www.sltrib.com Open in urlscan Pro
2a02:26f0:10e::5435:a1f0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://link.3blmedia.com/ls/click?upn=U6uMdUiGorMQswyq-2F5baT0WpZw8lNtA4E46bG95ZwjhHaI9ETCVADR2fePQb7p1YV-2Foj8aHQMlILNbu...
Effective URL:
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Submission: On September 06 via api (September 6th 2022, 4:24:54 pm UTC) from US — Scanned from DE

Summary HTTP 140 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 45 IPs in 4 countries across 33 domains to perform 140 HTTP transactions. The main IP is 2a02:26f0:10e::5435:a1f0, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is www.sltrib.com. The Cisco Umbrella rank of the primary domain is 176749.
TLS certificate: Issued by R3 on August 25th 2022. Valid for: 3 months.

This is the only time www.sltrib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.83 167.89.118.83	11377 (SENDGRID) (SENDGRID)
31	2a02:26f0:10e... 2a02:26f0:10e::5435:a1f0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	35.244.156.29 35.244.156.29	15169 (GOOGLE) (GOOGLE)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
2	2.21.185.80 2.21.185.80	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223c:be00:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223c:d800:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223e:5400:13:a391:88c0:21	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::681a:c56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:ea:... 2a02:26f0:ea:492::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::714	54113 (FASTLY) (FASTLY)
2	2606:4700:303... 2606:4700:3030::6815:251b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1 11	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::681a:18b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::ac43:bf95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:b7b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.21.185.176 2.21.185.176	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.160.55.69 54.160.55.69	14618 (AMAZON-AES) (AMAZON-AES)
5 10	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	207.198.113.230 207.198.113.230	13768 (COGECO-PEER1) (COGECO-PEER1)
1	66.155.71.189 66.155.71.189	13768 (COGECO-PEER1) (COGECO-PEER1)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	35.201.71.192 35.201.71.192	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:2a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	64.202.112.31 64.202.112.31	23352 (SERVERCEN...) (SERVERCENTRAL)
7	2606:4700::68... 2606:4700::6811:b8b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
2	69.16.220.201 69.16.220.201	32244 (LIQUIDWEB) (LIQUIDWEB)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	52.222.236.21 52.222.236.21	16509 (AMAZON-02) (AMAZON-02)
1	54.149.23.244 54.149.23.244	16509 (AMAZON-02) (AMAZON-02)
3	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
5	18.220.118.246 18.220.118.246	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:b9b1	() ()
140	45

1 167.89.118.83 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x83.outbound-mail.sendgrid.net

link.3blmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a02:26f0:10e::5435:a1f0 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

www.sltrib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.156.29 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 29.156.244.35.bc.googleusercontent.com

sltrib.coral.coralproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.185.80 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-185-80.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:be00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:d800:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:5400:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)

d3plfjw9uod7ab.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:c56 (United States)

ASN13335 (CLOUDFLARENET, US)

www.queryly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ea:492::11a6 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:251b (United States)

ASN13335 (CLOUDFLARENET, US)

analyticssystems.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

8208269.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8234312.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.2.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:18b (United States)

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:bf95 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:b7b1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.185.176 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-185-176.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.160.55.69 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-55-69.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 66.155.71.150 (Portsmouth, United Kingdom) 5 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-a.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.198.113.230 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

clickserv.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.189 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

clickserv.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.71.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.71.201.35.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.31 (Lovettsville, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:b8b1 (United States)

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.220.201 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host3.utahdigitalservices.com

local.sltrib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-21.fra56.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.149.23.244 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-23-244.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.220.118.246 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-220-118-246.us-east-2.compute.amazonaws.com

capi-tier-2-us-east-2.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b9b1 (None, )

ASN- ()

id.sltrib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	sltrib.com www.sltrib.com — Cisco Umbrella Rank: 176749 local.sltrib.com id.sltrib.com	1 MB
19	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 4881 cds.connatix.com — Cisco Umbrella Rank: 5200 capi.connatix.com — Cisco Umbrella Rank: 5280 ins.connatix.com — Cisco Umbrella Rank: 6875 capi-tier-2-us-east-2.connatix.com — Cisco Umbrella Rank: 6475 vid.connatix.com — Cisco Umbrella Rank: 6241 img.connatix.com — Cisco Umbrella Rank: 5932	425 KB
11	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	98 KB
10	tinypass.com experience.tinypass.com — Cisco Umbrella Rank: 8266 cdn.tinypass.com — Cisco Umbrella Rank: 6841 buy.tinypass.com — Cisco Umbrella Rank: 5556	379 KB
8	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226 8208269.fls.doubleclick.net — Cisco Umbrella Rank: 448238 8234312.fls.doubleclick.net — Cisco Umbrella Rank: 451533	160 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 2812 q.stripe.com — Cisco Umbrella Rank: 23470 m.stripe.com — Cisco Umbrella Rank: 2345	83 KB
6	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 5522 clickserv.sitescout.com — Cisco Umbrella Rank: 36710	649 B
6	basis.net 6 redirects pixel-a.basis.net — Cisco Umbrella Rank: 28446 clickserv.basis.net — Cisco Umbrella Rank: 88369	401 B
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 480 imasdk.googleapis.com — Cisco Umbrella Rank: 456	835 KB
3	queryly.com www.queryly.com — Cisco Umbrella Rank: 16338	16 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1628 mab.chartbeat.com — Cisco Umbrella Rank: 3129	25 KB
3	coralproject.net sltrib.coral.coralproject.net — Cisco Umbrella Rank: 345955	35 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 3015	16 KB
2	google.de 1 redirects adservice.google.de — Cisco Umbrella Rank: 5202	1 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 142	1 KB
2	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1356	401 B
2	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 4265 log.outbrainimg.com — Cisco Umbrella Rank: 2588	787 B
2	pub.network a.pub.network — Cisco Umbrella Rank: 8453 d.pub.network — Cisco Umbrella Rank: 9025	61 KB
2	analyticssystems.net analyticssystems.net — Cisco Umbrella Rank: 18324	542 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	135 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	39 KB
2	osano.com cmp.osano.com — Cisco Umbrella Rank: 10116	94 KB
2	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1474 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3337	72 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 350	17 KB
1	piano.io c2.piano.io — Cisco Umbrella Rank: 5229	3 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 870	355 B
1	t.co t.co — Cisco Umbrella Rank: 600	338 B
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 5861	3 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 996	15 KB
1	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1818	51 KB
1	cloudfront.net d3plfjw9uod7ab.cloudfront.net	66 KB
1	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 2308	2 KB
1	3blmedia.com 1 redirects link.3blmedia.com	267 B
140	33

	Domain	Requested by
31	www.sltrib.com	www.sltrib.com
11	cdnjs.cloudflare.com	buy.tinypass.com
8	buy.tinypass.com	cmp.osano.com d3plfjw9uod7ab.cloudfront.net buy.tinypass.com cdnjs.cloudflare.com
6	img.connatix.com
5	capi-tier-2-us-east-2.connatix.com	cd.connatix.com
5	pixel.sitescout.com	www.sltrib.com 8234312.fls.doubleclick.net
5	pixel-a.basis.net	5 redirects
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
3	q.stripe.com	www.sltrib.com
3	js.stripe.com	buy.tinypass.com js.stripe.com
3	cds.connatix.com	www.sltrib.com cd.connatix.com d3plfjw9uod7ab.cloudfront.net
3	8234312.fls.doubleclick.net	1 redirects www.sltrib.com adservice.google.com
3	www.queryly.com	www.sltrib.com
3	securepubads.g.doubleclick.net	www.sltrib.com securepubads.g.doubleclick.net
3	sltrib.coral.coralproject.net	www.sltrib.com d3plfjw9uod7ab.cloudfront.net
2	ins.connatix.com	cd.connatix.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	local.sltrib.com	buy.tinypass.com
2	adservice.google.de	1 redirects adservice.google.com
2	adservice.google.com	8208269.fls.doubleclick.net 8234312.fls.doubleclick.net
2	ping.chartbeat.net	www.sltrib.com
2	8208269.fls.doubleclick.net	1 redirects www.sltrib.com
2	analyticssystems.net	www.sltrib.com d3plfjw9uod7ab.cloudfront.net
2	www.googletagmanager.com	www.sltrib.com cmp.osano.com
2	www.google-analytics.com	www.sltrib.com
2	cmp.osano.com	www.sltrib.com d3plfjw9uod7ab.cloudfront.net
2	static.chartbeat.com	www.sltrib.com
1	id.sltrib.com	d3plfjw9uod7ab.cloudfront.net
1	s0.2mdn.net	imasdk.googleapis.com
1	vid.connatix.com	cd.connatix.com
1	capi.connatix.com	cd.connatix.com
1	m.stripe.com	m.stripe.network
1	log.outbrainimg.com	d3plfjw9uod7ab.cloudfront.net
1	c2.piano.io	d3plfjw9uod7ab.cloudfront.net
1	cdn.tinypass.com	cmp.osano.com
1	d.pub.network	d3plfjw9uod7ab.cloudfront.net
1	analytics.twitter.com	www.sltrib.com
1	t.co	www.sltrib.com
1	clickserv.sitescout.com	www.sltrib.com
1	clickserv.basis.net	1 redirects
1	widget-pixels.outbrain.com	www.sltrib.com
1	tcheck.outbrainimg.com	d3plfjw9uod7ab.cloudfront.net
1	experience.tinypass.com	cmp.osano.com
1	www.npttech.com	cmp.osano.com
1	a.pub.network	d3plfjw9uod7ab.cloudfront.net
1	cd.connatix.com	1 redirects
1	ajax.googleapis.com	d3plfjw9uod7ab.cloudfront.net
1	static.ads-twitter.com	www.sltrib.com
1	mab.chartbeat.com	static.chartbeat.com
1	s.go-mpulse.net	www.sltrib.com
1	d3plfjw9uod7ab.cloudfront.net	www.sltrib.com
1	widgets.outbrain.com	www.sltrib.com
1	js.adsrvr.org	www.sltrib.com
1	link.3blmedia.com	1 redirects
140	54

This site contains links to these domains. Also see Links.

Domain
www.forbes.com
givingpledge.org
twitter.com
www.facebook.com
www.instagram.com
www.youtube.com
sltiservices.navigacloud.com
store.sltrib.com
archive.sltrib.com
apps.apple.com
play.google.com
www.queryly.com

Subject Issuer	Validity	Valid
sltrib.web.arc-cdn.net R3	`2022-08-25` - `2022-11-23`	3 months	crt.sh
sltrib.coral.coralproject.net GTS CA 1D4	`2022-08-08` - `2022-11-06`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
cmp.osano.com Amazon	`2022-09-02` - `2023-09-30`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-07` - `2023-04-07`	a year	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.analyticssystems.net E1	`2022-08-02` - `2022-10-31`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.pub.network Go Daddy Secure Certificate Authority - G2	`2022-03-19` - `2023-04-20`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2022-04-27` - `2023-04-26`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-08-31` - `2023-01-10`	4 months	crt.sh
local.sltrib.com cPanel, Inc. Certification Authority	`2022-08-09` - `2022-11-07`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-15` - `2022-11-13`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-11` - `2022-10-19`	3 months	crt.sh
id.sltrib.com Cloudflare Inc ECC CA-3	`2022-07-30` - `2023-07-30`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Frame ID: 17A2CB2553A915C16133E59C9C257EAE
Requests: 87 HTTP requests in this frame

Frame: https://8208269.fls.doubleclick.net/activityi;dc_pre=CJbJv5TKgPoCFRFNHgIdR0UP8w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908
Frame ID: EDDA0381AA867E3135A89FB00A68AADA
Requests: 1 HTTP requests in this frame

Frame: https://8234312.fls.doubleclick.net/activityi;dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908
Frame ID: 8FBE2F7C576B6D8A0D397D573653FF4D
Requests: 1 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 47C8EB1CB873E747D7F29F37D33DFE21
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/180443/connatix.playspace.dc.js
Frame ID: 766FDE5F9FA3289F9614BD3722F2F352
Requests: 13 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 04EF5593BFC92E546F0C5096C20B2D2C
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: A210B12C8FFEDE82A11CB50F25D389A6
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJbJv5TKgPoCFRFNHgIdR0UP8w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Frame ID: D73AC80B7F409F24F466D0508F5CE915
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Frame ID: 1590112F2C789A1E27D476640E968F51
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJbJv5TKgPoCFRFNHgIdR0UP8w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Frame ID: 5AF51374D404C9921616F68905284293
Requests: 1 HTTP requests in this frame

Frame: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Frame ID: B08A7A25FA305097887429689C87343D
Requests: 2 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: BF9BAEF3FD077E5719DE7183B519C520
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Ii8Ac&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1006896152.1662481489&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=9bb2233457
Frame ID: C1D485D9BE51FE8A0B9D1943C5E9B354
Requests: 20 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-e52e635988f6f4658a329b4b948f1007.html
Frame ID: AA4325F29DE5CFB0878E381093A0EB8E
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: A7DF343E626883A340996E47C052BF3F
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: D0EE072D79E6457C77720D3B8DAA2E8B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 33AFA5727DFCDFA5F93636A3CAAE9588
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 635FC3F036DA26F098DD936FC3ADBDE4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Richest Utah native vows to give away 90% of his billions

Page URL History Show full URLs

http://link.3blmedia.com/ls/click?upn=U6uMdUiGorMQswyq-2F5baT0WpZw8lNtA4E46bG95ZwjhHaI9ETCVADR2fePQb7... HTTP 302
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/ Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

140
Requests

94 %
HTTPS

50 %
IPv6

33
Domains

54
Subdomains

45
IPs

4
Countries

3790 kB
Transfer

12954 kB
Size

19
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.forbes.com/profile/jeff-green/?sh=75ba8d574b3c
Title: net worth pegged at $5.7 billion

Search URL Search Domain Scan URL

URL: https://givingpledge.org/
Title: The Giving Pledge

Search URL Search Domain Scan URL

URL: https://www.forbes.com/sites/andrewcave/2014/06/23/giving-to-your-church-doesnt-count-jon-huntsman-snr-and-twitters-biz-stone-on-new-philanthropy/?sh=7cf63c963e11
Title: Jon Huntsman Sr.

