHINkEAE&id=lidar2&mcvt=1026&p=0,0,90,728&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20220302&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=1362464665&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646407974531&rpt=680&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E29A 42 B
64 B 45ms
44ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZ3tsAGeWVh0Zi1W3ZC3VRNUvhXsHIk6Riy7qWQBAx_1FNPwuds7cAnrkvDvEo33Nyoe_rN9w2B9HyHrSY0Di5O66bYha6qogjAn14qdMkdd-N3GXyoQ&sai=AMfl-YQBdfTKl_-1cx6cw-nrMFYdVwkCKWir23OPH4bTsZWsYeByV5XcomaL9iOt7bZhTzmEGF7iE294s7xfBy8Xm03_xxPChWhOdZSnW7zHNZDE4JrTmSmnHDM5mqgHytqC&sig=Cg0ArKJSzG0wn0VPahvfEAE&cid=CAASKORooXj_j3OX8a_H8CvRsdfKi00YFTFa6h1PhMlEhQaAGBH5iLfe1LI&id=lidar2&mcvt=1028&p=1110,288,1204,1016&mtos=0,1028,1028,1028,1028&tos=0,1028,0,0,0&v=20220302&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=3700643700&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646407974531&rpt=677&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame EDF7 0
23 B 46ms
45ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuX9E7u2b8NEwITNjDRtNA8Whs3r9DYjZ7EuwyrwVPDVqTrIlvpZiJZUavc6JHNc8yBhWRbz7bmA59LzTAOZ2KVXsdWZB6Mk50jxk48OI1NRjtt_ksU9HVLWy8KzjDFa7to7O43iVEid6HqFIfNqrB2KQ7s3ss-XccCu9OAfQzP919e-fmRXLKQlBhghwsCqFBoW9GF3oKzCaJ18vTRnZPuQimfSqGE77bF9b32iYYEK45O0riDOCvI3OBCrxZ6osKMMwyEXLJH_JPx291yD85YbDw9kp3dtIcePiqTbeqZvcpDkATGdr5Lkk_hWaX4lQzhPOY0vpdGftA46CMs7O8SRYrR8sLs_VSQ_y5bEhJq0EEjon5VBngH8wgAgl79D3vE453vHDbgCXh_c662obQjBMhNmCGjlzDt-1OErOZuddjpPrqTOOYVkwc_6K2kMB7b8B82RzfIKbPsqrI4pnfPziPOTvFy4vOXF0T-0osgblMioIioQ3D4PadOdMKqOszVilK1bxpKtCVo-ucnRgWYh93R0Gosh2H0POt36zTuGW0EYuEYptsgi5KoPPugwZi_8TrsdaGOMoyCjSyi5T-PHYrbRMOGiuhF4zZ71Xg0wu1YsNXXJJTUlUP1Jhw0lD8c0R9lrKhudjNTi0bjyUPKwe02qsZ4u6i-hum6cmCbyfsuSRO7KYL5rkzhlPgkihoZDk94LDLBxTIcIDgAm5dLnOgOSZSTjcpX3DHwVQ5DSwaFUuhwUszTtyh_nogyJLGE63Dj-T1K56vSDyZY8eAXlNh-YnkuuGQsT2jTlOYxRNL-u14ALnS0H9IEdlTphRmB4IP5F6k8PWQq9oyqnxWJFlcbMnV3GhHB3B_mE66LYsdJo59OsFqPLF-P-4lbdjJxCrodcxA0XtXZY2epbgUDbjEweu5kELt3Xfrw9NjCMM1tiWjrJX_QoKsvRteqnRUEZ21IdTG0YsZzQNMKVzkKyfJHY3wsH3LjEzT50mlJYLQ-Xu-tR8fgIHmGteN6Eky7HHx8iUs7i-pQCJoKVOnDc--GYrCXmRdU8-DHpjSGphH2EirCpZwxUtXPXZa0rPEnK1SA8nwJxDnowoRzA3zxZt60hYbQhU1Y0zpLS-DaFfOTZpqfaOY_vUOC55Nyyzm3f4hzXqoVlVFfSt0tjadp1kNH6wMTqA6vvs8DfcJ-xMa_PVmv_DHwyJaszZ6oQoM&sai=AMfl-YSqIJCIN1B1vFPyL73R-HL7FVDnxujUrZ4LHiI0glOFKhGE_1GAt4rX3PduGjW5FX4yqF1-7FpsN8dbp6goeEpWFcZTz9OVl8NRG70M23RbPKg6104ppOu7oZ7wEMmNPO9RAZqg_RSqxWiUgvQVw0qRiKfP9FBLYRdOS19qXcqvtyI9zbcl7tGgidCQB7gKRuJYVPBNNSBzG0p_igPMXUA5vhtDUVk&sig=Cg0ArKJSzMQkPDyucAIVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=159&vt=11&dtpt=114&dett=3&cstd=40&cisv=r20220302.06473&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 15:32:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK index.html Show response
cdn.flashtalking.com/83842/3300636/ Frame D782 571 B
1 KB 14ms
13ms Document
text/html 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/83842/3300636/index.html
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/627/6273193/3300636/js/j-6273193-3300636.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: b5d425220afc085669880ac905242ceee9f534e2c36d7521b27905410511a7f3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
Last-Modified: Thu, 07 Jan 2021 21:19:39 GMT
Content-Type: text/html
ETag: W/"a5eab44a93c7c4326ac826feb00971ff"
X-Varnish: 873847028
Accept-Ranges: bytes
Content-Length: 571
Cache-Control: max-age=520
Expires: Fri, 04 Mar 2022 15:41:36 GMT
Date: Fri, 04 Mar 2022 15:32:56 GMT
Connection: keep-alive
Server: Flashtalking (AKA)

GET
H2 200 COMMON.css
c.evidon.com/a/ Frame AB95 2 KB
984 B 10ms
8ms Stylesheet
text/css 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/a/COMMON.css?r=0.40125635434434703
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220120
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:56 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2017 16:26:10 GMT
server: AkamaiNetStorage
etag: "c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: text/css
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 715

GET
H2 200 box_107_top-right.png
c.evidon.com/icon/ Frame AB95 159 B
461 B 9ms
8ms Image
image/png 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/icon/box_107_top-right.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f2df2303611fcbcfcdc00adadff13e59ed7d7c88f51fceb1c37095484742dedc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:56 GMT
content-encoding: gzip
last-modified: Wed, 06 Feb 2013 22:25:18 GMT
server: AkamaiNetStorage
etag: "b4a2557ad69c5359621fa4d5a65033cd:1360189518"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/png
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 177

GET
H2 200 c_30_de.png
c.evidon.com/icon/ Frame AB95 1008 B
1 KB 9ms
9ms Image
image/png 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/icon/c_30_de.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2d7861b5283e79ceb6ae9078f59c5046ecb082b59b6cc7dc070f95646aecb8ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:56 GMT
content-encoding: gzip
last-modified: Wed, 06 Feb 2013 22:25:23 GMT
server: AkamaiNetStorage
etag: "da1a90724cb9fa8b90b1a0219783c9f4:1360189523"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/png
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 997

GET
H2 204 pixel.gif
l.betrad.com/ct/0_0_0_156277/de/0/1/0/0/0/0/300/600/242/6250/0/ Frame AB95 0
121 B 317ms
98ms Image
text/plain 52.20.68.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/ct/0_0_0_156277/de/0/1/0/0/0/0/300/600/242/6250/0/pixel.gif?v=2_1&ttid=2&d=7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com&r=0.04444811853107833
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.68.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-68-233.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:56 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C197 7 KB
5 KB 18ms
18ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e4b11ce2fe498f79b397901e6ed1da1f104e87a9b25707e342b78ef85c4a791f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 15:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5592
x-xss-protection: 0

GET
H3 200 prod_studio_01_245_configurablemodule.js Show response
s0.2mdn.net/879366/ Frame C197 30 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_245_configurablemodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d8ebd3fb98721f56f81064a3b6c8d9e34b9e679f5badd844f05ce9090f245a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11475707399726046606/index.html?e=69&leftOffset=0&topOffset=0&c=hvI7DbRtl6&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 20:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68894
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10470
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Mar 2022 20:24:42 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4FB5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