Search URL Search Domain Scan URL

URL: https://twitter.com/religiongal
Title: Follow @religiongal

Search URL Search Domain Scan URL

URL: https://www.facebook.com/saltlaketribune/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/sltrib/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sltrib/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/sltrib/
Title: YouTube

Search URL Search Domain Scan URL

URL: https://sltiservices.navigacloud.com/cmo_slt-c-cmdb-01/subscriber/web/startoffers.html
Title: Subscribe to print + digital

Search URL Search Domain Scan URL

URL: https://store.sltrib.com/
Title: Store

Search URL Search Domain Scan URL

URL: https://archive.sltrib.com/
Title: Archives

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ai/app/salt-lake-tribune-eedition/id995297003
Title: APP STORE

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.saltlaketribune.android.prod&hl=en_US&gl=US
Title: GOOGLE PLAY

Search URL Search Domain Scan URL

URL: https://www.queryly.com/
Title: search by queryly

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://link.3blmedia.com/ls/click?upn=U6uMdUiGorMQswyq-2F5baT0WpZw8lNtA4E46bG95ZwjhHaI9ETCVADR2fePQb7p1YV-2Foj8aHQMlILNbucMrO1ohwbB6vTVfz-2BKIS-2Bp2UTJOQ-3D3mJN_xK1japI3Lshn3uPvI4t5LmGGWY3WhQZ3zBG16HO9d4sCDUzpUc0dybqxoutza8Pr-2BMejf637Zv9LWV0uytbFEw6T7dhINV1uIaoTGI5WvJdUfzLjJX2k-2BB564Aj3GH6SxuDAIjBs6gzsle7Z-2B1xuWjPsYEQfTkXSujfJBwk8D4BpAIhQ-2BT3dPD8tOfs7bsgrnwu697AeGJYaRzX25Tr3YOcmg6bYHIdOVYa9YaZgATI-3D HTTP 302
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://8208269.fls.doubleclick.net/activityi;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908 HTTP 302
https://8208269.fls.doubleclick.net/activityi;dc_pre=CJbJv5TKgPoCFRFNHgIdR0UP8w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908

Request Chain 44

https://8234312.fls.doubleclick.net/activityi;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908 HTTP 302
https://8234312.fls.doubleclick.net/activityi;dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908

Request Chain 49

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/180443/connatix.playspace.dc.js

Request Chain 64

https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
https://pixel.sitescout.com/dmp/asyncPixelSync

Request Chain 65

https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
https://pixel.sitescout.com/dmp/asyncPixelSync

Request Chain 66

https://pixel-a.basis.net/iap/dda8255d32e6482d HTTP 301
https://pixel.sitescout.com/iap/dda8255d32e6482d

Request Chain 67

https://clickserv.basis.net/conv/1ea036853c174e3a HTTP 301
https://clickserv.sitescout.com/conv/1ea036853c174e3a

Request Chain 78

https://adservice.google.de/ddm/fls/i/dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/ HTTP 302
https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Request Chain 83

https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
https://pixel.sitescout.com/dmp/asyncPixelSync

Request Chain 84

https://pixel-a.basis.net/iap/9f30138796dc7a6a HTTP 301
https://pixel.sitescout.com/iap/9f30138796dc7a6a

140 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Redirect Chain

http://link.3blmedia.com/ls/click?upn=U6uMdUiGorMQswyq-2F5baT0WpZw8lNtA4E46bG95ZwjhHaI9ETCVADR2fePQb7p1YV-2Foj8aHQMlILNbucMrO1ohwbB6vTVfz-2BKIS-2Bp2UTJOQ-3D3mJN_xK1japI3Lshn3uPvI4t5LmGGWY3WhQZ3zBG1...
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

321 KB
62 KB

547ms
122ms

Document
text/html

2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

1b8d3a2955437b5e48474e4eed7ea33591941f2abb5d3d5de9175022d8f5b029

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-true-ttl: 130 -1
arc-country: DE
cache-control: private, max-age=60
content-encoding: gzip
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-type: text/html; charset=utf-8
date: Tue, 06 Sep 2022 16:24:47 GMT
etag: W/"4f000-KEZe57Okj4nCKaSOIsCd16epY1k"
expires: Tue, 06 Sep 2022 16:25:47 GMT
last-modified: Tue, 06 Sep 2022 16:23:40 GMT
link: <https://sltrib.coral.coralproject.net>;rel="preconnect",<https://js.adsrvr.org>;rel="preconnect",<https://www.queryly.com>;rel="preconnect",<https://static.chartbeat.com>;rel="preconnect",<https://cmp.osano.com>;rel="preconnect",<https://a.pub.network>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://ajax.googleapis.com>;rel="preconnect",<https://cdn.p-n.io>;rel="preconnect"
server: openresty
server-timing: cdn-cache; desc=HIT edge; dur=60
strict-transport-security: max-age=86400
vary: Accept-Encoding
x-akamai-transformed: 9 59395 0 pmb=mRUM,2

Redirect headers

Connection: keep-alive
Content-Length: 87
Content-Type: text/html; charset=utf-8
Date: Tue, 06 Sep 2022 16:24:47 GMT
Location: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 main.css
www.sltrib.com/pf/resources/css/ 113 B
730 B 1ms
0ms Stylesheet
text/css 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/css/main.css?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

668c0ef605758b2a28ae572680986554e0097e2f10a749db8316b3cb1574806c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 06 Sep 2022 16:24:47 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: MX4JFREDQHESG0GY
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 88
x-amz-id-2: zI6SL80r5QXhtdNTzgS6fZRr0O0qa0BliPZs3WKE9ydfSntVLexImLf4Px4IPdC4FFFnXbkb7FM=
last-modified: Wed, 31 Aug 2022 15:46:52 GMT
server: openresty
etag: W/"c07ed12e990cf688bbb98cbc27f198a8"
strict-transport-security: max-age=86400
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:47 GMT

GET
H2 200 carousel.css
www.sltrib.com/pf/resources/css/ 4 KB
1 KB 2ms
0ms Stylesheet
text/css 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/css/carousel.css?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

93fc8b658124ff5537f0f4d764d1ab052431db7356744319851ec3b69d5c5511

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 06 Sep 2022 16:24:47 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: MX4K3FX5WHV3M23Q
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 826
x-amz-id-2: xgkyHynWyt+bEWkUdikxe6cBQA1k6fIIMiM71gKrREkeLOq3VXdz9+lLzj30PvxIqRdJGkjNQ+o=
last-modified: Wed, 31 Aug 2022 15:46:52 GMT
server: openresty
etag: W/"a967928dd3b5d82f2d2f613f61699944"
strict-transport-security: max-age=86400
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:47 GMT

GET
H2 200 count.js Show response
sltrib.coral.coralproject.net/assets/js/ 4 KB
2 KB 82ms
26ms Script
application/javascript 35.244.156.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sltrib.coral.coralproject.net/assets/js/count.js

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.156.29 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

29.156.244.35.bc.googleusercontent.com

Software

Resource Hash

305705fc54f335a4cce39cb68ab059e7202c19f0ff03d3336ebd3e6fcdcf0518

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
age: 254
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1688
x-xss-protection: 1; mode=block
x-trace-id: 996250a0-2dd3-11ed-b21c-196744fc9a32
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Jun 2022 14:32:05 GMT
date: Tue, 06 Sep 2022 16:20:33 GMT
vary: Accept-Encoding
content-language: en-US
via: 1.1 google
cache-control: public, max-age=1800, s-max-age=604800
etag: W/"698-18143bace88"
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8

GET
H2 200 embed.js Show response
sltrib.coral.coralproject.net/assets/js/ 57 KB
17 KB 100ms
21ms Script
application/javascript 35.244.156.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sltrib.coral.coralproject.net/assets/js/embed.js

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.156.29 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

29.156.244.35.bc.googleusercontent.com

Software

Resource Hash

01d6fdcdfb196cb3a9e6d29c26f16be5449973ea5801c8a19812e62edc8b1375

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
age: 1018
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17051
x-xss-protection: 1; mode=block
x-trace-id: 0dfd2370-2dfe-11ed-b2ba-2dec812169b1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Jun 2022 14:34:40 GMT
date: Tue, 06 Sep 2022 16:07:49 GMT
vary: Accept-Encoding
content-language: en-US
via: 1.1 google
cache-control: public, max-age=1800, s-max-age=604800
etag: W/"429b-18143bd2c00"
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8

GET
H2 200 freestar.js Show response
www.sltrib.com/pf/resources/js/ 880 B
832 B 71ms
60ms Script
application/javascript 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/freestar.js?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

3b4afadbde544c4bcff673c56233c2aebf3acbe475a895594a0c5c58f2a444a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 06 Sep 2022 16:24:47 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: MX4GNS9PZJJQ3173
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 230
x-amz-id-2: 0JYoQug8ZYWWGXSx1uthUO1LDUeHAE3/Ngj9iZTy+/uaEaWRisv/+aSNDkm6qmb3vUvaoq9ECNk=
last-modified: Wed, 31 Aug 2022 15:46:52 GMT
server: openresty
etag: W/"bea3d0c47bbb5defb8fe4ee310451f0e"
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:47 GMT

GET
H2 200 react.js Show response
www.sltrib.com/pf/dist/engine/ 267 KB
83 KB 81ms
70ms Script
application/javascript 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/dist/engine/react.js?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

e9ad5095294ab16f4e0f967319567e84e699412d08bdde3986ea4dd21a9825b6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 06 Sep 2022 16:24:47 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: MX4P2GQQ1S9HKXNS
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 83872
x-amz-id-2: JzbOqDXVddcwfJMIM9P+x7AlbmYk+IDD1NAXDCT3EOyU+cHCi7hjFBktPWATF3wUxDj7464XteA=
last-modified: Wed, 31 Aug 2022 15:46:53 GMT
server: openresty
etag: W/"b2c5c2b72393a907c4caabbeb5e54434"
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:47 GMT

GET
H2 200 default.js Show response
www.sltrib.com/pf/dist/components/combinations/ 3 MB
817 KB 92ms
82ms Script
application/javascript 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/dist/components/combinations/default.js?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

b4ea7becb73ec15a833c3b07af42d783b6d659be85365d1b7b2a3698d412d3e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 06 Sep 2022 16:24:47 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: MX4Y21S7X9EN3FZB
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 834266
x-amz-id-2: 9U98LS66bZuSIZCqQcLaWR4nAkWuxu4Z/w7E3ERXBj7VzYQfycaIPFCSivWVutK2xXO4q0aIVjA=
last-modified: Wed, 31 Aug 2022 15:46:53 GMT
server: openresty
etag: W/"f394c4a7f4b88b2e9bea0331a13b90ce"
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:47 GMT

GET
H2 200 default.css
www.sltrib.com/pf/dist/components/output-types/ 7 KB
2 KB 3ms
0ms Stylesheet
text/css 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/dist/components/output-types/default.css?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

faa89869b696a28906e1a4cbc76401428cc2975267b5ab83c605f683a8472406

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 06 Sep 2022 16:24:47 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: MX4RMTPH3HXCKXFR
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=5
content-length: 1418
x-amz-id-2: ImPTz1VWQk1+GI1G/bZZrHslkjmVgmJRfX1rFk5OnZTOcBQSpNchWf5NrHhkyntdybN2b+BWGE4=
last-modified: Wed, 31 Aug 2022 15:46:53 GMT
server: openresty
etag: W/"69b7c25bb75a865cc26ef59b0b9648f7"
strict-transport-security: max-age=86400
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:47 GMT

GET
H2 200 default.css
www.sltrib.com/pf/dist/components/combinations/ 222 KB
30 KB 3ms
0ms Stylesheet
text/css 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/dist/components/combinations/default.css?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a9450e83ec09f4210f388881c236376e6808d1fb46065133d390f7039629f048

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 06 Sep 2022 16:24:47 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: MX4H8XHZJBQTRAVH
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=5
content-length: 30213
x-amz-id-2: lsXNEEI8ZuF/1vNIO7VK+SfWkDeORX7IOYZbU4ULl5+cn9WjZSK4cJzXdERxXFr+CQfGwJG+zGg=
last-modified: Wed, 31 Aug 2022 15:46:53 GMT
server: openresty
etag: W/"5098d91c52a12acc2bc282549792491d"
strict-transport-security: max-age=86400
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:47 GMT

GET
H2 200 a7e1ce28-5353-4737-87a7-c7be13b28f3c.png
www.sltrib.com/resizer/A-tqhF0IJpMxJCHiHgerOt3lPN8=/60x60/s3.amazonaws.com/arc-authors/sltrib/ 1 KB
2 KB 356ms
345ms Image
image/jpeg 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/resizer/A-tqhF0IJpMxJCHiHgerOt3lPN8=/60x60/s3.amazonaws.com/arc-authors/sltrib/a7e1ce28-5353-4737-87a7-c7be13b28f3c.png

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3d9215d1b15a3a07cf0bd95f0e8e7eb715671ab34071fb9dc9cbe9c4b0b0c134

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date: Tue, 06 Sep 2022 16:24:48 GMT
x-check-cacheable: YES
arc-country: DE
server-timing: cdn-cache; desc=HIT, edge; dur=268
content-length: 1456
last-modified: Wed, 04 May 2022 19:46:33 GMT
server: Akamai Image Manager
etag: "e2c95998db39338eaff6e9b0fa3d41d5c062a3fa"
x-serial: 1294
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, max-age=29719936
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-datastream-cache-status: 1
expires: Wed, 16 Aug 2023 15:57:04 GMT

GET
H2 200 SRH374HARVDG7J2YDXSTBPPKNQ.jpg
www.sltrib.com/resizer/FjHU5FIaP5eYqU1ogalIniRrZqQ=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 3 KB
3 KB 121ms
110ms Image
image/jpeg 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/resizer/FjHU5FIaP5eYqU1ogalIniRrZqQ=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/SRH374HARVDG7J2YDXSTBPPKNQ.jpg

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c1da96c3d42f7caf85fcf6e884d721b8417efd123ac21d75865ce6825d62b30c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Tue, 06 Sep 2022 16:24:47 GMT
last-modified: Sun, 04 Sep 2022 14:12:05 GMT
server: Akamai Image Manager
arc-country: DE
etag: "c93591ef44afab11dce0c575b3f4a2ddfa4febe2"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31355240
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 2752
expires: Mon, 04 Sep 2023 14:12:07 GMT