47ms
47ms

Image
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/
Protocol: H3
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Fri, 04 Mar 2022 15:32:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2822 0
22 B 49ms
48ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnBPaKDEiYt26AZeu3gPxmoWwDgAAAAA4AeAEAg&bg=!goGlgcXNAAb7UztL-1M7ACkAdvg8Ws-CNSoouyry86f320OcrrU0k1PraBbkiJTIXS1DDgqWl_4rxgIAAAC6UgAAAAFoAQcKAJCFmRRXUc_EEfhn6L5pOwNHkcmtNQlu-zyxksUHa4JoEDY6eO4FwV-j2OCb98P30JZlmyXKQhOaHXj2X42DG-w7VszZXSer4dI-EiZXyPWyW7TmHZBO9DoSPhzOavFmZ7b-Fi1WEBibtoAt0Nj4yzlrneR2bn_k2o7PB1remL0LPWrYgcnbHrV8d3Gp_tUXWXqZAujK143SR8bI_U4ysZsRbRHtAQRE4U7fVzR8Sz2AfVMAOiVBwrYDx34rst9mo45w-sO8UAr3XPLMFVobfQTT2BQmBzuOjlwYu5uYLQ9tY2Y4aTQzVLF8hhoGRa9EN5obnr-CenWtujFbrLJscPMbrHL-p3g_sgltVxvlEIMhCQJbewklDpte7KrJuRIwSkAYU7eE7lMpY_OZ7cWL8sIRunQq5C_f9LFjApk9Xo47ijicB86NCjP-u8vnixQmvf2gJl1js36PbmIYdwtbahi-mu3BsnLA8dKiTmYLqZZCLjl0Kp2ReELMJS2ELOl0Vr9sAjso4cmV-iV4DFDENu7G098wg9hjK7zz_FjLl4dkXTr-AQLmGGszQbtEAF8z3Y3P6m-GofnabQ0LlNzsCgGGdoBoqy8r9lV-qNkzzEzB_HWNUq3Y_id0jP-HuVEQzsHOB1XKYuHkfbRhk2CqAfL5M_FNMfkn192-dLEiM1Uhpi1KGaEoAfeAGA67XoHVkiZ2vSzlaoHnicUsXeR1eB7G2cMwnvuLrxPCBzKQxpy8DniV9jc4_MS4ewXe_zTmb37YhMOTGKSuxRBpSd2ukLE6FWqe2Dwfufn3InLswBOu1VyVvjVLl1DB1UWChzFlU2cqryUK300LxPa6kB5qzlwNCKhp89V0y73wj9UOPEjTWfMlb4Hse18wIpcdgYQefqt4RBEOvKhxSn34edS22pyuCvKq55PvbzW8fSeP5Cjzrwl6lAsImiKG_LtVBLdlvMFYs-FITVombdV9dkgxkOOfi3qRTLBb2YMnMZ3gJK4y6OVrhjyqxm062_riLMqy3l2A9ghXP4mhoW-j4CSGOlVWQSOwStHeLebX5g-HmXy3Fv_ITPUljwjaK6mAD8gK7tAXyS0-oNlhdSsI85SIMirlznij5oOdWNyyc0qJu0KdAMsr0Y97RbiTbEdNlHikmHsHAIhcLtT4mc6u6YwkUvP8OO-TcxfrhljyIJs

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C197 17 KB
6 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 15:32:56 GMT

GET
H/1.1 200
OK html5API.js Show response
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame D782 95 KB
31 KB 45ms
45ms Script
application/javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/83842/3300636/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 7b8d61fc1f99eb8f9ddf41a0d414c0dd771c895a833ec90ffe4283e8c7516754

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/3300636/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 May 2021 15:35:29 GMT
Server: Flashtalking (AKA)
ETag: W/"db3a9e799b66fd834e149105a04e7840"
Vary: Accept-Encoding
X-Varnish: 1020921218 1014136908
Cache-Control: max-age=78371
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 31158
Expires: Sat, 05 Mar 2022 13:19:07 GMT

GET
H3 200 6685874893103779537
s0.2mdn.net/simgad/ Frame C197 16 KB
16 KB 11ms
10ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6685874893103779537

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38c2d612a7fc68a57284d966c42435bc8b3c562a7732f1eeec132f5f45c0ab17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11475707399726046606/index.html?e=69&leftOffset=0&topOffset=0&c=hvI7DbRtl6&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 11:17:54 GMT
x-content-type-options: nosniff
age: 360902
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16398
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 21:46:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Feb 2023 11:17:54 GMT

GET
H3 200 5720033334102379464
s0.2mdn.net/simgad/ Frame C197 35 KB
35 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5720033334102379464

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cab17e1c37a6ac411cb3a867b60c1bf5dcecb2bfa440c728d64388d2ec0e3e2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11475707399726046606/index.html?e=69&leftOffset=0&topOffset=0&c=hvI7DbRtl6&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:45:48 GMT
x-content-type-options: nosniff
age: 10028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35555
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 19:36:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 12:45:48 GMT

GET
H3 200 11248706336227248476
s0.2mdn.net/simgad/ Frame C197 94 KB
94 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11248706336227248476

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d94aca6f682b0c630bc85f2aa17ad1dcb0e2c5ec55f2971dc184eccbf4049299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11475707399726046606/index.html?e=69&leftOffset=0&topOffset=0&c=hvI7DbRtl6&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:45:48 GMT
x-content-type-options: nosniff
age: 10028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96546
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 19:36:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 12:45:48 GMT

GET
H3 200 hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js Show response
pagead2.googlesyndication.com/bg/ Frame 06E0 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:28:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13728
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Mar 2023 13:28:14 GMT

GET
H/1.1 200
OK manifest.js Show response
cdn.flashtalking.com/83842/3300636/ Frame D782 2 KB
1 KB 51ms
51ms Script
application/x-javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/83842/3300636/manifest.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 42a88a56168740aa8af444f2b42c47a4ea0962ec3c5985c717dd7854df326898

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/3300636/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 522
Last-Modified: Thu, 07 Jan 2021 21:19:39 GMT
Server: Flashtalking (AKA)
ETag: W/"7afcf574d2ba7433802f637202a39d31"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 646598298 647972649
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=520
Accept-Ranges: bytes
Content-Type: application/x-javascript
Expires: Fri, 04 Mar 2022 15:41:36 GMT

GET
H/1.1 200
OK mv23802752.json Show response
cdn.flashtalking.com/83842/ Frame D782 2 KB
1 KB 104ms
104ms XHR
application/json 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/83842/mv23802752.json?cb=681668695
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: b0fa0a084d986ea46a73ac865b912ff4d9030245e2db02218356fbb932e78cf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/3300636/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
x-amz-meta-creative-id: 3300636
Connection: keep-alive
x-amz-meta-creative-library-id: 83842
Content-Length: 621
Last-Modified: Fri, 19 Feb 2021 22:55:34 GMT
Server: Flashtalking (AKA)
ETag: W/"207821f7c48580d644122f93411e3013"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 731409405
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=807
x-amz-meta-ad-type: HTML_onpage
x-amz-meta-version-id: 23802752
Accept-Ranges: bytes
Content-Type: application/json
Expires: Fri, 04 Mar 2022 15:46:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8023 0
0 42ms
41ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwa1ra7xcb7ldXc9J0jjcfhyZag8YYF4Q35G21Byo4-uXbgR2iQCvrGBygSSSchnQtRWtJy0jZAUPjuywvoCQY-6uIe_Tl2op3ywOK6vbv3uelj1G6u-Ain-aOTn_uqTfEEJ4AlohOU4Vm9tna2knvRhISdU1ojPv2Jp6BkZcKkTUnjbUMtDbYiE2kpnFKaELfly1fUJZAlPgZ_b-S2uIT7TSZTVWNijwyC-6tul10o_Pd2rC3hJNYJeBzJG3DRNhAqoeVREBMH7vFLlrDfcRA7nnFRj9UoDdL-9gAvB01E_Fy6KMORjC2xg&sai=AMfl-YT-KcyLQ8d-rPj2ux4uklBfwADnJ3l9yfgQOFcE0DcFWU-o8ECYNAaRE4atezLj9HNRQAmgX9GYUIZ5tIDst55AHnAe4kQ3d0mmxApX_XgIP1pHqUds8ESnDWThiPE&sig=Cg0ArKJSzIUYlOA_SIS2EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.fox19.com
URL: https://www.fox19.com/2020/05/15/bbb-warns-scam-targeting-people-with-roku-devices/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 15:32:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 8023 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:31:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8023 124 KB
38 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 15:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 15:32:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8023 0
0 15ms
14ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTjEcXE67ILL8Y7nXiTrVhSxPALJXUXKxvl_IkKkF837QuNgEFEGhsdvQQMuvVkv1hr-FW4aHbk-f13xyW2jmstauHW5Q
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 11521353295637802428
tpc.googlesyndication.com/simgad/ Frame 8023 48 KB
48 KB 8ms
8ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11521353295637802428

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66a5d47b7ea8649f6e8c642e4d55a4e84054f07fadd5f64447a40517da0067a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 16:55:40 GMT
x-content-type-options: nosniff
age: 167836
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48782
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 16:04:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Mar 2023 16:55:40 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8023 0
0 42ms
42ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMxo5FO0YOSHWwe64xxu4Jv26MvGjRlxtIBPBmOZ9t-sYr2gCHRvhc2HJg08QCoRrX38WcyzbhT7_LRLyr-BGuMK0IHoHFveidnfipSWDj43NH_0i6te3nb_KaMAmMgFqI4SYC1kbOlejeSPXs_CPRzxnbzezOhGckGxHFj26Vipt6GHhl9dgwWcA2x7zy54YuDYU7G6nlpNugqBBmOgnikB9NXXUVvWXpARLYPJ2pd2E7KRd8J06o55cmObiA24M-gqIUKbA9tAE1P7PdqYhorpV2CFiZ_wqL-Qy06JjYJuRoMnjYZjk_YIVq&sai=AMfl-YSIoBTRR5tdYtWcSLqoHbFu3ouYdfesPcCJaJB5ZJZTORYePum1elC7A0aJBy5kI_Nja7Z6Y64O04GkAzr8RKy3DnUH_fTC0V-h0adu_zudXXQ6nu-TAt1UwgttDzQ&sig=Cg0ArKJSzAzcd_Ou6MdIEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 15:32:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 04 Mar 2022 15:32:56 GMT