GET
H2 200 I2ZSZXWWHRERROCHLPYZMWUBHQ.JPG
www.sltrib.com/resizer/iHoxehEZYWzHUJQn8rA3nX1nlDQ=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 4 KB
5 KB 135ms
125ms Image
image/jpeg 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/resizer/iHoxehEZYWzHUJQn8rA3nX1nlDQ=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/I2ZSZXWWHRERROCHLPYZMWUBHQ.JPG

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

387aa7a6738013f6870e894b7fe403851bc07a70bce38ae776ee2de49cad8c5c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date: Tue, 06 Sep 2022 16:24:47 GMT
last-modified: Sun, 04 Sep 2022 13:03:59 GMT
server: Akamai Image Manager
arc-country: DE
etag: "e924a5cc4f8e215a384f730fe3fd02b954f09a16"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31351273
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 4515
expires: Mon, 04 Sep 2023 13:06:00 GMT

GET
H2 200 F4UE737FVJCBXCRPIEUSDQHVEQ.jpg
www.sltrib.com/resizer/4csdV-wDAz_S9P3PfCt8t8km_O0=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 5 KB
6 KB 140ms
130ms Image
image/jpeg 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/resizer/4csdV-wDAz_S9P3PfCt8t8km_O0=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/F4UE737FVJCBXCRPIEUSDQHVEQ.jpg

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c338ffbcf46f2e232a2dfc231dd3d99c7b173cf513bbab256eae8d4a3e3ac067

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Tue, 06 Sep 2022 16:24:48 GMT
last-modified: Sat, 03 Sep 2022 17:09:48 GMT
server: Akamai Image Manager
arc-country: DE
etag: "09bbe580ee4835898d3c5e14425350ccbf504bc0"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31279525
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 5216
expires: Sun, 03 Sep 2023 17:10:13 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 81ms
22ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 05 Sep 2022 17:37:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 82025
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P7
X-Amz-Cf-Id: qEp07SBo1GE0ipd1f8HEayxBCcZWYYetIhjrDDvMVd5Ayau8FSDYmA==

GET
H2 200 ballantine.js Show response
www.sltrib.com/pf/resources/js/ 465 B
883 B 141ms
131ms Script
application/javascript 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/ballantine.js?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

1349f8a177348d0812701b1d014b76c7dba107cb9793792379e70cfeb35ed80d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: gzip
x-amz-request-id: MX4K8RCZNEZHHQ6Q
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 262
x-amz-id-2: Oh7xTHxX+CrmY13+R4SoqzN3teNwYY7Si32sfkm1ND4sR0QzEDiDqLDciZw0Exa77yapVn2/tqI=
last-modified: Wed, 31 Aug 2022 15:46:52 GMT
server: openresty
etag: W/"75f660e0bf36975883d65bcb4206e252"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:48 GMT

GET
H2 200 sltrib-logo.svg
www.sltrib.com/pf/resources/svg/ 28 KB
11 KB 141ms
131ms Image
image/svg+xml 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/pf/resources/svg/sltrib-logo.svg?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

50218b350ecd9694900e829cfc6c60e47693ef3cb35a07774414ef83a911f1b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: MX4Y4AT4NBNQ9Z67
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 10808
x-amz-id-2: EhPza7UmH0Alh9vHojRE2ZRWUyDpHzsDj117NcsWmDxHZhUhtQcYAb8Oo+1jJ7YTR7J0wdua0F0=
last-modified: Wed, 31 Aug 2022 15:46:53 GMT
server: openresty
etag: W/"25e4e564ed5f244539f01a165c33c5aa"
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:48 GMT

GET
H2 200 trib_masthead.svg
www.sltrib.com/pf/resources/svg/ 34 KB
10 KB 143ms
134ms Image
image/svg+xml 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/pf/resources/svg/trib_masthead.svg?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

d7ab0f1e31217960c7bcf0bdb822374271344c75aab4da7825505571e7e9035e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: gzip
etag: W/"ac682bbc23ad2715870b9244bcf8f9d5"
x-amz-request-id: X1FWAX4T9DMCBBVT
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 10113
x-amz-id-2: fHIZRCVDswxxoWsyeXeiQr/LA88T5ZVby9JypRAVLJ9el11hCB5o+pQpUbty242O6gJulFfhziI=
last-modified: Wed, 31 Aug 2022 15:46:53 GMT
server: openresty
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:48 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 207 KB
72 KB 153ms
36ms Script
application/x-javascript 2.21.185.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.185.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 650876073a3cf72c3ea5de10fa9f864b6871fabe634f1bc8c9fc9ca9f8db24ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: gzip
last-modified: Sun, 04 Sep 2022 10:18:51 GMT
etag: "16-XpJ86s/QAbM1TDQhJd7xobPhkkQ"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: c91b6c4a8362af99b4bdf825caef6da2
timing-allow-origin: *, *
content-length: 72834

GET
H2 200 google-analytics.js Show response
www.sltrib.com/pf/resources/js/ 2 KB
2 KB 7ms
0ms Script
application/javascript 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/google-analytics.js?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

72d3bb48505405120796571830ae74c4f871f03a9052d080cde2190aa926b1ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 06 Sep 2022 16:24:47 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: MX4W36CFS8AF99GM
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 931
x-amz-id-2: lwAP7rWLD7PoKDuNzyZlN74lRkBLcypy/FwKQV7AmLt99yd2HBfsxUWElXeVuijYzX6sJPxcWLw=
last-modified: Wed, 31 Aug 2022 15:46:52 GMT
server: openresty
etag: W/"2615a770e33c9ec8523382d136d1f7e8"
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:47 GMT

GET
H2 200 google-tag-manager.js Show response
www.sltrib.com/pf/resources/js/ 747 B
1 KB 8ms
0ms Script
application/javascript 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/google-tag-manager.js?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

7eb2af8a6315d058a1e7b87fadf2070e8fc0b2449b0a89da20c5b912de500acd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 06 Sep 2022 16:24:47 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: MX4N4GE2P6BTFP1N
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 406
x-amz-id-2: 9ebifZrxxFp+ae28Bs5rMEvpEcGAF21H52JXkVi1ty94tirqxDhxC/yEGN4ZrcqLV6RKVkYbhLk=
last-modified: Wed, 31 Aug 2022 15:46:52 GMT
server: openresty
etag: W/"d2c8fb2ca910eadf27baa9157fba21a3"
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:47 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 92ms
33ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7bbecfafbdaa5c42febcdcc8cff1181eb9a05af145c171fd397665f68a10f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28522
x-xss-protection: 0
server: sffe
etag: "1325 / 628 of 1000 / last-modified: 1662462430"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 06 Sep 2022 16:24:48 GMT

GET
H2 200 chartbeat.js Show response
www.sltrib.com/pf/resources/js/ 4 KB
2 KB 9ms
0ms Script
application/javascript 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/chartbeat.js?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

b6322113217b4fac79ad5b27613c9c66d466e67fad90363e743c87df4843acd7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Tue, 06 Sep 2022 16:24:47 GMT
content-encoding: gzip
x-amz-request-id: X1FVYPKXXBDR7M1S
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 1314
x-amz-id-2: ZvOYwPb8au8EHiMAMx8Mt1W1TqRWh3g0LiJUPL7dw3xWASmpUMzTUo2hkl+1PIrRwkTKeEUna4k=
last-modified: Wed, 31 Aug 2022 15:46:52 GMT
server: openresty
etag: W/"22d3c7b3a6a4b2de423042230a8a3822"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:47 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 89ms
20ms Script
application/x-javascript 2600:9000:223c:be00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:be00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 14:46:54 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
age: 5874
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: rAvdOOVUkmYPiEkZ6rRittkU-GBPK0DiGcVm7Pt8QNhkDV606R-PuA==
expires: Tue, 06 Sep 2022 16:46:54 GMT

GET
H2 200 ad-slider.js Show response
www.sltrib.com/pf/resources/js/ 730 B
974 B 143ms
134ms Script
application/javascript 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/ad-slider.js?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

37e4ecedf0ab53a8f928507a9ae337f5871230f4525ce7e8070af4b21c17412d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: gzip
x-amz-request-id: MX4J5F97PRJGTHS9
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 351
x-amz-id-2: 21Q066PGKd+AhVEF1Rueyl2Xvbh+NtXUYydAkGUVtWI3W/ONaIbXbIJl4yezCeMcF72mi3jNTmA=
last-modified: Wed, 31 Aug 2022 15:46:52 GMT
server: openresty
etag: W/"c1aae5ed5833503095f1c285308e8ac3"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:48 GMT

GET
H2 200 ad-blocker.js Show response
www.sltrib.com/pf/resources/js/ 694 B
997 B 148ms
139ms Script
application/javascript 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/ad-blocker.js?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

403f82f5023b7899ecc6ea3059c0b29c10d6719e7f8464e0625c8f5d02c9b69c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: MX4P4G037JCA7DMR
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 394
x-amz-id-2: KY0LfB3H6OXiw5KZCZsRX85aSVKI4mimxh9j/mUmpfrXp4qNZsUb2z4DUfxVd3uVisURTgjKlh0=
last-modified: Wed, 31 Aug 2022 15:46:52 GMT
server: openresty
etag: W/"8400f83f0cc8263a503add31576d1164"
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:48 GMT

GET
H2 200 piano.js Show response
www.sltrib.com/pf/resources/js/ 4 KB
2 KB 149ms
140ms Script
application/javascript 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/piano.js?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

f98b036fe5c18078c10069bddcfa1436e7726ac0adc3cb05699b2a07d7112ba6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: MX4S8XSHGX2VXMA6
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 1354
x-amz-id-2: k5iO6MGeYwtZhW1oflIbTGx8GP9LUCPS8/IVWLp+LobYIZoZp9bnNtomJHqO0ZwJWF6wO/5LW84=
last-modified: Wed, 31 Aug 2022 15:46:52 GMT
server: openresty
etag: W/"f1e0b652d86e7f37dc230b98f7253458"
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:48 GMT

GET
H2 200 osano.js Show response
cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/ 406 KB
93 KB 118ms
27ms Script
application/javascript 2600:9000:223c:d800:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:d800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

ba7b216d6e5a6306668821f071831022c7205627e881f2214659b36b7bdced6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:17:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4064
x-cache: Hit from cloudfront
content-length: 94832
x-xss-protection: mode=block
last-modified: Tue, 06 Sep 2022 15:06:30 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "6dc4690957b735e27e900a4967bab205"
strict-transport-security: max-age=2592000
content-type: application/javascript; charset=utf-8
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: -3XSk8M1nLBSm1Ge_EtGI0Cwr_ggz2aANGVoHbW7fngmoTFsPTc8kg==

GET
H2 200 8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js Show response
d3plfjw9uod7ab.cloudfront.net/ 250 KB
66 KB 110ms
25ms Script
application/javascript 2600:9000:223e:5400:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:5400:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 220832d32395cd530c8ae99da60e01530d9c50085df4beb88ee89baafe565a4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: iRdXlQSK1ZeHKBjZfQckYBSQF5JQ_T9b
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 18:51:53 GMT
server: AmazonS3
age: 1797
etag: W/"ea7ae9b6a7cf8462226ab5cf71efd0ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
date: Tue, 06 Sep 2022 16:01:10 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: Ys9XYsElYkosRB9XdmQ1mx7tynheXj1_lmecuXRnCuwZXk31gW33aw==

GET
H2 200 facebook.js Show response
www.sltrib.com/pf/resources/js/ 846 B
1 KB 10ms
0ms Script
application/javascript 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/facebook.js?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

6a7dd3acbecddc653446803e807cea2b6a85f3c6c1a6cc349b751f5e965647ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Tue, 06 Sep 2022 16:24:47 GMT
content-encoding: gzip
x-amz-request-id: MX4RT4X3B5N2QFBZ
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 441
x-amz-id-2: FcZ4RfCjcH8WTtYjmj5gPwaGz8LBbULil5udGaUAGnKGBUMi7aKatAPZ8MuTkhPmRIR3QtJVQpI=
last-modified: Wed, 31 Aug 2022 15:46:52 GMT
server: openresty
etag: W/"88ccd8266f9a877f78c9ea893d8b8afd"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:47 GMT

GET
H2 200 twitter.js Show response
www.sltrib.com/pf/resources/js/ 805 B
1 KB 10ms
0ms Script
application/javascript 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/twitter.js?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

325eb0ed9c4b2173718116d97c78e067f83311ed07570de76d154881bee92947

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
x-edgeconnect-origin-mex-latency: 83
date: Tue, 06 Sep 2022 16:24:47 GMT
content-encoding: gzip
etag: W/"5a2f1dc2518862e9d5beed543cee9f82"
x-amz-request-id: MX4S3SE4KDKH8SQ2
x-edgeconnect-midmile-rtt: 17
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 428
x-amz-id-2: VpjgnDCOzPtmR5h77DNUmOcHyyVGUzyPMHLs1/u9vbV+0Zv/E4ETdAc9mAHQqe9j4c3BsAA0Fmo=
last-modified: Wed, 31 Aug 2022 15:46:52 GMT
server: openresty
x-edgeconnect-cache-status: 3
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
arc-country: DE
expires: Wed, 06 Sep 2023 16:24:47 GMT

GET
H2 200 queryly.v4.js Show response
www.queryly.com/js/ 46 KB
10 KB 98ms
29ms Script
application/x-javascript 2606:4700:20::681a:c56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.queryly.com/js/queryly.v4.js
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3db1711b708e98ad42b7764a019342259e8c5c8fd4d4602fadd8e28b69f0200a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1067
x-powered-by: ASP.NET
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
last-modified: Thu, 11 Aug 2022 16:00:33 GMT
server: cloudflare
etag: W/"80a6a27c9badd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8QJf5JpnCKet3qVFegFew5FyrldjsBaI8zLOkGqa5NHj5IcPd7bbSiHMB6KZ4FH2qkpSmMrPknAD7z2DleOdC1RLAs5EyvmRjlEQu8jcBZK8P3MAyYT%2Bed926tpMI%2FqdIBYLkMYv9FTpjO8kCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 74688e941ee39152-FRA
access-control-allow-headers: *

GET
H2 200 queryly.js Show response
www.sltrib.com/pf/resources/js/ 137 B
810 B 11ms
0ms Script
application/javascript 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/queryly.js?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

aa21d0ddbc7cb318d1367bab72630267ec09559a269a23672cebf582d36386ca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Tue, 06 Sep 2022 16:24:47 GMT
content-encoding: gzip
x-amz-request-id: MX4W3V6S4DTTK09C
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 137
x-amz-id-2: D3Zuy6T6kz/T1+9BwHe2KhgsXv2WEy3q0ur9qTDWs1nQyyEYqPz6zA6/79ROflP0ImtMTl9GdmM=
last-modified: Wed, 31 Aug 2022 15:46:52 GMT
server: openresty
etag: W/"6f71954a503275c7a33c5069434fddb5"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:47 GMT

GET
H2 200 sltrib-advanced-search.js Show response
www.queryly.com/js/ 22 KB
5 KB 99ms
30ms Script
application/x-javascript 2606:4700:20::681a:c56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.queryly.com/js/sltrib-advanced-search.js
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7c207b3ed9feda70543fb75e8d0172f262a909522db37f7e3e22249a075a2760

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 759
x-powered-by: ASP.NET
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
last-modified: Wed, 05 Jan 2022 20:39:51 GMT
server: cloudflare
etag: W/"8052163742d81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSfelvKhb0d13tg%2BWZAg1Qwg1Vh3dTji8w3l6ZY3nmsv8btCmsJN1wbdmj1GWEq0A5m0itlfUf1V%2F1yI9K2oYlBs2tugkpBW%2BRXnR0OnsVpO9gs4HSwXy%2Bc8ZIqDEN1zqc36%2B7ULUhoF5XpxIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 74688e941ee69152-FRA
access-control-allow-headers: *

GET
H2 200 EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6 Show response
s.go-mpulse.net/boomerang/ 202 KB
51 KB 165ms
45ms Script
application/javascript 2a02:26f0:ea:492::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:ea:492::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: br
last-modified: Thu, 11 Aug 2022 08:18:48 GMT
x-n: S
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 73GNBBL2FNBC3KEQ5WXFB2LVLI.jpg
www.sltrib.com/resizer/ygJhj0EIpya2IY2URgIjKencpTg=/1024x650/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 52 KB
52 KB 492ms
484ms Image
image/jpeg 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/resizer/ygJhj0EIpya2IY2URgIjKencpTg=/1024x650/cloudfront-us-east-1.images.arcpublishing.com/sltrib/73GNBBL2FNBC3KEQ5WXFB2LVLI.jpg

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

22be49ce866a34ae0c3242ea58bd3cedb4084867009cf100e8149d4d0d2eed4a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Tue, 06 Sep 2022 16:24:48 GMT
etag: "6c6aa7ec1cc6157f41e8cf4d8606d57976a66c48"
x-check-cacheable: YES
arc-country: DE
server-timing: cdn-cache; desc=MISS, edge; dur=336, origin; dur=13
content-length: 52785
last-modified: Thu, 01 Sep 2022 17:28:41 GMT
server: Akamai Image Manager
x-edgeconnect-cache-status: 1
x-serial: 1682
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31107861
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Fri, 01 Sep 2023 17:29:09 GMT

GET
DATA 200
OK truncated
/ 842 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 462f8a9becd0c3fe2ff5f35f32d9ec980cab1ae3a715b9f7ba03e544134d815c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 75ms
21ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/google-analytics.js?d=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4968
date: Tue, 06 Sep 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 06 Sep 2022 17:02:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 179 KB
62 KB 91ms
38ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJJTW7K

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/google-tag-manager.js?d=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4bbe2794bd263f165aedbd479b42c995326e90a523f76e7e437b9b265f8c309f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63317
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Sep 2022 16:24:48 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 23ms
23ms Script
application/x-javascript 2600:9000:223c:be00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/chartbeat.js?d=306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:be00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 14:52:34 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:50:34 GMT
server: nginx
age: 5534
etag: W/"62d7515a-933f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: GYZqSeprk5RW_nc7aLWAC6_F_-PXrzvDNC0sONFCHListuH2f9N6hA==
expires: Tue, 06 Sep 2022 16:52:34 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 197 B
508 B 87ms
20ms XHR
application/json 2a04:4e42:200::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=sltrib.com&domain=sltrib.com&path=%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7582354aac0b69ddb4805d6c6a5aa500bd1ea1419d1e9180ff7ec248aa75a538

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: gzip
x-cache-hits: 1
age: 2801
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 155
x-served-by: cache-hhn4073-HHN
access-control-allow-origin: *
x-timer: S1662481488.120544,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sun, 04 Sep 2022 15:38:07 GMT

GET
H2 200 pubads_impl_2022083101.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
129 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f5d18b1769507b97d8718a598fcecd3bc9e270bc11a520d769b2d06452418f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 525185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131962
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 08:36:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 31 Aug 2023 14:31:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 288 B
170 B 100ms
56ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sltrib.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a505a2b7124eb5116121cac2dfb5aaaf44fcdeb0596efadcea9a74cd9544400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145
x-xss-protection: 0
expires: Tue, 06 Sep 2022 16:24:48 GMT

GET
H2 202 8d82a4d3-a206-4e49-9c15-68d5c36aa42e
analyticssystems.net/api/v2/client/impression/ 0
542 B 192ms
131ms Image
text/plain 2606:4700:3030::6815:251b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/client/impression/8d82a4d3-a206-4e49-9c15-68d5c36aa42e?rand=488136&referer=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyhgty330NdcnpnsjLSARa%2BeK0z4bYetcHJoh3VygckppybDiJPHTtBfaTdunRfwL%2FmlYD5gYex3RzJtM8tx9K3h2Xd2hPFjKDCcRRiI%2BX%2BXnxgrD29ARx1EqvTSFkLtqUCMN5AnxUJgpkp2dhtnuObtaA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 74688e9558ee9191-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: FxJSGvpF1dkHX2AAZWjx

GET
H3

200

activityi;dc_pre=CJbJv5TKgPoCFRFNHgIdR0UP8w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908 Show response
8208269.fls.doubleclick.net/ Frame EDDA
Redirect Chain

https://8208269.fls.doubleclick.net/activityi;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?
https://8208269.fls.doubleclick.net/activityi;dc_pre=CJbJv5TKgPoCFRFNHgIdR0UP8w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?

527 B
428 B

106ms
60ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8208269.fls.doubleclick.net/activityi;dc_pre=CJbJv5TKgPoCFRFNHgIdR0UP8w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

8c6e05f6225577a5f7e3ddfa6009350ab389ba0563d29c67ae69dac65dfcd0c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 403
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 16:24:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 16:24:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8208269.fls.doubleclick.net/activityi;dc_pre=CJbJv5TKgPoCFRFNHgIdR0UP8w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908 Show response
8234312.fls.doubleclick.net/ Frame 8FBE
Redirect Chain

https://8234312.fls.doubleclick.net/activityi;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?
https://8234312.fls.doubleclick.net/activityi;dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?

527 B
432 B

108ms
64ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8234312.fls.doubleclick.net/activityi;dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

4ccd02be3a38860311353ea56f2f883a5186c1838b40614b19e7cb50dd22cbe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 407
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 16:24:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 16:24:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8234312.fls.doubleclick.net/activityi;dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 131ms
38ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/twitter.js?d=306
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15317
x-served-by: cache-iad-kjyo7100023-IAD, cache-vie6333-VIE

GET
H2 200 whitecloseicon.png
www.queryly.com/images/ 816 B
1 KB 26ms
26ms Image
image/png 2606:4700:20::681a:c56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.queryly.com/images/whitecloseicon.png
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:48 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1068
x-powered-by: ASP.NET
content-length: 816
last-modified: Thu, 11 Jun 2020 23:20:57 GMT
server: cloudflare
etag: "d7046f64640d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnIRuYSPYI%2B57xU5Mb6sEDD%2FMYp2BpflCqwfh7plIkR3aqxCVuBYtkBW96WisfcTu%2ByCZPvGsgPsnzAFtXFFMOGFEg60Gr4jMEotX8DgtBjLHETvizB%2F%2FcbbZsSLERB0Gm2lTm%2FFk18LWzLzQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 74688e9528e69152-FRA
access-control-allow-headers: *

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
92 KB 72ms
22ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 12:33:39 GMT
x-content-type-options: nosniff
age: 13869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93868
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Sep 2023 12:33:39 GMT

GET
H2 200 / Show response
cmp.osano.com/ Frame 47C8 4 KB
1 KB 20ms
20ms Document
text/html 2600:9000:223c:d800:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:d800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21483
content-encoding: br
content-type: text/html
date: Tue, 06 Sep 2022 10:26:46 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-id: hMTrBfWgsP4cTZFIlohlsCW3--UjOLZLYYYG8xZ_a9VL10QhQtdlGQ==
x-amz-cf-pop: FRA56-P2
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/180443/ Frame 766F
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/180443/connatix.playspace.dc.js

993 KB
226 KB

55ms
21ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/180443/connatix.playspace.dc.js
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0f1928c0a2274141ca7ba973c6098bb259a335c6ecc1969fed7ce92fea6a744d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:49 GMT
content-encoding: br
last-modified: Tue, 06 Sep 2022 13:02:19 GMT
age: 11994
etag: "4a8ab99c99f1c747017180ef559d1765"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 231019

Redirect headers

location: https://cds.connatix.com/p/180443/connatix.playspace.dc.js
date: Tue, 06 Sep 2022 16:24:48 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 pubfig.min.js Show response
a.pub.network/sltrib-com/ 144 KB
54 KB 99ms
34ms Script
application/javascript 2606:4700:20::681a:18b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/sltrib-com/pubfig.min.js
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f41c74991f832df75862a53468fd4125847bfa3ed7fd898c70955f56a109593

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-goog-hash: crc32c=qkWmGg==, md5=qQtPVVWDRiprKGk2+SLPow==
date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 345988
x-guploader-uploadid: ADPycdueEuJ5a_lsok1XXqJxTAqPTOQf_B0yWFtguEPQduDq1lKHbnG5Ufe2wGGXyccA15oapEzn1CAlEtfxYOsrgRLa0kpKSJXm
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 22:47:43 GMT
server: cloudflare
etag: W/"a90b4f555583462a6b286936f922cfa3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKT%2FNeG03xwQllgOSw7skU4A1sn71M%2FnxdO248QLny1r3SukT784ILnB7bMseRRZdZ5H2sa0alIsZXCZXaJ2KOpEqrqfcY5lH%2BJY7TWqbDgQ2R6Kmlz8FNVpl1ZVrX6InrvorVbC8os8LDQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1661354908358736
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=1800
x-goog-stored-content-length: 147314
cf-ray: 74688e98ea019195-FRA
expires: Fri, 02 Sep 2022 16:19:20 GMT

GET
H2 500 coral-comments Show response
www.sltrib.com/pf/api/v3/content/fetch/ 21 B
444 B 119ms
113ms Fetch
text/plain 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/api/v3/content/fetch/coral-comments?query=undefined&d=306&_website=sltrib

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/pf/dist/engine/react.js?d=306

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: -1
date: Tue, 06 Sep 2022 16:24:48 GMT
server: openresty
arc-country: DE
etag: W/"15-/6VXivhc2MKdLfIkLcUE47K6aH0"
strict-transport-security: max-age=86400
content-type: text/plain; charset=utf-8
x-edgeconnect-cache-status: 0
cache-control: max-age=0
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing: cdn-cache; desc=HIT, edge; dur=47
content-length: 21
expires: Tue, 06 Sep 2022 16:24:48 GMT

GET
H2 200 arc-single-story Show response
www.sltrib.com/pf/api/v3/content/fetch/ 30 KB
8 KB 130ms
125ms Fetch
application/json 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/api/v3/content/fetch/arc-single-story?query=%7B%22articlePath%22%3A%22%2Fnews%2F2022%2F09%2F04%2Fmoral-imperative-overflow%22%7D&d=306&_website=sltrib

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/pf/dist/engine/react.js?d=306

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

c41306714d2e4215494e69b0c308709cf70e7e4eb5bb5dfa02cee392bb8a44db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
If-Modified-Since: 1662481151289
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 251, 251
date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 16:19:11 GMT
server: openresty
arc-country: DE
etag: W/"77e5-BgTejT4J0eTbKi/nzJM+h8OtduY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=17, origin; dur=46
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
strict-transport-security: max-age=86400
content-length: 7938
expires: Tue, 06 Sep 2022 16:24:48 GMT

GET
H2 200 menu.svg
www.sltrib.com/pf/resources/svg/ 222 B
836 B 75ms
73ms Image
image/svg+xml 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/pf/resources/svg/menu.svg?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

9041f63adc7ef5badf30edfdd51d94832df52c6a93c52ba91ea270c107847b82

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: gzip
x-amz-request-id: YBWWMSS1RD41HVPH
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=9
content-length: 188
x-amz-id-2: m97RMixxR2EbkNfuCzx4ZqStVc0GTZ/zxyxa3ANba+hatWH+P6ASaW88PgwcN+gHdUut7/2AGTk=
last-modified: Wed, 31 Aug 2022 15:46:52 GMT
server: openresty
etag: W/"2ad563e730ce63c718f6dbed5962a52a"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:48 GMT

GET
H2 200 search-black.svg
www.sltrib.com/pf/resources/img/ 562 B
967 B 79ms
78ms Image
image/svg+xml 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/pf/resources/img/search-black.svg?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

8f850627aa46412b56450f99c309fbfa8786f65a46b59746223cc135e2535b46

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: gzip
x-amz-request-id: YBWR5FF2V15RXMV6
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=6
content-length: 341
x-amz-id-2: hgmkRY42jIElUstsdgThU21oQ45BLymf70Vtx6rgaar/6enzT+cYO+nAappPH2ShRUIsUK3WM2w=
last-modified: Wed, 31 Aug 2022 15:46:52 GMT
server: openresty
etag: W/"e3b2768d3f06bb7e6e903817ba832bf1"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:48 GMT