GET
DATA 200
OK truncated
/ Frame 8023 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 881d352cbad39cf29fbc74560e4398418ac514758d333a255d07d1c2de1c5bb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK index.html Show response
cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/ Frame D782 25 KB
4 KB 109ms
109ms XHR
text/html 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 95b54187e9ca212028fb8de496c55c4c134832450d7b479b2108c9c360dc57e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/3300636/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 3969
Last-Modified: Fri, 19 Feb 2021 22:55:13 GMT
Server: Flashtalking (AKA)
ETag: W/"49e22902a0be6b57a3d3ab01fd309764"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 372031680
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=807
Accept-Ranges: bytes
Content-Type: text/html
Expires: Fri, 04 Mar 2022 15:46:23 GMT

GET
H/1.1 200
OK gwdpage_style.css
cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/ Frame 08E8 55 B
601 B 12ms
11ms Stylesheet
text/css 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/gwdpage_style.css
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Last-Modified: Fri, 19 Feb 2021 22:55:13 GMT
Server: Flashtalking (AKA)
ETag: W/"ee980c669c9c9f1f1e9f2db915149942"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 560046740
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=807
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 55
Expires: Fri, 04 Mar 2022 15:46:23 GMT

GET
H/1.1 200
OK gwdpagedeck_style.css
cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/ Frame 08E8 731 B
1 KB 23ms
11ms Stylesheet
text/css 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/gwdpagedeck_style.css
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Last-Modified: Fri, 19 Feb 2021 22:55:13 GMT
Server: Flashtalking (AKA)
ETag: W/"0c8f2d607364fbbc9f4617373d1a2b2d"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 39929413 40446176
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=807
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 731
Expires: Fri, 04 Mar 2022 15:46:23 GMT

GET
H/1.1 200
OK gwdimage_style.css
cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/ Frame 08E8 281 B
838 B 25ms
10ms Stylesheet
text/css 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/gwdimage_style.css
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Last-Modified: Fri, 19 Feb 2021 22:55:13 GMT
Server: Flashtalking (AKA)
ETag: W/"31cebd96e692254733beba3c3a955da5"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 446882102 450814705
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=406
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 281
Expires: Fri, 04 Mar 2022 15:39:42 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 08E8 3 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d402b35e6e0d996cc57dfb1f40a87b672f1eb4dfe0744da6d9c40b0d26592815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 13:36:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 04 Mar 2022 15:32:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Mar 2022 15:32:56 GMT

GET
H/1.1 200
OK gwd_webcomponents_v1_min.js Show response
cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/ Frame 08E8 21 KB
7 KB 80ms
63ms Script
application/x-javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/gwd_webcomponents_v1_min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: d1ecee6eadd58d0146a09227fec14d6478149449691c5e546c30ec4d39cb9970

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 6299
Last-Modified: Fri, 19 Feb 2021 22:55:12 GMT
Server: Flashtalking (AKA)
ETag: W/"8f7b2786167eb21de6c805eb28ffcbfb"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 571762092
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=807
Accept-Ranges: bytes
Content-Type: application/x-javascript
Expires: Fri, 04 Mar 2022 15:46:23 GMT

GET
H/1.1 200
OK googbase_min.js Show response
cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/ Frame 08E8 253 B
816 B 26ms
8ms Script
application/x-javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/googbase_min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 754502151860bc5835b3f051723b4fd325c9321abca97c217e0b2030377d9abd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Last-Modified: Fri, 19 Feb 2021 22:55:12 GMT
Server: Flashtalking (AKA)
ETag: W/"b99d0219a40303b030e9559df1f60854"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 559553419
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=406
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 253
Expires: Fri, 04 Mar 2022 15:39:42 GMT

GET
H/1.1 200
OK gwdpage_min.js Show response
cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/ Frame 08E8 3 KB
2 KB 84ms
66ms Script
application/x-javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/gwdpage_min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 7e6fd831ca78dcad780d33b5c53acb9e5f70b6673ab7f74b869502baeb9db7a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 1316
Last-Modified: Fri, 19 Feb 2021 22:55:13 GMT
Server: Flashtalking (AKA)
ETag: W/"b84ab05e07ab469da891d2f3eade8239"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 961008982
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=807
Accept-Ranges: bytes
Content-Type: application/x-javascript
Expires: Fri, 04 Mar 2022 15:46:23 GMT

GET
H/1.1 200
OK gwdpagedeck_min.js Show response
cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/ Frame 08E8 8 KB
4 KB 66ms
48ms Script
application/x-javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/gwdpagedeck_min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 0c06e5766e1b9696087b0c6359970050c3bc508dd588bd9689a1fe80e183cfe8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 3159
Last-Modified: Fri, 19 Feb 2021 22:55:13 GMT
Server: Flashtalking (AKA)
ETag: W/"925440c7ec6a80d8ea40daf826a29010"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 585399956
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=406
Accept-Ranges: bytes
Content-Type: application/x-javascript
Expires: Fri, 04 Mar 2022 15:39:42 GMT

GET
H/1.1 200
OK gwdgenericad_min.js Show response
cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/ Frame 08E8 4 KB
2 KB 78ms
56ms Script
application/x-javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/gwdgenericad_min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 5e3d701d3a557876b5ccb085f100bbc3cc97ce49a3a87671a01cfb6000ede5ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 1641
Last-Modified: Fri, 19 Feb 2021 22:55:13 GMT
Server: Flashtalking (AKA)
ETag: W/"d375190387e80b0b28e98e43f5cedef5"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 476601878 478076046
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=807
Accept-Ranges: bytes
Content-Type: application/x-javascript
Expires: Fri, 04 Mar 2022 15:46:23 GMT

GET
H/1.1 200
OK FTFeed.min.js Show response
cdn.flashtalking.com/feeds/frameworks/js/api/20/ Frame 08E8 5 KB
2 KB 93ms
69ms Script
text/javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/feeds/frameworks/js/api/20/FTFeed.min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: b29a8f5cd6937592b2aad723385204b0633d519300ef632cf8361d1b47e72553

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Nov 2017 15:57:44 GMT
Server: Flashtalking (AKA)
ETag: W/"5a61df4ec54451376992c20f8c760126"
Vary: Accept-Encoding
X-Varnish: 404356955 405415265
Cache-Control: max-age=220
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 1651
Expires: Fri, 04 Mar 2022 15:36:36 GMT

GET
H/1.1 200
OK Tracker.js Show response
cdn.flashtalking.com/feeds/frameworks/js/utils/ Frame 08E8 7 KB
2 KB 46ms
21ms Script
text/javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/feeds/frameworks/js/utils/Tracker.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 4c177e4e7d46fc0cd191cfd21e1d4fb24229e5c03e491cec02b6a4cd1c459ded

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Oct 2017 20:49:54 GMT
Server: Flashtalking (AKA)
ETag: W/"dd0371837f9bb02ffb72b212c849f4d8"
X-FT-Origin: us
Vary: Accept-Encoding
X-Varnish: 79576394 78820280
Cache-Control: max-age=363
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 1816
Expires: Fri, 04 Mar 2022 15:38:59 GMT

GET
H/1.1 200
OK FTTracking.js Show response
cdn.flashtalking.com/frameworks/js/dell/ Frame 08E8 5 KB
2 KB 121ms
75ms Script
text/javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/frameworks/js/dell/FTTracking.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: d56a6f820da8de785e7da4c4c69ffe59d013ae3160ed5b34e6773f884b52fe38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Feb 2020 21:17:33 GMT
Server: Flashtalking (AKA)
ETag: W/"02a0488a0ec7b2a214d83ce8c277105c"
Vary: Accept-Encoding
X-Varnish: 102540716
Cache-Control: max-age=47540
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 1434
Expires: Sat, 05 Mar 2022 04:45:16 GMT

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
cdn.flashtalking.com/frameworks/js/jquery/ Frame 08E8 85 KB
30 KB 126ms
60ms Script
text/javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/frameworks/js/jquery/jquery-3.3.1.min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Jan 2018 19:55:39 GMT
Server: Flashtalking (AKA)
ETag: W/"a09e13ee94d51c524b7e2a728c7d4039"
Vary: Accept-Encoding
X-Varnish: 960925790 959898035
Cache-Control: max-age=36369
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 30351
Expires: Sat, 05 Mar 2022 01:39:05 GMT

GET
H/1.1 200
OK TweenLite.min.js Show response
cdn.flashtalking.com/frameworks/js/gsap/latest/ Frame 08E8 27 KB
10 KB 122ms
44ms Script
application/javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/frameworks/js/gsap/latest/TweenLite.min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 555e3bb894a81d951e881702b3715c04e40b327fbec9e1bfcea66f69492f1993

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Oct 2019 20:28:46 GMT
Server: Flashtalking (AKA)
ETag: W/"54e78197ccd64f73aeccf83d958b6a03"
Vary: Accept-Encoding
X-Varnish: 89566404
Cache-Control: max-age=47540
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 10096
Expires: Sat, 05 Mar 2022 04:45:16 GMT

GET
H/1.1 200
OK CSSPlugin.min.js Show response
cdn.flashtalking.com/frameworks/js/gsap/latest/plugins/ Frame 08E8 43 KB
17 KB 132ms
53ms Script
application/javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/frameworks/js/gsap/latest/plugins/CSSPlugin.min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 2c18e59e93eb33a02283c2c315cf4f25cb4f1cb19473a45a52f9e65c4e215796

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Oct 2019 20:29:05 GMT
Server: Flashtalking (AKA)
ETag: W/"5c937e58d45da58ce1b1f7cf790c7014"
Vary: Accept-Encoding
X-Varnish: 373433844 365816083
Cache-Control: max-age=47540
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 16810
Expires: Sat, 05 Mar 2022 04:45:16 GMT

GET
H/1.1 200
OK lcm_helper.js Show response
cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/ Frame 08E8 1 KB
1 KB 126ms
43ms Script
application/x-javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/lcm_helper.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 8b85c98e9da4961713402f1224ffa50773230054f402a53760c6704f4e6a8d9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 513
Last-Modified: Fri, 19 Feb 2021 22:55:13 GMT
Server: Flashtalking (AKA)
ETag: W/"a4f5a0898021b6c911fb1bea334d7771"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 620647683
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=807
Accept-Ranges: bytes
Content-Type: application/x-javascript
Expires: Fri, 04 Mar 2022 15:46:23 GMT

GET
H/1.1 200
OK ft_banner.js Show response
cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/ Frame 08E8 19 KB
6 KB 205ms
112ms Script
application/x-javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/ft_banner.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: bfed3bcd77bd1104ac98f990b482b38ea52a31141e929b2ad7d39f3ff0b65747

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 5095
Last-Modified: Fri, 19 Feb 2021 22:55:12 GMT
Server: Flashtalking (AKA)
ETag: W/"d4622f1fa4e9545f3f97c71cad2b18fb"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 956504998 957449455
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=406
Accept-Ranges: bytes
Content-Type: application/x-javascript
Expires: Fri, 04 Mar 2022 15:39:42 GMT

GET
H2 200 / Show response
fdz.flashtalking.com/services/dell/FBI-3107/ Frame D782 20 KB
20 KB 460ms
213ms XHR
application/json 18.232.0.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fdz.flashtalking.com/services/dell/FBI-3107/?route=deals&campaign=germany_cs_small_business_dco&guid=5176946DE8F50A&
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.232.0.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-232-0-94.compute-1.amazonaws.com
Software: nginx / PHP/5.6.40
Resource Hash: 799b699c0ca5def5067d2bb9d39412d50a1436453dbb92d7f3d03bcfda3381e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://cdn.flashtalking.com
date: Fri, 04 Mar 2022 15:32:57 GMT
cache-control: max-age=30
access-control-allow-credentials: true
server: nginx
x-powered-by: PHP/5.6.40
content-type: application/json

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame E29A 0
305 B 14ms
14ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=77b1e6482d374c25b6cf2ffbf1eb2fb0&nav_pltfrm=Linux%20x86_64&cbust=1646407977056162
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:57 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 03/03/2022 15:32:57

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EDF7 42 B
64 B 42ms
42ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHmPHUgue7jpkZuaJzTzY5Zk31qxCrkawRMSL35raXfZgecBrunEYOlYHwEFrg6v1HdXaqVhA_NEd4NlAD-ejw8X81NGOxPA1lod_NliNU3Clb1lw75sY&sai=AMfl-YTMiMSFhHfQgzCyoFqR1bpUtocHJ9Bp41KW3ymwsUMuv68uS_uRYt3YLMME8ZoNwDHSjq46G6IH99j00_KHxr09vIiEgdPj1WOkuJnITggA3sgM0Ek4wYhg33BOVSg&sig=Cg0ArKJSzDrCwzpGJ1YsEAE&cid=CAASJ-RozVU38wS5hALdS6rKaA8bMtU765E9sXqAL1uoEqhBW5MzifL8kA&id=lidar2&mcvt=1000&p=280,1394,320,1435&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220302&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2872222582&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646407975976&rpt=139&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET write.php
fdz.flashtalking.com/services/dell/FBI-1941/ Frame D782 0
0

GET
H/1.1 200
OK gwdimage_min.js Show response
cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/ Frame 08E8 5 KB
3 KB 63ms
63ms Script
application/x-javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/gwdimage_min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/ft_banner.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: c38e328a42911cae0102611bde3db6f1eba9f60ce4d1cf0e656d4ab1352d18c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 2011
Last-Modified: Fri, 19 Feb 2021 22:55:13 GMT
Server: Flashtalking (AKA)
ETag: W/"86a510b1af0b0f3d591c0064f91a417e"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 87435978
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=406
Accept-Ranges: bytes
Content-Type: application/x-javascript
Expires: Fri, 04 Mar 2022 15:39:43 GMT

GET
H/1.1 200
OK transparency.png
cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/assets/ Frame 08E8 944 B
1 KB 27ms
27ms Image
image/png 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/assets/transparency.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 161c075b38c97aeeb25002131df000c893db031ba50f7fc1f42f0a671ad1424e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:57 GMT
Last-Modified: Fri, 19 Feb 2021 22:55:12 GMT
Server: Flashtalking (AKA)
ETag: W/"7a197dc2b5980c207020914708d12f96"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 928676877 929232869
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=409
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 944
Expires: Fri, 04 Mar 2022 15:39:46 GMT

GET
H/1.1 200
OK DellReplica-Light.otf
cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/ Frame 08E8 92 KB
93 KB 28ms
28ms Font
application/octet-stream 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/DellReplica-Light.otf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 9baa6632f1ef7609f2d394ea2d4b1397c5cec4de88c0e04530a786fe03171ab3

Request headers

Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
Origin: https://cdn.flashtalking.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:57 GMT
Connection: keep-alive
Content-Length: 94332
Last-Modified: Thu, 07 Jan 2021 21:19:45 GMT
Server: Flashtalking (AKA)
ETag: W/"e099804ea7db43a306a7762fcf0cad38"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
X-Varnish: 256633422 255908614
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Range
Cache-Control: max-age=46041
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: application/octet-stream
Access-Control-Allow-Headers: Range
Expires: Sat, 05 Mar 2022 04:20:18 GMT

GET
DATA 200
OK truncated
/ Frame 08E8 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK get.php
img.flashtalking.com/temp/ Frame 08E8 58 KB
57 KB 88ms
25ms Image
image/png 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.flashtalking.com/temp/get.php?url=https%3A%2F%2Fi.dell.com%2Fis%2Fimage%2FDellContent%2Fcontent%2Fdam%2Fglobal-asset-library%2FProducts%2FNotebooks%2FXPS%2F13_9310_touch%2Fxs9310t_cnb_00055lf110_gy.psd%3F%24S7-300x300%24%26layer%3D1%26src%3Dis%7BDellContent%2Fcontent%2Fdam%2Fglobal-asset-library%2FSupporting_Assets%2FScreenfills%2Fxps%2FXPS_F60A1037_CP_16x9.psd%3Fsize%3D4000%2C4000%7D%26perspective%3D2164%2C1215%2C3609%2C1032%2C3116%2C2484%2C1731%2C2293%26pos%3D-180%2C-983
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: AKA /
Resource Hash: 79df4b9b16a849180c6bed8575249f06bbd1c14d5de0062718b453277ccbb249

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 04 Mar 2022 15:32:57 GMT
Content-Encoding: gzip
Server: AKA
Vary: Accept-Encoding
Content-Type: image/png
X-Cache-Hit: false
Cache-Control: public, must-revalidate, max-age=97
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Expires: Fri, 04 Mar 2022 15:34:34 GMT

GET
H/1.1 200
OK get.php
img.flashtalking.com/temp/ Frame 08E8 28 KB
25 KB 87ms
24ms Image
image/jpeg 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.flashtalking.com/temp/get.php?url=https://i.dell.com/is/image/DellContent/content/dam/brand_elements/logos/3rd_party/Intel/core/i7/11th_gen/english/online_use/ci7_11thgen_rgb_60_online.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: AKA /
Resource Hash: e377f45560dc589f8f44a8dae6a9f3d6a87c5e654f6aef4ce773752c2195fe83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 04 Mar 2022 15:32:57 GMT
Content-Encoding: gzip
Server: AKA
Vary: Accept-Encoding
Content-Type: image/jpeg
X-Cache-Hit: true
Cache-Control: public, must-revalidate, max-age=163
Connection: keep-alive
Content-Length: 25225
Expires: Fri, 04 Mar 2022 15:35:40 GMT