GET
H2 200 Trib_masthead_top_000000.svg
www.sltrib.com/pf/resources/svg/ 14 KB
5 KB 80ms
79ms Image
image/svg+xml 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/pf/resources/svg/Trib_masthead_top_000000.svg?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a6b9ca255d1b81f64849a3e0412ee94a858f10baafb862bfd715541afdb012df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: gzip
x-amz-request-id: YBWTS8ZQBQG06JKK
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=7
content-length: 4810
x-amz-id-2: y8SHHTStPgbbBtzFIF4ec9vYUVSk02QHspjOx33mukzOe+iHd3TG2p1kK/bOxAYGAdZ1Kky2Yg4=
last-modified: Wed, 31 Aug 2022 15:46:53 GMT
server: openresty
etag: W/"0a6e5f60fd6a9d23f560d424745802f9"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:48 GMT

GET
H2 200 person.svg
www.sltrib.com/pf/resources/svg/ 291 B
868 B 81ms
80ms Image
image/svg+xml 2a02:26f0:10e::5435:a1f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/pf/resources/svg/person.svg?d=306

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

f8a691e6f523905cca35f8488a78ceadbaa81c057adf1b5a4817871ad27bf787

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: gzip
x-amz-request-id: YBWZ4M4AEBH5WJ9R
arc-country: DE
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=2
content-length: 222
x-amz-id-2: kzcAbZio5/u2S79D+oE5TaLkSyje6f+xhgc1j1nOFRnpz5mw08/qN9WREA2MwuQFjbt63HCnUMc=
last-modified: Wed, 31 Aug 2022 15:46:52 GMT
server: openresty
etag: W/"0b49da62bedb71c6594b7421f72768e1"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires: Wed, 06 Sep 2023 16:24:48 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 98ms
38ms Script
application/javascript 2606:4700:3032::ac43:bf95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:bf95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: RDJN2MG0ZCYZTB9Z
x-amz-id-2: eZfTNAxHHAE2YiKIMycqmjtNSw4fYlwDIqIispjXlblZQyU2j2lCcs5P6dscRNIFBsWNIAktoac=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qr%2FxUvtG6XcK8SV3hBk0MjdSeZRe%2Fm5zByIRiq6ccwkONetZ2zZsx0ai7IIu95PF0X7wy5MKOZCUTpw%2Flx1xSN7n0d%2Bjy%2BTKnSjKLrDO1VAd%2B7q8zkIhgTQXU8fn7xTDex0HxlNk%2FDf8G09eebU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 74688e9939ed925f-FRA

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 3 KB
2 KB 102ms
43ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=vxCIN3E3cT

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80829916dd7461f45b5709b63546ac24d8542434932a530ba5b6833857e91a76

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:48 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 3274
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: MeeoshrV0ev
wn: prod-exp-10-0-86-73
last-modified: Tue, 06 Sep 2022 15:30:14 GMT
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 74688e996b205b44-FRA
expires: Tue, 06 Sep 2022 16:54:48 GMT

GET
BLOB 200
OK d0d2133c-fb25-40e0-a1ce-3f7c570b3361
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/d0d2133c-fb25-40e0-a1ce-3f7c570b3361
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H/1.1 200
OK d3d3LnNsdHJpYi5jb20= Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 136ms
31ms XHR
application/json 2.21.185.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LnNsdHJpYi5jb20=
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.185.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-176.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 16:24:49 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=30098
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 22e8434da4abb908b9f3f6796c5e8ae1
Content-Length: 15
Expires: Wed, 07 Sep 2022 00:46:27 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 39ms
30ms Image
image/gif 2.21.185.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.185.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:48 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Thu, 06 Oct 2022 16:24:48 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 346ms
110ms Image
image/gif 54.160.55.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=sltrib.com&p=%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&u=B3KnLbDtyGkOM7YyD&d=sltrib.com&g=65212&g0=News&g1=Peggy%20Fletcher%20Stack&n=1&f=00001&c=0.01&x=0&m=0&y=3687&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2201&t=Bwm5RfCN0n_VBX_LypDsGQPAB9ldZ9&V=136&i=Richest%20Utah%20native%20vows%20to%20give%20away%2090%25%20of%20his%20billions&tz=0&_hottopic=&sn=1&sv=BA3BG6CA9P6BJorbtCiEpxNB--1TQ&sd=1&im=067b2ff3&_
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.55.69 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-55-69.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 16:24:49 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2

204

asyncPixelSync
pixel.sitescout.com/dmp/ Frame 04EF
Redirect Chain

https://pixel-a.basis.net/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync

0
0

118ms
42ms

Document
text/plain

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Tue, 06 Sep 2022 16:24:49 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

Redirect headers

content-length: 0
location: https://pixel.sitescout.com/dmp/asyncPixelSync

GET
H2

204

asyncPixelSync
pixel.sitescout.com/dmp/ Frame A210
Redirect Chain

https://pixel-a.basis.net/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync

0
0

116ms
40ms

Document
text/plain

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Tue, 06 Sep 2022 16:24:48 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

Redirect headers

content-length: 0
location: https://pixel.sitescout.com/dmp/asyncPixelSync

GET
H2

204

dda8255d32e6482d
pixel.sitescout.com/iap/
Redirect Chain

https://pixel-a.basis.net/iap/dda8255d32e6482d
https://pixel.sitescout.com/iap/dda8255d32e6482d

0
191 B

67ms
42ms

Image
text/plain

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/dda8255d32e6482d
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: H2
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 16:24:48 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/dda8255d32e6482d
content-length: 0

GET
H2

200

1ea036853c174e3a
clickserv.sitescout.com/conv/
Redirect Chain

https://clickserv.basis.net/conv/1ea036853c174e3a
https://clickserv.sitescout.com/conv/1ea036853c174e3a

43 B
267 B

135ms
35ms

Image
image/gif

66.155.71.189
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clickserv.sitescout.com/conv/1ea036853c174e3a
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: H2
Server: 66.155.71.189 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 16:24:49 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://clickserv.sitescout.com/conv/1ea036853c174e3a
content-length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
72 KB 82ms
36ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DC2TJEE08T&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cae64fe5d098ea6730429186e8c0eb8fa494f748bd5af0fdd46bb2943a38267a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:49 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74020
x-xss-protection: 0
expires: Tue, 06 Sep 2022 16:24:49 GMT

GET
H2 200 adsct
t.co/i/ 43 B
338 B 176ms
129ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=b2022694-e56d-42c1-bf50-0a3292dcfcc7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bdf1a33a-16b0-41b7-9c38-1d34ad2c67f4&tw_document_href=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0jhs&type=javascript&version=2.3.27

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-response-time: 107
date: Tue, 06 Sep 2022 16:24:48 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 6325739f55db54effa8e75f3f5c44eada3172dd00ae6c073fdb676d245f863d5
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
355 B 174ms
128ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=b2022694-e56d-42c1-bf50-0a3292dcfcc7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bdf1a33a-16b0-41b7-9c38-1d34ad2c67f4&tw_document_href=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0jhs&type=javascript&version=2.3.27

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-response-time: 106
date: Tue, 06 Sep 2022 16:24:48 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 109d6c34365077a07659e719f6224ba26c8c4bd675805127c36ecc91ed8edb49
content-length: 43

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CJbJv5TKgPoCFRFNHgIdR0UP8w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib... Frame D73A 526 B
872 B 113ms
62ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJbJv5TKgPoCFRFNHgIdR0UP8w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Requested by

Host: 8208269.fls.doubleclick.net
URL: https://8208269.fls.doubleclick.net/activityi;dc_pre=CJbJv5TKgPoCFRFNHgIdR0UP8w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c80a8f5f2b08450a380dbf21d62efadc874f8695a1ce5d703ddff1fd8cc215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8208269.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 403
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 16:24:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib... Frame 1590 526 B
477 B 109ms
62ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Requested by

Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/activityi;dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45522f67730a33a2cd38498d9eb29a282106afb6e7206c5b6aef0894db4778e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8234312.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 407
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 16:24:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 202 8d82a4d3-a206-4e49-9c15-68d5c36aa42e
analyticssystems.net/api/v2/alerts/net/ 0
0 237ms
184ms Fetch 2606:4700:3030::6815:251b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analyticssystems.net/api/v2/alerts/net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Sep 2022 16:24:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRiAD5H6EYwPCFsd6OGnwFm6tNsh%2BAlAYFx0S0qfOIG3JSoaaYlqoeVIhjOLqdPEbJfR75WwZgqC9p4Myd347zEKw2yn81hTaeRV9ARCaYVL3Rygng9o2ecW9OHjzESJfRnxarwSQst9J5vZZ%2FzWYLwRqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 74688e9b8f659bf4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: FxJSGzWEERWIPf4AZW6R

GET
H2 200 init Show response
d.pub.network/v2/ 73 KB
7 KB 199ms
139ms XHR
application/json 35.201.71.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/v2/init?siteId=2607&env=PROD
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.71.201.35.bc.googleusercontent.com
Software: /
Resource Hash: a6c94dbbf419599a1f7f78863ad41ce7a23dc59cd4e7e6e24f393ac9a0820edc

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:49 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.sltrib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
BLOB 200
OK 55600b1e-ed20-42c6-9bbf-3639f73b6ebe
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/55600b1e-ed20-42c6-9bbf-3639f73b6ebe
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 hls.29b1ff4c2227d65c148f.js
cds.connatix.com/p/180443/ Frame 766F 0
47 KB 23ms
23ms Other
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/180443/hls.29b1ff4c2227d65c148f.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:49 GMT
content-encoding: br
last-modified: Tue, 06 Sep 2022 13:02:20 GMT
age: 11909
etag: "6afc7b7af39473a7dafdce3cf56dbd12"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48331

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CJbJv5TKgPoCFRFNHgIdR0UP8w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.... Frame 5AF5 194 B
870 B 127ms
60ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJbJv5TKgPoCFRFNHgIdR0UP8w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJbJv5TKgPoCFRFNHgIdR0UP8w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 16:24:49 GMT
expires: Tue, 06 Sep 2022 16:24:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/ Show response
8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www... Frame B08A
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www...
https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=htt...

845 B
531 B

60ms
59ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

b3074e2cf0b12bcf10b46ed42bbe45b43ddfb868a7434b8e7b45ec387924c09a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 506
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 16:24:49 GMT
expires: Tue, 06 Sep 2022 16:24:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 16:24:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 324 KB
94 KB 59ms
44ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6b10e6c3a812d3cb7081fa6014bc5aa6f8fbee831adbddc5df3bb5da8e1ac05

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:49 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 10170
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: KNERY157YGCEYM0N
x-amz-id-2: t337ik20oV2joQRMuQH1sVOveX/r6yH0rGTBlG6wHt0JEt72zYmT5WBCL4Cz1ksLE7iBFF+0s9A=
last-modified: Mon, 05 Sep 2022 08:19:40 GMT
server: cloudflare
etag: W/"799d3dd9a4843df3fe80c8bbaa685990"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=14400
x-amz-version-id: iTF4N7Ez6s3srL2g2fa0GHN8xp7UIlFP
cf-ray: 74688e9c5db45b44-FRA
expires: Tue, 06 Sep 2022 20:24:49 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
409 B 174ms
165ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=vxCIN3E3cT

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25eb42e900a873fee498a3d5ab675d937d937f8df774fb3ce51234adb9479ffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:49 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: MdxqshrGH3L
pragma
wn: prod-dash-10-0-134-234
last-modified: Tue, 06 Sep 2022 16:19:33 GMT
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.009
cache-control: public, max-age=1200
cf-ray: 74688e9d2e6a5b44-FRA
expires: Tue, 06 Sep 2022 16:44:49 GMT

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 10 KB
3 KB 226ms
173ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=vxCIN3E3cT

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

917e2aa0aab7d93b17f45c1cd9d7d780af1ec625767c31eef8425d8b271e88e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Sep 2022 16:24:49 GMT
content-encoding: br
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: kw8kflelx6
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.sltrib.com
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 74688e9d8bed9186-FRA

GET
BLOB 200
OK d8a57d49-df06-4572-b39d-222e5b1eb3e0
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/d8a57d49-df06-4572-b39d-222e5b1eb3e0
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2

204

asyncPixelSync
pixel.sitescout.com/dmp/ Frame BF9B
Redirect Chain

https://pixel-a.basis.net/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync

0
0

41ms
40ms

Document
text/plain

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Tue, 06 Sep 2022 16:24:49 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

Redirect headers

content-length: 0
location: https://pixel.sitescout.com/dmp/asyncPixelSync

GET
H2

204

9f30138796dc7a6a
pixel.sitescout.com/iap/ Frame B08A
Redirect Chain

https://pixel-a.basis.net/iap/9f30138796dc7a6a
https://pixel.sitescout.com/iap/9f30138796dc7a6a

0
191 B

40ms
40ms

Image
text/plain

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/9f30138796dc7a6a
Requested by: Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CKXBwJTKgPoCFQXSGQodvPsOGA;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol: H2
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8234312.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 16:24:48 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/9f30138796dc7a6a
content-length: 0

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 483ms
110ms XHR
application/json 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1662481489546&sessionId=c40bb574-b244-c2b2-192f-c3672691800b&url=www.sltrib.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Sep 2022 16:24:49 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: a39c8334b3a946884dc2b9dc5b25cabd
Content-Length: 4
Expires: 0

GET
H3 200 show Show response
buy.tinypass.com/checkout/offer/ Frame C1D4 611 KB
58 KB 216ms
190ms Document
text/html 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Ii8Ac&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1006896152.1662481489&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=9bb2233457

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62101b74c06b47e062cc71dcde389d7490880767e98457c6260adc691ad098b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74688e9eebbb9bb8-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Tue, 06 Sep 2022 16:24:49 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR OUR IND"
pragma: no-cache
server: cloudflare
server-time: 0.037
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-86-145
x-forwarded-https: on
x-request-id: Mdxqshruzcl
x-xss-protection: 0

GET
H3 200 embed.js Show response
sltrib.coral.coralproject.net/assets/js/ 57 KB
17 KB 66ms
21ms Script
application/javascript 35.244.156.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sltrib.coral.coralproject.net/assets/js/embed.js

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.156.29 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