GET
H/1.1 200
OK x.png
cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/assets/ Frame 08E8 1 KB
2 KB 44ms
44ms Image
image/png 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/assets/x.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 82dc86f1b6f88910607b82c9e11ffbc39c15400f7aab015f2db39f2725de18a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:57 GMT
Last-Modified: Fri, 19 Feb 2021 22:55:12 GMT
Server: Flashtalking (AKA)
ETag: W/"a3f348fb4bebb0e4bbe26d06f2ae1951"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 658999459
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=406
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1401
Expires: Fri, 04 Mar 2022 15:39:43 GMT

GET
H/1.1 200
OK get.php
img.flashtalking.com/temp/ Frame 08E8 58 KB
58 KB 102ms
39ms Image
image/png 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.flashtalking.com/temp/get.php?url=https%3A%2F%2Fi.dell.com%2Fis%2Fimage%2FDellContent%2Fcontent%2Fdam%2Fglobal-asset-library%2FProducts%2FNotebooks%2FXPS%2F15_9510_touch%2Fxs9510t_cnb_00055lf110_bk.psd%3F%24S7-300x300%24%26layer%3D1%26src%3Dis%7BDellContent%2Fcontent%2Fdam%2Fglobal-asset-library%2FSupporting_Assets%2FScreenfills%2Fxps%2FXPS_F60A1037_CP_16x9.psd%3Fsize%3D4000%2C4000%7D%26perspective%3D2131%2C1256%2C3622%2C1011%2C3134%2C2489%2C1707%2C2303%26pos%3D-184%2C-974
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: AKA /
Resource Hash: 4522588ecbb4ba3fe764e3aee7f4303e880f007bee2906025f8471bf7c335a55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 04 Mar 2022 15:32:57 GMT
Content-Encoding: gzip
Server: AKA
Vary: Accept-Encoding
Content-Type: image/png
X-Cache-Hit: false
Cache-Control: public, must-revalidate, max-age=20
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Expires: Fri, 04 Mar 2022 15:33:17 GMT

GET
H/1.1 200
OK get.php
img.flashtalking.com/temp/ Frame 08E8 89 KB
88 KB 93ms
30ms Image
image/png 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.flashtalking.com/temp/get.php?url=https%3A%2F%2Fi.dell.com%2Fis%2Fimage%2FDellContent%2Fcontent%2Fdam%2Fglobal-asset-library%2FProducts%2FNotebooks%2FLatitude%2F14_7420_2n1%2Fla7420t_ctb_00030lf120_bk.psd%3F%24S7-300x300%24%26layer%3D1%26src%3Dis%7BDellContent%2Fcontent%2Fdam%2Fglobal-asset-library%2FSupporting_Assets%2FScreenfills%2Flatitude%2FLatitude_J7E9046a_16x9.psd%3Fsize%3D4000%2C4000%7D%26perspective%3D788%2C1106%2C3192%2C952%2C2847%2C2677%2C389%2C2579%26pos%3D-141%2C-753
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: AKA /
Resource Hash: 95adf7d489d15ed120c59aeac34a91eda25f46548b849a6616bee813282fd25b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 04 Mar 2022 15:32:57 GMT
Content-Encoding: gzip
Server: AKA
Vary: Accept-Encoding
Content-Type: image/png
X-Cache-Hit: false
Cache-Control: public, must-revalidate, max-age=197
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Expires: Fri, 04 Mar 2022 15:36:14 GMT

GET
H/1.1 200
OK get.php
img.flashtalking.com/temp/ Frame 08E8 28 KB
25 KB 174ms
110ms Image
image/jpeg 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.flashtalking.com/temp/get.php?url=https://i.dell.com/is/image/DellContent/content/dam/brand_elements/logos/3rd_party/Intel/core/i5/11th_gen/english/online_use/core_i5_rgb_3000.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: AKA /
Resource Hash: 5df70918fe0203eaa3abfc9ae9fabe521e9fdd1be084bbe02128352ce4feb36d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 04 Mar 2022 15:32:57 GMT
Content-Encoding: gzip
Server: AKA
Vary: Accept-Encoding
Content-Type: image/jpeg
X-Cache-Hit: true
Cache-Control: public, must-revalidate, max-age=19
Connection: keep-alive
Content-Length: 25251
Expires: Fri, 04 Mar 2022 15:33:16 GMT

GET
H/1.1 200
OK get.php
img.flashtalking.com/temp/ Frame 08E8 3 KB
3 KB 239ms
176ms Image
image/png 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.flashtalking.com/temp/get.php?url=https://s3.amazonaws.com/dellassetlibrary.com/custom/Logos/dco_global/dell_technologies/stacked/delltech_logo_stk_blue_rgb-01.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: AKA /
Resource Hash: 83ee35b37f8eea33523da353352ad2646b546fc84ed5f4835fcb0fbd6b01112d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 04 Mar 2022 15:32:57 GMT
Content-Encoding: gzip
Server: AKA
Vary: Accept-Encoding
Content-Type: image/png
X-Cache-Hit: true
Cache-Control: public, must-revalidate, max-age=103
Connection: keep-alive
Content-Length: 3183
Expires: Fri, 04 Mar 2022 15:34:40 GMT

GET
H/1.1 200
OK LCM_back_300x600.jpg
cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/assets/ Frame 08E8 8 KB
9 KB 22ms
21ms Image
image/jpeg 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/assets/LCM_back_300x600.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 6595795684d7b04d54df877c169a11398e49dc19dfbcc462fcddb2e9429743ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/83842/lcm_consumer_premium_typeA_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:32:57 GMT
Last-Modified: Fri, 19 Feb 2021 22:55:12 GMT
Server: Flashtalking (AKA)
ETag: W/"8fbaac7425b4ab0b209323379a3b4435"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 53055710
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=406
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 8593
Expires: Fri, 04 Mar 2022 15:39:43 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/state/6273193;3300636;23802752;402;875E4A3A-A054-579B-0BF7-A299C3AB020A/ Frame 08E8 42 B
419 B 23ms
22ms Image
image/gif 209.197.3.19
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/state/6273193;3300636;23802752;402;875E4A3A-A054-579B-0BF7-A299C3AB020A/?ft_product=Reporting%20Service%20Error&cachebuster=8542275661
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app9.lhr11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:57 GMT
Server: prod-xre-app9.lhr11
X-HW: 1646407975.dop216.lo4.t,1646407975.cds239.lo4.shn,1646407975.dop216.lo4.t,1646407977.cds003.lo4.sc,1646407977.cds003.lo4.p
Content-Type: image/gif
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8023 42 B
64 B 39ms
39ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstiHWRXDHqa00Bz1cPrjBbYboeIXvk2hrdVgBCWCMCkVD98n6rZlb3PyZslXB5YBVh66DV78DnvESLQUlSUhNvirG4iKlT0_lkDbGMf2viV-fXcx6at&sig=Cg0ArKJSzG67vQGwklXGEAE&id=lidar2&mcvt=1000&p=229,436,319,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220302&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=648018903&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646407976574&rpt=64&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fox19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 15:32:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame AB95 0
305 B 9ms
8ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=8f7eb6b5910d48ec87b1847cece34cf8&nav_pltfrm=Linux%20x86_64&cbust=1646407977658894
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:57 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 03/03/2022 15:32:57

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame E720 0
281 B 24ms
8ms Ping
text/plain 213.254.244.108
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=50fe743cf39347d193153c965221cd0a&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_atali=1&vdur=134&eoid=8&msrjs=2324&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=18&tetms=7&msltms=35&vltms=134&sei=290&vetms=64&engms=1&engisel=1&ttfurm=2220&mpt=1646407978263494
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2324.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.108 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:58 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 03/03/2022 15:32:58

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame E720 0
281 B 9ms
8ms Ping
text/plain 213.254.244.108
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=50fe743cf39347d193153c965221cd0a&gdpr=&gdpr_consent=&msrcanlm=968&msrcannum=4&eoid=10&ismms=29&isumms=29&isvelg=1&nvr=2&elmtp=1&isbxdms=2230&b0=2391&adhgt=600&adwdth=300&norwdth=300&norhgt=600&engisel=1&dvp_vsosnmr=1&lftb=2391&sftb=2391&msrdp=0&naral=704&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=28&dvp_dpr=1&mpt=1646407979262511
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2324.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.108 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
Pragma: no-cache
Date: Fri, 04 Mar 2022 15:32:14 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 03/03/2022 15:32:59