29.156.244.35.bc.googleusercontent.com

Software

Resource Hash

01d6fdcdfb196cb3a9e6d29c26f16be5449973ea5801c8a19812e62edc8b1375

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
age: 1100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17051
x-xss-protection: 1; mode=block
x-trace-id: ddf721d0-2dfd-11ed-9d16-93be37042a91
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Jun 2022 14:34:40 GMT
date: Tue, 06 Sep 2022 16:06:29 GMT
vary: Accept-Encoding
content-language: en-US
via: 1.1 google
cache-control: public, max-age=1800, s-max-age=604800
etag: W/"429b-18143bd2c00"
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8

GET
H3 200 checkout.bundle.1.1.css
buy.tinypass.com/widget/dist/checkout/css/ Frame C1D4 304 KB
58 KB 53ms
48ms Stylesheet
text/css 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Ii8Ac&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1006896152.1662481489&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=9bb2233457

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68326de2e78eee8040cc7dc6181ca15a8e16ca1951aab55899caeb9ac01952df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Ii8Ac&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1006896152.1662481489&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=9bb2233457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:49 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2966
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-123-85
last-modified: Mon, 05 Sep 2022 15:19:44 GMT
server: cloudflare
etag: W/"311725-1662391184000"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/css
server-time: 0.000
cache-control: public, max-age=7200
cf-ray: 74688ea02e1b9bb8-FRA
expires: Tue, 06 Sep 2022 18:24:49 GMT

GET
H3 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame C1D4 65 KB
12 KB 51ms
45ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=14.264.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f30edfff18f6ab829328a8320017953bcdeece5bc1c9420ce63ec13313ee49d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Ii8Ac&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1006896152.1662481489&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=9bb2233457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:49 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 10168
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-128-77
last-modified: Mon, 05 Sep 2022 01:55:20 GMT
server: cloudflare
etag: W/"66541-1662342920000"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.001
cache-control: public, max-age=86400
cf-ray: 74688ea02e1e9bb8-FRA
expires: Wed, 07 Sep 2022 16:24:49 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame C1D4 95 KB
30 KB 85ms
30ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4137755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30360
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqjc7ruhcNoVhvsAFBdoWEG0sY0cd5SXKSA5RrTdvmj%2BmFedoPNxui5%2BzH38uHk6P7GYZairiWi0MvG38JjnUtSQVfYK64KWqU6LApkACTmMarCPj3KPBOryZK1deCi8veu6uLVmO28BPy8gRfjs2Y83"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74688ea0785f9c04-FRA
expires: Sun, 27 Aug 2023 16:24:50 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame C1D4 10 KB
4 KB 108ms
53ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9062880
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3550
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eotfhC95%2FqfQUmAhUANR8qO7Oisww3mRsZF2Ncdo0kV8FFTRECbHU0ROzYrf0BKg%2B7cRKLBkHlk%2BTdklUzadMOXZMG5DALtip6zqT3XdLZG8rQGW8pbhcio9Fnaoxv3agq%2Fls%2FMpW%2For89eauDL9TJND"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74688ea078619c04-FRA
expires: Sun, 27 Aug 2023 16:24:50 GMT

GET
H2 200 angular.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame C1D4 104 KB
35 KB 94ms
40ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1708467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35086
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-1a191"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpnf7gQoD5vIWATiYyBIrx1JuHFD4CbVHTkXnrq9%2FP6IgaPket0hclzsa1L7ynB1eDRDoP3DzZ3Kf2ND1FT9NEbd2kzlCEBsQU8e7BQo%2FbncpZ8mu1DoD5eFbzyWBmYfxbYofi89HA%2BQmdHUYrXz0Xe5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74688ea078639c04-FRA
expires: Sun, 27 Aug 2023 16:24:50 GMT

GET
H2 200 angular-cookies.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame C1D4 825 B
753 B 109ms
55ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 424330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 434
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-339"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWZQXIe%2BM38N20oBkpIThpm%2F9cxzad3BwBhifP9eiblLvOpkVc0UPaWeXz%2BtpZlQ0PhaR7%2BgBC%2BMey7yLfhURYINz8zuc%2F2leytkrw6rjwF2HbTX6TtMa1Q9k2M9bynzJhQgCastIy7rJVIrcSOypPEG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74688ea078649c04-FRA
expires: Sun, 27 Aug 2023 16:24:50 GMT

GET
H2 200 angular-sanitize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame C1D4 4 KB
2 KB 90ms
36ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1111789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2171
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-11cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4D0Fnv8v%2F77EFQxq8KdOO4%2FpavseAP48irVZQVtQgEpTurvDL%2B7I0A3oyKolvQW0YHQ6LtIMRRNInWfA4qk53WVIk4nad%2BWcB4BV6HhwBi5bzOhbbTyQtjh7uHTvrDok7t7ZMOZZXjDTVYQIvRtbU621"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74688ea078679c04-FRA
expires: Sun, 27 Aug 2023 16:24:50 GMT

GET
H2 200 angular-touch.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame C1D4 3 KB
2 KB 90ms
37ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-touch.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7135861f8a8768636a90c4fb777082380c84194319273624e88004ab2b9d98d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2327780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1321
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-ce0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2UiM1dy7z4qDi4utwtI5Kp%2BiQ4Q9fKXGgDIZAQzzKzwkRr6d7SNUD5OZwN8rCGDGhRQpqI64WHZ8MAzls6MuUqgiDYuOCdPxY2uuJdX98Uyyp8seqCYkHpS%2BTpsr0riCusKrsEsR088MD%2FGncEjIDG3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74688ea078669c04-FRA
expires: Sun, 27 Aug 2023 16:24:50 GMT

GET
H2 200 tmhDynamicLocale.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame C1D4 3 KB
1 KB 108ms
56ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1197503
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 953
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d1b-ad6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FP%2BPwUPr%2BjYg78VQkh3zzIi7daEKxoNcSTUBRsgaQn0LlDxruVDyumv1nbbKCkA3dFnfMsz51JfD5gxpw98rfdAXBS8XnScJiwIBwAWpM6zqIveJq5xLc%2FijOjQFLbnSJv6pGCn2xdicXDAyx27qw62a"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74688ea098aa9c04-FRA
expires: Sun, 27 Aug 2023 16:24:50 GMT

GET
H2 200 angular-ui-utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame C1D4 23 KB
8 KB 107ms
56ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 422127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7490
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-5b33"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlFqo8FIlUqtSpZ7MTXwpCS7WcgU8RTcSfSt%2Fl2ZtB9vu%2BqQsI53Vbp8%2BW4pGvEB0JSAsIVW7eAtxpiloKG68fhCoHpQZqonIpP1aIneFw2C3XYuppr%2BAV02VuF5Q1tpb%2FZUfqrkuj4NE%2BsfS2SZvKsE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74688ea098a69c04-FRA
expires: Sun, 27 Aug 2023 16:24:50 GMT

GET
H2 200 angular-ui-ieshiv.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame C1D4 2 KB
1 KB 90ms
38ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 430066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 910
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-93c"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fkDad78p3ylzHvF%2BO3UEqd%2BzST7RUdHxY5olNko4aWGYc3AtMJ7MvGb6CHGjSp%2Fzvf3umbCDoDRsCCveJ%2BLLUvTGo1acpBTJ3It2VzMf0GSjaT2O6x8uX8Xo9cUThg3tazissSy%2Ft3cmYiyU4hhpQLg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74688ea0786a9c04-FRA
expires: Sun, 27 Aug 2023 16:24:50 GMT

GET
H2 200 angular-ui-router.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame C1D4 20 KB
8 KB 80ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2328796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6934
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-4f8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZwxrSg%2FZGkA15PgX8LHQT7QIGd1JnRTt1I0NPRc8q%2F8UNeWdrjCVhvfMim9iMRXAyWDWZvM64dZghNN08c3OHOAnDGo9GCPPkdGzsiBQCzv%2Bj5UB9kkYEzJaSQGF3Mrz4xJ%2FAN71nO0AAw4yYH6tjXf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74688ea078689c04-FRA
expires: Sun, 27 Aug 2023 16:24:50 GMT

GET
H2 200 anime.min.js Show response
cdnjs.cloudflare.com/ajax/libs/animejs/3.1.0/ Frame C1D4 17 KB
7 KB 108ms
57ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animejs/3.1.0/anime.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 428365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6344
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-4377"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4251cV5cuCRBjcDxvI8HZ2DO1P0oOVHYLVnFiUAlujRBNQlW5Nwd2DEkshH3oSxlBAJ0MRe0Eg3wGZonIldzqWaedljIaUl%2Bfm9sfBKh5Vt17%2B%2FznH%2FZsWb5WeZ5gRjNEJqyZH%2FJ2tqdx8w5pAybeerk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74688ea098a79c04-FRA
expires: Sun, 27 Aug 2023 16:24:50 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ Frame C1D4 327 KB
80 KB 461ms
22ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5c1a97171b0ac89a0ba20428ba069f1db2fcdb96280b99f991fcffe743eca72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 15
x-cache: HIT
content-length: 81054
etag: "c60bded5fc23fe5642fa6fa5eed6fe25"
x-request-id: 4d05c1e0-250c-4285-8219-0ec9ff7d0ce9
x-served-by: cache-hhn4073-HHN
access-control-allow-origin: *
last-modified: Fri, 02 Sep 2022 19:27:28 GMT
server: Fastly
date: Tue, 06 Sep 2022 16:24:50 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7

GET
H3 200 H4sIAAAAAAAAAD3IMQ7CMAwAwA_hmCSt1B0xsDCxV6ljlRQ3kXAMPL8bNx5-S165Yy7akZ5Mr2Yd9pZNGDdFMu1th8VqFnaf3-V2j9dIjxl8GM_RD1McTyhlUUx1NUlv8C64ELD4qf5PGiXhmSuYuk0PjPMdMnYAAAA Show response
buy.tinypass.com/_sam/ Frame C1D4 623 KB
153 KB 72ms
70ms Script
text/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IMQ7CMAwAwA_hmCSt1B0xsDCxV6ljlRQ3kXAMPL8bNx5-S165Yy7akZ5Mr2Yd9pZNGDdFMu1th8VqFnaf3-V2j9dIjxl8GM_RD1McTyhlUUx1NUlv8C64ELD4qf5PGiXhmSuYuk0PjPMdMnYAAAA?compressed=true&v=14.264.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c37ae406fb7482d4272fdad17a3dc6ccfa9b0dfc3bf06ee6636855ed0eb382b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Ii8Ac&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1006896152.1662481489&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=9bb2233457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:49 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3268
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-124-22
last-modified: Mon, 05 Sep 2022 15:29:38 GMT
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/javascript
server-time: 0.006
cache-control: public, max-age=601532
x-optimized-by: _sam
cf-ray: 74688ea02e1f9bb8-FRA
expires: Tue, 13 Sep 2022 15:30:21 GMT

GET
H2 200 sltrib_masthead_new_subtext_white.png
local.sltrib.com/marketing/ Frame C1D4 28 KB
28 KB 817ms
128ms Image
image/png 69.16.220.201
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://local.sltrib.com/marketing/sltrib_masthead_new_subtext_white.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Ii8Ac&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1006896152.1662481489&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=9bb2233457
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.220.201 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host3.utahdigitalservices.com
Software: Apache /
Resource Hash: 99864675faf8dea302b09f4905d80f32a6ca510c9b1118d2692e0df0241c637d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:50 GMT
last-modified: Thu, 24 Dec 2020 18:51:09 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 28188
expires: Thu, 06 Oct 2022 16:24:50 GMT

GET
H2 200 trib_logo_white.png
local.sltrib.com/graphics/ Frame C1D4 9 KB
9 KB 581ms
253ms Image
image/png 69.16.220.201
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://local.sltrib.com/graphics/trib_logo_white.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Ii8Ac&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1006896152.1662481489&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=9bb2233457
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.220.201 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host3.utahdigitalservices.com
Software: Apache /
Resource Hash: 1a5414e59027131d5ac994ba4fe4386b491145f34e86c9ffe90fb7ea968bcf0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:50 GMT
last-modified: Thu, 13 Feb 2020 21:57:37 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9584
expires: Thu, 06 Oct 2022 16:24:50 GMT

GET
H2 200 m-outer-e52e635988f6f4658a329b4b948f1007.html Show response
js.stripe.com/v3/ Frame AA43 186 B
821 B 23ms
22ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-e52e635988f6f4658a329b4b948f1007.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5903ac62a504525a0c57b90ed548c2415f542e242d4c64edd369db6cf82aab6f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buy.tinypass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 337628
cache-control: max-age=31536000
content-encoding: br
content-length: 114
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 06 Sep 2022 16:24:50 GMT
etag: "e52e635988f6f4658a329b4b948f1007"
last-modified: Fri, 02 Sep 2022 18:36:32 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 165132
x-content-type-options: nosniff
x-request-id: 59a7daca-1f32-47d7-ade3-1c6603df7a6e
x-served-by: cache-hhn4073-HHN

POST
H2 200 csp-report
q.stripe.com/ Frame AA43 0
570 B 607ms
192ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 06 Sep 2022 16:24:51 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame AA43 0
571 B 604ms
189ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 06 Sep 2022 16:24:51 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H3 200 trackShow Show response
buy.tinypass.com/checkout/offer/ Frame C1D4 1 KB
1 KB 158ms
158ms XHR
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/trackShow

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b546d33c5746a5ebaea072bb4a0fdb6fee012be4d7512047934164b5f8e1fd90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Ng-Request: 1
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Ii8Ac&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1006896152.1662481489&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=9bb2233457
X-Requested-With: XMLHttpRequest
Piano-request-without-spinner: 1

Response headers

date: Tue, 06 Sep 2022 16:24:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
x-request-id: MexqshrEeCe
pragma: no-cache
wn: prod-dash-10-0-80-62
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: *
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buy.tinypass.com
cache-control: no-cache, no-store, must-revalidate
server-time: 0.002
cf-ray: 74688ea43cd79bb8-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 m-outer-a0304d3ea31e8647892809f01854788c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AA43 526 B
362 B 22ms
22ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-a0304d3ea31e8647892809f01854788c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-e52e635988f6f4658a329b4b948f1007.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-e52e635988f6f4658a329b4b948f1007.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 45
x-cache: HIT
content-length: 256
etag: "d96c709017743c0759cf3853d1806ba5"
x-request-id: 149b91ac-d580-471e-b9f6-327fd1867642
x-served-by: cache-hhn4073-HHN
access-control-allow-origin: *
last-modified: Fri, 02 Sep 2022 18:36:32 GMT
server: Fastly
date: Tue, 06 Sep 2022 16:24:50 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 64