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame AB95 1 B
377 B 8ms
8ms Image
text/plain 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?218709980-6273193;3300636;23802752-310-0-5176946DE8F50A-708549541-0x0x50x0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 15:33:00 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Fri, 04 Mar 2022 15:33:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fdz.flashtalking.com
URL: https://fdz.flashtalking.com/services/dell/FBI-1941/write.php?value=s001l742014w11dgrdeat%7Chttps%3A%2F%2Fwww.dell.com%2Fde-de%2Fwork%2Fshop%2Fdell-notebooks%2Flatitude-7420%2Fspd%2Flatitude-14-7420-2-in-1-laptop%2Fs001l742014w11dgrdeat%7Cproduct%2Cbn95115sb11%7Chttps%3A%2F%2Fdeals.dell.com%2Fde-de%2Fwork%2Fproductdetail%2Fd2lf%7Cproduct%2Cbn93242cb%7Chttps%3A%2F%2Fwww.dell.com%2Fde-de%2Fwork%2Fshop%2Fdell-notebooks%2Fxps-13-9310%2Fspd%2Fxps-13-9310-laptop%2Fbn93242cb%7Cproduct

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fox19.com/	1970-01-20 01:20:11	Name: AKA_A2 Value: A
www.fox19.com/	1970-01-25 20:31:23	Name: akaas_AS_gray_wxix_prod Value: 2147483647~rv=100~id=8fe9afcf35d39c52398b19689cca1b79
gray-wxix-prod.cdn.arcpublishing.com/	1970-01-25 20:31:23	Name: akaas_AS_gray_wxix_prod Value: 2147483647~rv=81~id=a93c5415c9fbc696c4624bbf977e71ab
.piano.io/	1970-01-20 01:20:09	Name: __cf_bm Value: WFpRgO1JyMQvywDIOiaGEjXwWWZbrvXFUKom82aRGRM-1646407973-0-AYsgx/pV07oYJmOZ4S9/cSt34tHwU8rP1Rd2HSyW92Ku6MiBEqspYv+89zEZF1cYA/OOn8VTPvsOpKF2eo0hqNw=
www.fox19.com/	1970-01-20 10:48:55	Name: _cb_ls Value: 1
www.fox19.com/	1970-01-20 10:48:55	Name: _cb Value: CNSiV444QyzCGzI7v
www.fox19.com/	1970-01-20 10:48:55	Name: _chartbeat2 Value: .1646407973555.1646407973555.1.Ci9a8EBOAjvJBVSuHhDgm28KB6Iadp.1
www.fox19.com/	1970-01-20 01:20:09	Name: _cb_svref Value: null
www.fox19.com/	1970-01-20 10:05:43	Name: usprivacy Value: 1---
.scorecardresearch.com/	1970-01-20 18:36:55	Name: UID Value: 1F0282967626211bb66f0bf1646407973
.fox19.com/	1970-01-20 18:51:19	Name: _ga Value: GA1.2.1696628236.1646407974
.fox19.com/	1970-01-20 01:21:34	Name: _gid Value: GA1.2.294873842.1646407974
.fox19.com/	1970-01-20 01:20:08	Name: _gat_RMD Value: 1
.www.fox19.com/	1970-01-20 01:30:12	Name: RT Value: "z=1&dm=www.fox19.com&si=707530a5-4ddd-4b0a-8411-0d73a38d714f&ss=l0ckspsh&sl=1&tt=1c2&rl=1&ld=1cc"
www.fox19.com/	1969-12-31 23:59:59	Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1646407974037%2C%22visitNumber%22%3A1%7D
www.fox19.com/	1970-01-20 10:05:43	Name: pnespsdk_visitor Value: kl5m9yonzft3d5h2
.fox19.com/	1970-01-20 01:20:08	Name: _gat Value: 1
.fox19.com/	1970-01-21 03:36:55	Name: _awl Value: 2.1646407974.0.5-15dc5bae1b04f907b411215f030a5830-6763652d6575726f70652d7765737431-0
.doubleclick.net/	1970-01-20 10:41:43	Name: IDE Value: AHWqTUlmwbdNg9ykFxhmJQCsGZbkX94-pt6mBla1Sviki1N3goQpa55La8RKIj6TxR0
.adnxs.com/	1970-01-20 03:29:43	Name: uuid2 Value: 5528669247989324597
.casalemedia.com/	1970-01-20 03:29:43	Name: CMPS Value: 3224
.casalemedia.com/	1970-01-20 01:21:34	Name: CMST Value: YiIxJmIiMSYA
.casalemedia.com/	1970-01-20 10:05:43	Name: CMID Value: YiIxJt-6Q5lh4bXNVwV8kwAA
.casalemedia.com/	1970-01-20 03:29:43	Name: CMPRO Value: 1198
.casalemedia.com/	1970-01-20 10:05:43	Name: CMRUM3 Value: 2d622231262760CAESENGJRq_IFVKvez9CWcuxDc8
.adform.net/	1970-01-20 02:04:42	Name: C Value: 1
m.exactag.com/	1970-01-20 03:29:43	Name: exactag_new_gk Value: 919e3e38a7d64c4ca2a6240a31aa73c7%7c03.05.2022+15%3a32%3a54
m.exactag.com/	1970-01-20 05:39:19	Name: exactag_new_uk Value: 78483f32da994fcf844f468704925588%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 636c912e727945778bdee7d8
.adnxs.com/	1970-01-20 03:29:43	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?cfQcQ3!]tbPl1M>e)ZlrFUfJ+tGXxpOAqgLEruJ6@K#l#B-_DF`Xh4HX^Vo)-BD-SbpRzqF1`b_g5*7hKh
.adform.net/	1970-01-20 02:46:28	Name: uid Value: 9044985138130066724
.myvisualiq.net/	1970-01-20 18:51:19	Name: tuuid Value: 27f65345-59e3-45cf-af05-11a01b08b8eb
.myvisualiq.net/	1970-01-20 18:51:19	Name: c Value: 1646407975
.myvisualiq.net/	1970-01-20 18:51:19	Name: tuuid_lu Value: 1646407976
.krxd.net/	1970-01-20 05:39:19	Name: _kuid_ Value: Ospbx3O4
.spotxchange.com/	1970-01-20 10:05:47	Name: audience Value: 5d38eaa6-9bd0-11ec-81d5-1626150c0506
.doubleclick.net/	1970-01-20 01:20:11	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 01:20:08	Name: test_cookie Value: CheckForPermission
.fox19.com/	1970-01-20 10:41:43	Name: __gads Value: ID=351ce0408c68c3dc-22e7d98254cd0076:T=1646407973:S=ALNI_MZ7zjS5lNEnN8K3rki0EDARXrQ8Ow