GET
H3 200 performanceMetrics Show response
buy.tinypass.com/api/v3/anon/assets/ 166 B
507 B 152ms
152ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/performanceMetrics?tbc=%7Bkpex%7DKrmHC1vjz9Ve7M1lKMRiOfcSZGLR0fxutZzixzXbyhi5pf0_vV9rLVpkglB9hydZ&aid=vxCIN3E3cT&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jsonp6347

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acfad196fd927f8b9f76a0812949fe5ac2941e222af3b7f370c7e01b3e769998

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74688ea46d3d9bb8-FRA
date: Tue, 06 Sep 2022 16:24:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
wn: prod-dash-10-0-86-145
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
p3p: CP="NON DSP COR OUR IND"
server-time: 0.001
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: MexqshrWOKS

GET
H2 200 inner.html Show response
m.stripe.network/ Frame A7DF 930 B
2 KB 224ms
22ms Document
text/html 52.222.236.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a0304d3ea31e8647892809f01854788c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-21.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 290
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 06 Sep 2022 16:20:04 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-id: Qdcv0d8NQkRk8vMofKwxFqB8FdKOekWDrf0dOwXlafdPprN2X_POVA==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 110ms
110ms Image
image/gif 54.160.55.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=sltrib.com&p=%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&u=B3KnLbDtyGkOM7YyD&d=sltrib.com&g=65212&g0=News&g1=Peggy%20Fletcher%20Stack&n=1&f=00001&c=0.04&x=0&m=0&y=4229&o=1600&w=1200&j=30&R=1&W=0&I=0&E=2&e=2&r=&b=2201&t=Bwm5RfCN0n_VBX_LypDsGQPAB9ldZ9&V=136&tz=0&_hottopic=&_acct=anon&sn=2&sv=BA3BG6CA9P6BJorbtCiEpxNB--1TQ&sd=1&im=067b2ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.55.69 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-55-69.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 16:24:50 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A7DF 0
344 B 314ms
194ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 16:24:51 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame A7DF 86 KB
14 KB 25ms
25ms Script
text/javascript 52.222.236.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-21.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
age: 48
date: Tue, 06 Sep 2022 16:24:03 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: x8PwFz4b8PK9JC3pERWxJpZaMlPUKnbtKKtRA7XxYhlOPJ3BBtJiBg==
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"

POST
H2 200 6 Show response
m.stripe.com/ Frame A7DF 156 B
523 B 612ms
196ms XHR
application/json 54.149.23.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.149.23.244 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-149-23-244.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

624dcd4c7f8f377f1c04db465452492705a92f0e22f6dd5f13e6443f78d955a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Sep 2022 16:24:51 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/180443/ 105 KB
14 KB 21ms
21ms Stylesheet
text/css 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/180443/connatix.playspace.css
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8ca23a252b58a07eb67e2c94362cb39a129547558996ec167bebd8c35cef945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:51 GMT
content-encoding: br
last-modified: Tue, 06 Sep 2022 13:02:19 GMT
age: 11912
etag: "755981655cf2a849c34bcecac6972bfa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 14399

POST
H2 200 story Show response
capi.connatix.com/core/ Frame 766F 5 KB
3 KB 196ms
162ms XHR
application/x-protobuf 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=180443
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 21f74a557443efaba561de4523ccd2cf937b553488fa5c7699cf122648555afd

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 06 Sep 2022 16:24:51 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.sltrib.com
access-control-max-age: 86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2942

GET
H2 200 insights.bin Show response
ins.connatix.com/adfcb118-22e4-41c0-b3fd-1379ecf3f301/b7016d29-e1fd-4d4c-a71d-64a2c53eb522/ Frame 766F 432 B
499 B 99ms
23ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/adfcb118-22e4-41c0-b3fd-1379ecf3f301/b7016d29-e1fd-4d4c-a71d-64a2c53eb522/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1370a291c2b1bb2291179491127d2eba73de6672253ce9c380339627f1338e31

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:52 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 22:01:55 GMT
age: 65087
etag: "ffefd64863001f60d402af310e3ca78f"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 263

GET
H2 200 insights.bin Show response
ins.connatix.com/0f8784e3954b16cee6ef2b4150474051/ Frame 766F 252 B
266 B 98ms
23ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/0f8784e3954b16cee6ef2b4150474051/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4f19ec18175b0631e9c5d0f2adf42f0fd7742019915f8e06b379ceb1500f13a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:52 GMT
content-encoding: gzip
last-modified: Sat, 12 Feb 2022 04:59:36 GMT
age: 384892
etag: "cbd95329a638a293b4999bbc42855699"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 174

POST
H/1.1 200
OK sr Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame 766F 0
315 B 497ms
117ms XHR
application/x-protobuf 18.220.118.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/sr?v=180443
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.220.118.246 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-220-118-246.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 06 Sep 2022 16:24:52 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.sltrib.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 766F 376 KB
126 KB 100ms
35ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128229
x-xss-protection: 0
expires: Tue, 06 Sep 2022 16:24:52 GMT

GET
H2 200 b7016d29-e1fd-4d4c-a71d-64a2c53eb522.bin Show response
vid.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ Frame 766F 2 KB
1 KB 55ms
22ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/b7016d29-e1fd-4d4c-a71d-64a2c53eb522.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58432aa30a21684737e61687c4725f31f92235af0b9ce2a325537f6688740572

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:52 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 22:00:54 GMT
age: 65086
etag: "2e012149b1bfddd38895a7fa612d1aaa"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 945

POST
H/1.1 200
OK ao Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame 766F 0
315 B 473ms
120ms XHR
application/x-protobuf 18.220.118.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/ao?v=180443
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.220.118.246 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-220-118-246.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 06 Sep 2022 16:24:52 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.sltrib.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK g Show response
capi-tier-2-us-east-2.connatix.com/rtb/ Frame 766F 758 B
839 B 571ms
220ms XHR
application/x-protobuf 18.220.118.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=180443
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.220.118.246 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-220-118-246.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 94ee2c0e62182093ed9910d10feb2b4d42101767f2b456e9d59090cdb8030c2b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 06 Sep 2022 16:24:52 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.sltrib.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 543

POST
H/1.1 200
OK ps Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame 766F 0
334 B 468ms
116ms XHR
application/x-protobuf 18.220.118.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/ps?v=180443
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.220.118.246 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-220-118-246.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 06 Sep 2022 16:24:51 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.sltrib.com
transfer-encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true

GET
H2 200 3f619b8b-9556-4afd-a3e6-e6182c975ffa.jpg
img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ 21 KB
21 KB 60ms
25ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/3f619b8b-9556-4afd-a3e6-e6182c975ffa.jpg?crop=574:395,smart&width=574&height=395&format=jpeg&quality=60&fit=crop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b69d317fb7dc36c2659ffc9eb5c343d4847c7e1a03d09e19f2cd6c95d11327c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:52 GMT
content-encoding: br
age: 66191
etag: "TGo98FKFFJu/S0tiU8Jqt6nas7vgz+A6e7ru8JPws50"
access-control-max-age: 86400
fastly-io-info: ifsz=73328 idim=1200x630 ifmt=jpeg ofsz=21896 odim=574x395 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 21530

GET
H2 200 3f619b8b-9556-4afd-a3e6-e6182c975ffa.jpg
img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ 18 KB
18 KB 56ms
23ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/3f619b8b-9556-4afd-a3e6-e6182c975ffa.jpg?crop=574:323,smart&width=574&height=323&format=jpeg&quality=60&fit=crop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41dbafe09938007aeb3d1b1ea9b97a6f01d7837bed8767d841acca25e1ab7f04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:52 GMT
content-encoding: br
age: 66192
etag: "eLXnRmplJVytLS4/jBKxk5u9xFS5YcXTBH4WJuEIFag"
access-control-max-age: 86400
fastly-io-info: ifsz=73328 idim=1200x630 ifmt=jpeg ofsz=18226 odim=574x323 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 17868

GET
H2 200 0b32b6d8-3743-4b76-95ba-6b296575389f.jpg
img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ 22 KB
22 KB 54ms
26ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/0b32b6d8-3743-4b76-95ba-6b296575389f.jpg?crop=574:323,smart&width=574&height=323&format=jpeg&quality=60&fit=crop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b23f49cc6a67e1a8ce95c55310d14e264f221c83466b27b8509d0e7c90d206bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:52 GMT
content-encoding: br
age: 66192
etag: "LSwiLvfMDMGaDrEFSG7aE7wWXzZ/WdyMNMAiJZLIkUg"
access-control-max-age: 86400
fastly-io-info: ifsz=87653 idim=1200x630 ifmt=jpeg ofsz=22355 odim=574x323 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 21997

GET
H2 200 4bec8343-b546-4a19-a779-286a0ee4b1ff.jpg
img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ 21 KB
21 KB 50ms
23ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/4bec8343-b546-4a19-a779-286a0ee4b1ff.jpg?crop=574:323,smart&width=574&height=323&format=jpeg&quality=60&fit=crop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c74892ebb4bb36978254e78ba2a6b122f17ac08953ac39bf346ef7233f0eb8ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:52 GMT
content-encoding: br
age: 66191
etag: "F/VsOtKPbD+8qfPeQt5g0z7lqCnBsnbJcKE7v2GDPSo"
access-control-max-age: 86400
fastly-io-info: ifsz=109819 idim=1200x630 ifmt=jpeg ofsz=21519 odim=574x323 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 21160

GET
H2 200 e556df3d-5ba0-4275-9e55-a0eda4b0c260.jpg
img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ 23 KB
23 KB 51ms
24ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/e556df3d-5ba0-4275-9e55-a0eda4b0c260.jpg?crop=574:323,smart&width=574&height=323&format=jpeg&quality=60&fit=crop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 691b3a9d3aa28b80873fed5caee74e0254ed1ae59d4ff5daca3810aa95e5ff50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:52 GMT
content-encoding: br
age: 66192
etag: "0mprHUPslzPQGb/wGIsnIrW20yP50ziUCk/IblgkuA0"
access-control-max-age: 86400
fastly-io-info: ifsz=103270 idim=1200x630 ifmt=jpeg ofsz=23887 odim=574x323 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 23446

GET
H2 200 9252ac4a-19cc-4f10-87cd-5deb06c9f919.jpg
img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ 27 KB
27 KB 46ms
21ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/9252ac4a-19cc-4f10-87cd-5deb06c9f919.jpg?crop=574:323,smart&width=574&height=323&format=jpeg&quality=60&fit=crop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2e032510d34644db24580cc5f01eb3e2ac6437d8bec32d02981d3f9a163b8c6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:52 GMT
content-encoding: br
age: 66192
etag: "T843zVZ4tLq54369QQRJdqi5+leum7M/nnI0uDguu6g"
access-control-max-age: 86400
fastly-io-info: ifsz=116739 idim=1200x630 ifmt=jpeg ofsz=27599 odim=574x323 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 27220

GET
H3 200 bridge3.528.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D0EE 637 KB
206 KB 64ms
22ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 175933
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210604
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 15:32:39 GMT
expires: Mon, 04 Sep 2023 15:32:39 GMT
last-modified: Mon, 29 Aug 2022 20:41:35 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 766F 44 KB
17 KB 113ms
37ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Sep 2022 16:24:52 GMT

GET
H3 200 bridge3.528.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 33AF 637 KB
206 KB 31ms
20ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 175933
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210604
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 15:32:39 GMT
expires: Mon, 04 Sep 2023 15:32:39 GMT
last-modified: Mon, 29 Aug 2022 20:41:35 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.528.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 635F 637 KB
206 KB 32ms
31ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 175933
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210604
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 15:32:39 GMT
expires: Mon, 04 Sep 2023 15:32:39 GMT
last-modified: Mon, 29 Aug 2022 20:41:35 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gaAccount Show response
buy.tinypass.com/api/v3/anon/assets/ 77 B
458 B 153ms
153ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=vxCIN3E3cT&tbc=%7Bkpex%7DKrmHC1vjz9Ve7M1lKMRiOfcSZGLR0fxutZzixzXbyhi5pf0_vV9rLVpkglB9hydZ&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jsonp6348

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6aecb1b90a650d57e495741d9f9aff66c41bdc20c19489213ef8d3aedc4e253

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74688eb0092d9bb8-FRA
date: Tue, 06 Sep 2022 16:24:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
wn: prod-dash-10-0-128-77
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
p3p: CP="NON DSP COR OUR IND"
server-time: 0.010
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: MgxqshrVja6

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame C1D4 49 KB
20 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4972
date: Tue, 06 Sep 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 06 Sep 2022 17:02:00 GMT

GET
BLOB 200
OK 90bdbcbe-a486-49b7-98a5-1cf21f164294
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/90bdbcbe-a486-49b7-98a5-1cf21f164294
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

POST
H/1.1 200
OK g Show response
capi-tier-2-us-east-2.connatix.com/rtb/ Frame 766F 0
315 B 118ms
118ms XHR
application/x-protobuf 18.220.118.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=180443
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.220.118.246 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-220-118-246.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 06 Sep 2022 16:24:52 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.sltrib.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H2 200 / Show response
id.sltrib.com/ 0
200 B 363ms
69ms XHR
text/plain 2606:4700::6811:b9b1