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Message: Refused to execute script from 'https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=55743575&extPm=55743575&extCr=389359233&rnd=1646407974185241' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
javascript	error	URL: https://cdn.flashtalking.com/83842/3300636/index.html Message: Access to XMLHttpRequest at 'https://fdz.flashtalking.com/services/dell/FBI-1941/write.php?value=s001l742014w11dgrdeat%7Chttps%3A%2F%2Fwww.dell.com%2Fde-de%2Fwork%2Fshop%2Fdell-notebooks%2Flatitude-7420%2Fspd%2Flatitude-14-7420-2-in-1-laptop%2Fs001l742014w11dgrdeat%7Cproduct%2Cbn95115sb11%7Chttps%3A%2F%2Fdeals.dell.com%2Fde-de%2Fwork%2Fproductdetail%2Fd2lf%7Cproduct%2Cbn93242cb%7Chttps%3A%2F%2Fwww.dell.com%2Fde-de%2Fwork%2Fshop%2Fdell-notebooks%2Fxps-13-9310%2Fspd%2Fxps-13-9310-laptop%2Fbn93242cb%7Cproduct' from origin 'https://cdn.flashtalking.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fdz.flashtalking.com/services/dell/FBI-1941/write.php?value=s001l742014w11dgrdeat%7Chttps%3A%2F%2Fwww.dell.com%2Fde-de%2Fwork%2Fshop%2Fdell-notebooks%2Flatitude-7420%2Fspd%2Flatitude-14-7420-2-in-1-laptop%2Fs001l742014w11dgrdeat%7Cproduct%2Cbn95115sb11%7Chttps%3A%2F%2Fdeals.dell.com%2Fde-de%2Fwork%2Fproductdetail%2Fd2lf%7Cproduct%2Cbn93242cb%7Chttps%3A%2F%2Fwww.dell.com%2Fde-de%2Fwork%2Fshop%2Fdell-notebooks%2Fxps-13-9310%2Fspd%2Fxps-13-9310-laptop%2Fbn93242cb%7Cproduct Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7f9c0ce91db2ffa3263bd2a3adf3e08c.safeframe.googlesyndication.com
ad.doubleclick.net
ads.yahoo.com
adservice.google.com
adservice.google.de
api-esp.piano.io
beacon.krxd.net
c.evidon.com
c.go-mpulse.net
capi.connatix.com
cd.connatix.com
cdn.ampproject.org
cdn.doubleverify.com
cdn.flashtalking.com
cdnjs.cloudflare.com
cds.connatix.com
cm.g.doubleclick.net
code.jquery.com
d1d3jupgwm7m5r.cloudfront.net
d1l66zlxaqpl1u.cloudfront.net
d3agakyjgjv5i8.cloudfront.net
do0bihdskp9dy.cloudfront.net
dsum-sec.casalemedia.com
fdz.flashtalking.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gray-config-prod.api.cdn.arcpublishing.com
gray-wxix-prod.cdn.arcpublishing.com
ib.adnxs.com
images.outbrainimg.com
img.flashtalking.com
l.betrad.com
m.exactag.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
odb.outbrain.com
pagead2.googlesyndication.com
ping.chartbeat.net
polyfill.io
reconditerespect.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s.go-mpulse.net
s0.2mdn.net
s1.adform.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
stat.flashtalking.com
static.adsafeprotected.com
static.chartbeat.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.teads.tv
t.myvisualiq.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
track.adform.net
us-u.openx.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.fox19.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
fdz.flashtalking.com
104.111.242.245
104.92.81.61
142.250.185.130
142.250.185.162
142.250.185.166
142.250.185.226
143.204.98.87
151.101.114.132
151.101.130.137
18.185.143.172
18.217.122.3
18.232.0.94
185.94.180.126
2.16.186.170
2.18.232.28
2.18.234.21
2.21.140.103
2.21.142.172
2001:4de0:ac18::1:a:1a
209.197.3.19
213.254.244.108
2600:9000:2156:600:1b:7b40:7bc0:21
2600:9000:2156:8c00:16:e423:f180:21
2600:9000:2156:c00:8:48e:53c0:93a1
2600:9000:21f3:9a00:b:5584:2800:93a1
2600:9000:2315:4200:13:fb92:3480:21
2600:9000:2315:d000:18:1fcd:34f:cdc1
2606:4700::6810:125e
2606:4700::6810:f015
2a00:1288:80:807::1
2a00:1450:4001:800::2002
2a00:1450:4001:800::2006
2a00:1450:4001:808::2002
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2001
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9c
2a02:26f0:6c00:1b8::11a6
2a02:26f0:6c00:286::4469
2a02:26f0:6c00:2b9::11a6
2a02:26f0:6c00::210:ba13
2a02:26f0:f7::5c7b:e1d5
2a04:4e42:600::282
34.149.12.213
35.201.98.64
35.244.159.8
37.157.5.72
37.157.6.242
37.252.172.249
52.20.68.233
52.4.120.17
70.42.32.95
85.14.248.71
99.80.96.31
002c90a33ca74b008e98a2388bac0da580bef2b34216e85747f4bf49eb4da38a
0069c4e8f50de07f23bd6f728799056532afe37d36be546fc40dbf2cf1095150
03733b458e8a52a5873e4824f7cb676de09a2eb447bdcecf82a0692503fc78cc
046dede87f053b8cc0cbee1bf82d2a8c391399c14a639d6e8741f4247b699917
04d39a42ef9a588202b02e7216b5f6ed936f70bead12a31828ac88fd4a5831a1
09e286f573860f775f315525e9ffdc9935d2f87471cb01435637a2e150a3caf4
09e4f0b788966ce2b1bf0a3c5af62dd6179e29662299e37e64f6a05c2af6b5f4
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc44ea79e71bea23b78759ad6113a2106a0708b2db4988b73f47f3aa10f78fb
0c06e5766e1b9696087b0c6359970050c3bc508dd588bd9689a1fe80e183cfe8
0db8f9bb4df64fd6f96483cab03274c1cbdb62a2a697531d064cf9d943115c2d
11a69555f6dd33b9af83cb59a190e1d0fd4b26b7eeda0aa4d5efa5d8b56002ee
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
157b8179ab74c937e22728e76d2dc6d0333ae235687467d53c440fdfce731047
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
161c075b38c97aeeb25002131df000c893db031ba50f7fc1f42f0a671ad1424e
169ae06232bfaa9b7dca9eda994725882c01195f7a136fe15361dde537803c00
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
19d8ebd3fb98721f56f81064a3b6c8d9e34b9e679f5badd844f05ce9090f245a
1a1b1f3eb8f887bfc7093ae77d0b8842c2b97253fb8c51d8fc469f353e1cfb3b
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
1c465b4b9b5a06d44cde2f14437b6928352b48fe321b1704cd16967c2fb28c69
1d43cca6db55d1213567e72a1f0ac57acac57efec7caeda3ab8930b4c22d328a
1d4f70aafc5957ec7a2a9de9f30da42712d341f02f7e72be0d76855804b5719d
2141c6a10b876436eb2be9d078c4e7fa90944397a416e9d6191168307dcb89c5
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
2675ab1d1852f1aa30e272d7c2b1b9616e1f4771a94860e0d92bc7fca6c3c48a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a77f4223fe2163b450c8c577a5c938833adc93c580bb441c7a9ec9ee1f3c5a4
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2b6c5c61d31d9a294660a1999928903900aadb1eda143065f81b59e3c4770cfe
2c18e59e93eb33a02283c2c315cf4f25cb4f1cb19473a45a52f9e65c4e215796
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d4491c5794063de3d3a1044bd3c3cbf6747d34d48b10e4454122438b5714523
2d7861b5283e79ceb6ae9078f59c5046ecb082b59b6cc7dc070f95646aecb8ee
319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44
324a8f2a1df551c6a8ed2eebd312d7280187ed024ade9a2fb4f9295e6361441c
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
38c2d612a7fc68a57284d966c42435bc8b3c562a7732f1eeec132f5f45c0ab17
38fc426040b0a19088c3d6faa04048d509ea49d3823faa91b4ca5d94f3c1ad57
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3aa0ef56b02fb8a40c3c5bd89076b9ddc6f55b9c5b805d9771c8f1bc750c1acf
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3e072a40ac7b8d13ac916ea7414702ef308c98d0b3d53835a361ffff11a4fcaa
42a88a56168740aa8af444f2b42c47a4ea0962ec3c5985c717dd7854df326898
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4522588ecbb4ba3fe764e3aee7f4303e880f007bee2906025f8471bf7c335a55
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
473e041c6faf7b1b3f4ca63228ae902b67142a86e2ef5d1adb7659bcd7db27ef
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
4930d090eb385f7b03e9e79bf389ccc7befad74c5be85692f3d6a832f48b39ae
4a1beabf3a75c1d6d0917d7bc35e4b54131d9ecb133001a3cc29aee965b3f9ce
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5e0ea8ae844b27f192ba38284e14e1958a0a2ecc08124430c931b2e1e0c4e1
4c177e4e7d46fc0cd191cfd21e1d4fb24229e5c03e491cec02b6a4cd1c459ded
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5421be34bc9ac3564a6daa35c769d13876e5fa7c4a5ed4892e9e8c65d31c1e27
542a73016aea19163e9fa7931c12a02806874d967cbffa64908c75b9462889a6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
555e3bb894a81d951e881702b3715c04e40b327fbec9e1bfcea66f69492f1993
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563825459964839d27a239a965f359e5ff2172bf45e57a85db7096e4820c194d
57bf0e71adfbbc815611563e7fca2f6d1017057728486873cd3f4f4372b6bd20
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
5adbf6c2a05d195c91117d53cac039827afcfa3ccb699b99cd995ed764172480
5ae398cfc88ead19ce0e3eee4e48bcbf814ffcd4e10aaba6095fc3deb05ac2e7
5c91b59635f79a10b1f383ac63524d5c58e554a1e755f6d356f602617b8b6d38
5dd25bbd5d0d2910b0f0bbed74ea0af498db3b45ca8425d8f26ff41f001e2734
5df70918fe0203eaa3abfc9ae9fabe521e9fdd1be084bbe02128352ce4feb36d
5e3d701d3a557876b5ccb085f100bbc3cc97ce49a3a87671a01cfb6000ede5ef
5ed7af905469d16428f0437f03f8eb717083496dd9c9a548c5274d492ddd8a8e
5edea351ddb007fa060f3f28a672ed5b46fe0e4736597e172587f6a2c08ea6af
61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6206823ece3aeb65eb7ba918f096d683b67a8848407378847b1f22551ab8721d
635c802f93cbfeb063c4317421d187fc2c3087b714b7c7c92ed6ac8ad50b497d
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
641527a5cf4838c96126427f0451507debed6fcabe8f01403e8ce00aa6975422
6517e5e28d5e825c8ebf5cdc89d11fe8a3f4d3ebcf41d022bdf96df456b847bd
6595795684d7b04d54df877c169a11398e49dc19dfbcc462fcddb2e9429743ee
6599efc9733b1cc77e86041522e867b57d40e5865c799bcc16f9ebad194bddd0
65b548c1926d6590653cd1bed63e6a6963e8a24d2cabb85378b04ae0d5aa72d1
65d2ed0e57665b991b91e0e3d404da772afdf5762660666980a58997ce6b7d46
66a5d47b7ea8649f6e8c642e4d55a4e84054f07fadd5f64447a40517da0067a9
67bc704da2f2bf441d64ff6b976be17b447980b31fdc336849006a6cbbf2ca80
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
69e9f9b0366232b8cd1aacab480e708420b7b54a83828b8683403f70ae751522
6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c04bace028d6ab6f66d92c6dfbc9f2c8c954d16a70533baefa684438e4d7eb2
6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba
6f227fd2fa39124019ba277873910301281c96b0d40e5534baa3e10a0e893c86
6f8175051b2e95174c336a771e14d48b832c609e1114de764a63a837190ad6c6
7300df182e6249faf80b77095619368019fd9c32494db0f78f31e54725872b69
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
754502151860bc5835b3f051723b4fd325c9321abca97c217e0b2030377d9abd
788b11c5b2b9a6b6907cf4a2362898b0580d45cd9c745ee5d13bb27eadfaa5d9
799b699c0ca5def5067d2bb9d39412d50a1436453dbb92d7f3d03bcfda3381e4
79df4b9b16a849180c6bed8575249f06bbd1c14d5de0062718b453277ccbb249
7b8d61fc1f99eb8f9ddf41a0d414c0dd771c895a833ec90ffe4283e8c7516754
7d1076973062c58419caff8383060413c979f7a71fc44e469fcb6164da5ca0af
7e6fd831ca78dcad780d33b5c53acb9e5f70b6673ab7f74b869502baeb9db7a8
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
82bee44931611b10334fc1449c8d760ddfc277bc70c79b52840291c7880571fd
82dc86f1b6f88910607b82c9e11ffbc39c15400f7aab015f2db39f2725de18a5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ee35b37f8eea33523da353352ad2646b546fc84ed5f4835fcb0fbd6b01112d
85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592
881d352cbad39cf29fbc74560e4398418ac514758d333a255d07d1c2de1c5bb6
8914a689b4c6bc3492109d491272e1c4139c3678b88c42acfa2ffb17f47e5583
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8b85c98e9da4961713402f1224ffa50773230054f402a53760c6704f4e6a8d9f
8bd299c13efefdc6b12501dfcc67dfaa56e094acb7194e760b1d9c07236315d6
8c38e538fe0450470efda32d2b97eb48c4a0019639e6f231928f30235dd78d61
8ec8816fd93a3368f17e59169d5cec08dae452a6ebc814c8e2ae08397a03b4af
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
90de3732af4273d119c1d5006b29ac39cf3f9a8f0a1d0e54c8d7d0ae7388cbb0
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
942eb33e5f9459667b4fcdb7ddfad2cea5180f44d5e1836782a539639cb740a2
95adf7d489d15ed120c59aeac34a91eda25f46548b849a6616bee813282fd25b
95b54187e9ca212028fb8de496c55c4c134832450d7b479b2108c9c360dc57e9
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9baa6632f1ef7609f2d394ea2d4b1397c5cec4de88c0e04530a786fe03171ab3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a009f90bfa2d1d172769b3135166963b3b6e6750dbfb5d67e7b0c26c250be3d2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a082bfd96630ab857ec08e4e0055175aae987aea275d450f048ec3fee5de5383
a16d7d9c749cdb983d979577b9f98952cec2852b638f93281dc2042eeb45cf17
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a25fd8b68d455ab4cf5e8aa67634e4db1dcdf7b7cf00bab78d4f6f866bae829c
a28b9871dc80175bbb6cbaadf100abc925d5e106f0254c8f8a13d34141d90bfa
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907
a426789334de7ce0c04b8a9626a673aeaa8748406b749031b19c9f3ddd7621c1
a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ae2ce33b77cb5febebb5a61d02e33520aba86a1eb03e1fa3b898b73b6fd167
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9180a2a18c07387a00346245fee4d8ccfedb34a54f8c5b4e01ef54ab5931194
ac561c3363efee9a9eaa67024d1f738cbb4d5caada7ee1b9f052378781c14d38
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
b061038dc339511f2d02b4e83190d4487c2806b6ed7c033edc81bc726d455650
b0fa0a084d986ea46a73ac865b912ff4d9030245e2db02218356fbb932e78cf8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29a8f5cd6937592b2aad723385204b0633d519300ef632cf8361d1b47e72553
b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea
b5d425220afc085669880ac905242ceee9f534e2c36d7521b27905410511a7f3
b5f2fbaa7db64a5469bd1ce623e892f94f6a195a5ce06054a1a9b621ba3fe574
b742003f99ec29e33da2364954f0a7d9fb66ba9bf3d03dc1cf9516ce418e6f8f
b7b96cd8e231c8dbbc4687987fc0a1f0b7d6274faa03d4a8595aa101bc7bfb39
ba2079aa9138b37a21f77b8dc51a0db401c136dc72e56c43891d6de5020ea217
baea5caffda9109fe3fe251376d60a25ea43c846fa7bb8dc4b15da44a78c6760
bf10f35cce0088067c3b98bc2d27aad12f5503c067aca690286d11eb0ec1143f
bfed3bcd77bd1104ac98f990b482b38ea52a31141e929b2ad7d39f3ff0b65747
c123bd5216a9b8431b7d5520d5eec306d0b6f5602134487bde23af2c82b90773
c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99
c299cd7441c413e1fe1d6906628f36bdc1142e35fb5907ce8fefa36213db2dda
c38e328a42911cae0102611bde3db6f1eba9f60ce4d1cf0e656d4ab1352d18c7
c7bf4752dbdffa34676c24001c158ccec95d09708252c7ea385f0aa00b263c33
c900978f11e67c99baad6d4a98db63cbaf49d907560c883ecd068b79303dd2ea
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cab17e1c37a6ac411cb3a867b60c1bf5dcecb2bfa440c728d64388d2ec0e3e2e
cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfdacb1dc700f918dd1fca5b2f16b0917d54ea09531016a3748a3facdfd07de1
d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1ecee6eadd58d0146a09227fec14d6478149449691c5e546c30ec4d39cb9970
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
d402b35e6e0d996cc57dfb1f40a87b672f1eb4dfe0744da6d9c40b0d26592815
d4cca151da580d8c4eff92b9f0075f84d436ce2408ca54179bda81f07fdca867
d56a6f820da8de785e7da4c4c69ffe59d013ae3160ed5b34e6773f884b52fe38
d8fbc8557204270cef240073623ca7581c5ac5663313d4b7f91ac99fd7a9c710
d94aca6f682b0c630bc85f2aa17ad1dcb0e2c5ec55f2971dc184eccbf4049299
da4042880d03ed14f6aedf0c25d73ea98826d041555391d132b8e8e4eb1930e1
dc1279ca75f43a22f2305d76b685e99c5dd06c45cdc34c4cca9a313c69f851e0
dc57c29e27c99776495430eb5ef3945daff99a9d4bf3d6cff4ceb72e7242dbfb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64
dfa21f9c7e496615193ca9cc443137046c579369a5323689754bf20c27c39379
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e377f45560dc589f8f44a8dae6a9f3d6a87c5e654f6aef4ce773752c2195fe83
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b11ce2fe498f79b397901e6ed1da1f104e87a9b25707e342b78ef85c4a791f
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
e5be30616d437d2baf9041a6648598542ae30fed30d261b002266e5d58969685
e96adab45ba37580e6018c0a1fec84ee85497e67aac1dba805c27a38b03907e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1982828d76f0f84b5662fb5ef66a547ca7f37e6f86d87d217052f3e2040160e
f2df2303611fcbcfcdc00adadff13e59ed7d7c88f51fceb1c37095484742dedc
f352eb752b1e2a3fe457f6c802f310cf30ccc462cf112e21d7207c545771757a
f5821582ee10c00612a1a1b8d776402e56e64b977d8eb0be314474963def7931
f75cedbe094455da5a5609d8de23d5b44138ae9df2d9963b39782e9af8b18ce6
f7e4cd484572b86d412f6dc69a7384dd519e31a646cb3aa95ede3077ef5517f0
f93264606087b4c1dd4e0bb8bf2ed92549c53fe8b5f095d214c4e72a765f5482
f9eb6c867550109c6cce3fd0c4b4cde28024919576f6149ebf86ca27d7f74fbb
fd5285c9933b6b97cab12ce3d118aebfb3f0bd77cd1ee264356c8b8587b0853b

www.fox19.com Open in urlscan Pro 2a02:26f0:6c00::210:ba13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

317 Requests

95 %HTTPS

49 %IPv6

40 Domains

69 Subdomains

62 IPs

7 Countries

5851 kBTransfer

14288 kBSize

39 Cookies

31 Outgoing links

Redirected requests

317 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.fox19.com Open in urlscan Pro
2a02:26f0:6c00::210:ba13 Public Scan

Screenshot
Live screenshot

Full Image

317
Requests

95 %
HTTPS

49 %
IPv6

40
Domains

69
Subdomains

62
IPs

7
Countries

5851 kB
Transfer

14288 kB
Size

39
Cookies

317 HTTP transactions
9 data transactions