General

Check archive.org

Show headers Download Go to

Full URL

https://id.sltrib.com/?maxAge=2628000

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Sep 2022 16:24:53 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: https://www.sltrib.com
access-control-allow-credentials: true
strict-transport-security: max-age=86400; includeSubDomains
cf-ray: 74688eb54a0c5b4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.sltrib.com/	1970-01-20 05:48:02	Name: arc-country Value: DE
.sltrib.com/	1970-01-20 05:48:05	Name: AKA_A2 Value: A
www.sltrib.com/	1969-12-31 23:59:59	Name: fs.bot.check Value: true
.twitter.com/	1970-01-20 15:24:01	Name: personalization_id Value: "v1_DBO/n1fhR8PiXP0k5bn+RQ=="
.t.co/	1970-01-20 15:24:01	Name: muc_ads Value: f3c5afb5-1a9a-44de-9d91-9c576c3462f0
www.sltrib.com/	1970-01-20 05:48:01	Name: __adblocker Value: false
www.sltrib.com/	1970-01-20 07:57:37	Name: __pnahc Value: 0
.doubleclick.net/	1970-01-20 15:09:37	Name: IDE Value: AHWqTUlxwIGsHBPW71WVVlFskTcgjSyzMU0MwTPoH8hSBUITSD0Ra9di1vRjeoYXZPI
.piano.io/	1970-01-20 05:48:03	Name: __cf_bm Value: ZCcW8oCU9Qmc0Mu8IwriGtiQuGoIWL9R0qXQkhZ4YlM-1662481489-0-AZH2c4JHkmNmRXuYz0Z+Z1xYNvEJy5QY8CfQPWjDf1e2jJL9285zWgzjF2M/Pl+lVQW4I3MDs6idsSnFVA/E26Y=
.sltrib.com/	1970-01-20 15:24:01	Name: __tbc Value: %7Bkpex%7DKrmHC1vjz9Ve7M1lKMRiOfcSZGLR0fxutZzixzXbyhi5pf0_vV9rLVpkglB9hydZ
.sltrib.com/	1970-01-20 15:24:01	Name: cX_P Value: l7qejz15omk22yl9
www.sltrib.com/	1970-01-20 06:31:13	Name: __pat Value: -21600000
.sltrib.com/	1970-01-20 05:49:27	Name: __pvi Value: %7B%22id%22%3A%22v-l7qejz1faujw9pcw%22%2C%22domain%22%3A%22.sltrib.com%22%2C%22time%22%3A1662481489696%7D
.sltrib.com/	1970-01-20 15:24:01	Name: xbc Value: %7Bkpex%7DM_AQBvCM2rrwm6qLSnJNkrDnEX9c4g_JIxzCJoXMwYxAyz24YSfsVo7VgUNhWclvmOAXyqWefMfzMMcjlxjXUMW15MdSjO-DvVQYulW1Ucs-gGtUBjTzVWhE2BsY7if7e4iIZ4gGc53A1KBjRlW29PBuM6ftZpx1_XmPV1UMr0maDnHPmgtUcH57WwtK_jegKrcJGNp2SADkzFxOyUWO-EYdmQp8aHOiVeWs8UE2cbVe0NpVlLaXwQx56Tbhr_Lvq6Aw9MxCalx78O_6KdYV0R_9YqHuLWiqnNXxHFodPFQ
.tinypass.com/	1970-01-20 05:48:05	Name: ch_sid Value: 2Z9ALaiwXIuLVOD
.tinypass.com/	1970-01-20 15:24:01	Name: LANG Value: en_US
.tinypass.com/	1970-01-20 05:49:27	Name: LANG_CHANGED Value: en_US
.sltrib.com/	1970-01-20 06:31:13	Name: __pil Value: en_US
m.stripe.com/	1970-01-20 15:24:01	Name: m Value: 9e237827-782f-4565-891c-1f44725fbcddf9a9e8

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.sltrib.com/pf/api/v3/content/fetch/coral-comments?query=undefined&d=306&_website=sltrib Message: Failed to load resource: the server responded with a status of 500 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8208269.fls.doubleclick.net
8234312.fls.doubleclick.net
a.pub.network
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.twitter.com
analyticssystems.net
buy.tinypass.com
c2.piano.io
capi-tier-2-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.tinypass.com
cdnjs.cloudflare.com
cds.connatix.com
clickserv.basis.net
clickserv.sitescout.com
cmp.osano.com
d.pub.network
d3plfjw9uod7ab.cloudfront.net
experience.tinypass.com
id.sltrib.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
js.adsrvr.org
js.stripe.com
link.3blmedia.com
local.sltrib.com
log.outbrainimg.com
m.stripe.com
m.stripe.network
mab.chartbeat.com
ping.chartbeat.net
pixel-a.basis.net
pixel.sitescout.com
q.stripe.com
s.go-mpulse.net
s0.2mdn.net
securepubads.g.doubleclick.net
sltrib.coral.coralproject.net
static.ads-twitter.com
static.chartbeat.com
t.co
tcheck.outbrainimg.com
vid.connatix.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.googletagmanager.com
www.npttech.com
www.queryly.com
www.sltrib.com
104.244.42.195
104.244.42.5
108.138.15.119
142.250.185.102
151.101.194.137
151.101.2.137
151.101.64.176
167.89.118.83
18.220.118.246
199.232.16.157
2.21.185.176
2.21.185.80
207.198.113.230
2600:9000:223c:be00:18:1fcd:351:7bc1
2600:9000:223c:d800:3:b7e:8940:93a1
2600:9000:223e:5400:13:a391:88c0:21
2606:4700:20::681a:18b
2606:4700:20::681a:c56
2606:4700:3030::6815:251b
2606:4700:3032::ac43:bf95
2606:4700::6810:2a41
2606:4700::6811:180e
2606:4700::6811:b7b1
2606:4700::6811:b8b1
2606:4700::6811:b9b1
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:827::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a02:26f0:10e::5435:a1f0
2a02:26f0:ea:492::11a6
2a04:4e42:200::714
35.201.71.192
35.244.156.29
52.222.236.21
54.149.23.244
54.160.55.69
54.187.119.242
64.202.112.31
66.155.71.150
66.155.71.189
69.16.220.201
01d6fdcdfb196cb3a9e6d29c26f16be5449973ea5801c8a19812e62edc8b1375
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0f1928c0a2274141ca7ba973c6098bb259a335c6ecc1969fed7ce92fea6a744d
1349f8a177348d0812701b1d014b76c7dba107cb9793792379e70cfeb35ed80d
1370a291c2b1bb2291179491127d2eba73de6672253ce9c380339627f1338e31
1a5414e59027131d5ac994ba4fe4386b491145f34e86c9ffe90fb7ea968bcf0d
1b8d3a2955437b5e48474e4eed7ea33591941f2abb5d3d5de9175022d8f5b029
1f41c74991f832df75862a53468fd4125847bfa3ed7fd898c70955f56a109593
21f74a557443efaba561de4523ccd2cf937b553488fa5c7699cf122648555afd
220832d32395cd530c8ae99da60e01530d9c50085df4beb88ee89baafe565a4f
22be49ce866a34ae0c3242ea58bd3cedb4084867009cf100e8149d4d0d2eed4a
25eb42e900a873fee498a3d5ab675d937d937f8df774fb3ce51234adb9479ffc
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
2e032510d34644db24580cc5f01eb3e2ac6437d8bec32d02981d3f9a163b8c6b
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
305705fc54f335a4cce39cb68ab059e7202c19f0ff03d3336ebd3e6fcdcf0518
325eb0ed9c4b2173718116d97c78e067f83311ed07570de76d154881bee92947
37e4ecedf0ab53a8f928507a9ae337f5871230f4525ce7e8070af4b21c17412d
387aa7a6738013f6870e894b7fe403851bc07a70bce38ae776ee2de49cad8c5c
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3b4afadbde544c4bcff673c56233c2aebf3acbe475a895594a0c5c58f2a444a8
3d9215d1b15a3a07cf0bd95f0e8e7eb715671ab34071fb9dc9cbe9c4b0b0c134
3db1711b708e98ad42b7764a019342259e8c5c8fd4d4602fadd8e28b69f0200a
403f82f5023b7899ecc6ea3059c0b29c10d6719e7f8464e0625c8f5d02c9b69c
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
41dbafe09938007aeb3d1b1ea9b97a6f01d7837bed8767d841acca25e1ab7f04
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
45522f67730a33a2cd38498d9eb29a282106afb6e7206c5b6aef0894db4778e6
462f8a9becd0c3fe2ff5f35f32d9ec980cab1ae3a715b9f7ba03e544134d815c
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4bbe2794bd263f165aedbd479b42c995326e90a523f76e7e437b9b265f8c309f
4c80a8f5f2b08450a380dbf21d62efadc874f8695a1ce5d703ddff1fd8cc215e
4ccd02be3a38860311353ea56f2f883a5186c1838b40614b19e7cb50dd22cbe0
4f19ec18175b0631e9c5d0f2adf42f0fd7742019915f8e06b379ceb1500f13a6
4f30edfff18f6ab829328a8320017953bcdeece5bc1c9420ce63ec13313ee49d
50218b350ecd9694900e829cfc6c60e47693ef3cb35a07774414ef83a911f1b4
58432aa30a21684737e61687c4725f31f92235af0b9ce2a325537f6688740572
5903ac62a504525a0c57b90ed548c2415f542e242d4c64edd369db6cf82aab6f
5c1a97171b0ac89a0ba20428ba069f1db2fcdb96280b99f991fcffe743eca72e
5c37ae406fb7482d4272fdad17a3dc6ccfa9b0dfc3bf06ee6636855ed0eb382b
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
62101b74c06b47e062cc71dcde389d7490880767e98457c6260adc691ad098b7
624dcd4c7f8f377f1c04db465452492705a92f0e22f6dd5f13e6443f78d955a0
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
650876073a3cf72c3ea5de10fa9f864b6871fabe634f1bc8c9fc9ca9f8db24ec
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
668c0ef605758b2a28ae572680986554e0097e2f10a749db8316b3cb1574806c
68326de2e78eee8040cc7dc6181ca15a8e16ca1951aab55899caeb9ac01952df
691b3a9d3aa28b80873fed5caee74e0254ed1ae59d4ff5daca3810aa95e5ff50
6a505a2b7124eb5116121cac2dfb5aaaf44fcdeb0596efadcea9a74cd9544400
6a7dd3acbecddc653446803e807cea2b6a85f3c6c1a6cc349b751f5e965647ad
6f5d18b1769507b97d8718a598fcecd3bc9e270bc11a520d769b2d06452418f6
7135861f8a8768636a90c4fb777082380c84194319273624e88004ab2b9d98d2
72d3bb48505405120796571830ae74c4f871f03a9052d080cde2190aa926b1ee
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
7582354aac0b69ddb4805d6c6a5aa500bd1ea1419d1e9180ff7ec248aa75a538
7c207b3ed9feda70543fb75e8d0172f262a909522db37f7e3e22249a075a2760
7eb2af8a6315d058a1e7b87fadf2070e8fc0b2449b0a89da20c5b912de500acd
80829916dd7461f45b5709b63546ac24d8542434932a530ba5b6833857e91a76
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8c6e05f6225577a5f7e3ddfa6009350ab389ba0563d29c67ae69dac65dfcd0c4
8f850627aa46412b56450f99c309fbfa8786f65a46b59746223cc135e2535b46
9041f63adc7ef5badf30edfdd51d94832df52c6a93c52ba91ea270c107847b82
917e2aa0aab7d93b17f45c1cd9d7d780af1ec625767c31eef8425d8b271e88e3
93fc8b658124ff5537f0f4d764d1ab052431db7356744319851ec3b69d5c5511
94ee2c0e62182093ed9910d10feb2b4d42101767f2b456e9d59090cdb8030c2b
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
99864675faf8dea302b09f4905d80f32a6ca510c9b1118d2692e0df0241c637d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a6aecb1b90a650d57e495741d9f9aff66c41bdc20c19489213ef8d3aedc4e253
a6b9ca255d1b81f64849a3e0412ee94a858f10baafb862bfd715541afdb012df
a6c94dbbf419599a1f7f78863ad41ce7a23dc59cd4e7e6e24f393ac9a0820edc
a9450e83ec09f4210f388881c236376e6808d1fb46065133d390f7039629f048
aa21d0ddbc7cb318d1367bab72630267ec09559a269a23672cebf582d36386ca
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acfad196fd927f8b9f76a0812949fe5ac2941e222af3b7f370c7e01b3e769998
b23f49cc6a67e1a8ce95c55310d14e264f221c83466b27b8509d0e7c90d206bf
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b3074e2cf0b12bcf10b46ed42bbe45b43ddfb868a7434b8e7b45ec387924c09a
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b4ea7becb73ec15a833c3b07af42d783b6d659be85365d1b7b2a3698d412d3e2
b546d33c5746a5ebaea072bb4a0fdb6fee012be4d7512047934164b5f8e1fd90
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6322113217b4fac79ad5b27613c9c66d466e67fad90363e743c87df4843acd7
b69d317fb7dc36c2659ffc9eb5c343d4847c7e1a03d09e19f2cd6c95d11327c8
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
ba7b216d6e5a6306668821f071831022c7205627e881f2214659b36b7bdced6a
ba7bbecfafbdaa5c42febcdcc8cff1181eb9a05af145c171fd397665f68a10f8
c1da96c3d42f7caf85fcf6e884d721b8417efd123ac21d75865ce6825d62b30c
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c338ffbcf46f2e232a2dfc231dd3d99c7b173cf513bbab256eae8d4a3e3ac067
c41306714d2e4215494e69b0c308709cf70e7e4eb5bb5dfa02cee392bb8a44db
c74892ebb4bb36978254e78ba2a6b122f17ac08953ac39bf346ef7233f0eb8ee
cae64fe5d098ea6730429186e8c0eb8fa494f748bd5af0fdd46bb2943a38267a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d6b10e6c3a812d3cb7081fa6014bc5aa6f8fbee831adbddc5df3bb5da8e1ac05
d7ab0f1e31217960c7bcf0bdb822374271344c75aab4da7825505571e7e9035e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62
e8ca23a252b58a07eb67e2c94362cb39a129547558996ec167bebd8c35cef945
e9ad5095294ab16f4e0f967319567e84e699412d08bdde3986ea4dd21a9825b6
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
f8a691e6f523905cca35f8488a78ceadbaa81c057adf1b5a4817871ad27bf787
f98b036fe5c18078c10069bddcfa1436e7726ac0adc3cb05699b2a07d7112ba6
faa89869b696a28906e1a4cbc76401428cc2975267b5ab83c605f683a8472406

www.sltrib.com Open in urlscan Pro 2a02:26f0:10e::5435:a1f0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

140 Requests

94 %HTTPS

50 %IPv6

33 Domains

54 Subdomains

45 IPs

4 Countries

3790 kBTransfer

12954 kBSize

19 Cookies

14 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sltrib.com Open in urlscan Pro
2a02:26f0:10e::5435:a1f0 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

94 %
HTTPS

50 %
IPv6

33
Domains

54
Subdomains

45
IPs

4
Countries

3790 kB
Transfer

12954 kB
Size

19
Cookies

140 HTTP transactions
2 data transactions