www.sltrib.com Open in urlscan Pro
2a02:26f0:480:f::213:7ed3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Submission: On December 31 via api (December 31st 2023, 1:42:40 am UTC) from FI — Scanned from FI

Summary HTTP 170 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 58 IPs in 3 countries across 42 domains to perform 170 HTTP transactions. The main IP is 2a02:26f0:480:f::213:7ed3, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.sltrib.com. The Cisco Umbrella rank of the primary domain is 187075.
TLS certificate: Issued by R3 on December 29th 2023. Valid for: 3 months.

This is the only time www.sltrib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	2a02:26f0:480... 2a02:26f0:480:f::213:7ed3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:400c:c02::54	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	35.244.156.29 35.244.156.29	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	69.16.220.201 69.16.220.201	32244 (LIQUIDWEB) (LIQUIDWEB)
1	108.157.4.79 108.157.4.79	16509 (AMAZON-02) (AMAZON-02)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
4	18.173.233.15 18.173.233.15	16509 (AMAZON-02) (AMAZON-02)
2	184.30.17.67 184.30.17.67	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:243... 2600:9000:243d:6e00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:211... 2600:9000:211e:2c00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::681a:d56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:170... 2a02:26f0:1700:38a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2 5	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:4222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6812:eff8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	44.194.80.15 44.194.80.15	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:400... 2a04:4e42:400::714	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:18d::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	52.205.229.242 52.205.229.242	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	108.157.4.32 108.157.4.32	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
5 10	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2600:9000:224... 2600:9000:224a:c800:0:6f3c:65c0:21	16509 (AMAZON-02) (AMAZON-02)
1 1	207.198.113.205 207.198.113.205	13768 (COGECO-PEER1) (COGECO-PEER1)
1	98.98.134.246 98.98.134.246	21859 (ZEN-ECN) (ZEN-ECN)
1	34.160.152.31 34.160.152.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	18.66.147.112 18.66.147.112	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	34.111.152.239 34.111.152.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6811:c376	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6812:b07e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.19.100.22 2.19.100.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
11	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.154.63.19 18.154.63.19	16509 (AMAZON-02) (AMAZON-02)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	52.12.68.237 52.12.68.237	16509 (AMAZON-02) (AMAZON-02)
1	13.58.98.49 13.58.98.49	16509 (AMAZON-02) (AMAZON-02)
2	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	44.233.104.20 44.233.104.20	16509 (AMAZON-02) (AMAZON-02)
1 1	184.24.77.145 184.24.77.145	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	184.24.77.166 184.24.77.166	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a02:26f0:480... 2a02:26f0:480:f::213:7ee3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
170	58

32 2a02:26f0:480:f::213:7ed3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.sltrib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c02::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.156.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.156.244.35.bc.googleusercontent.com

sltrib.coral.coralproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.16.220.201 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host3.utahdigitalservices.com

local.sltrib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-79.dus51.r.cloudfront.net

cdn-gateflipp.flippback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.173.233.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-15.dus51.r.cloudfront.net

cloudfront-us-east-1.images.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:243d:6e00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:2c00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:d56 (United States)

ASN13335 (CLOUDFLARENET, US)

www.queryly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:38a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd325.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.206.38 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f6.1e100.net

8208269.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8234312.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:4222 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:eff8 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14ce (United States)

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.194.80.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-80-15.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:18d::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.229.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-229-242.compute-1.amazonaws.com

frontend-logger.flippback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-32.dus51.r.cloudfront.net

cdn.ads-flipp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 98.98.134.243 (United States) 5 redirects

ASN21859 (ZEN-ECN, US)

pixel-a.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:c800:0:6f3c:65c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1vg5xiq7qffdj.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.198.113.205 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

clickserv.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.246 (United States)

ASN21859 (ZEN-ECN, US)

clickserv.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-112.fra60.r.cloudfront.net

p.flipp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com

optimise.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c376 (United States)

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:b07e (United States)

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.100.22 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-100-22.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.154.63.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-19.dus51.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.12.68.237 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-68-237.us-west-2.compute.amazonaws.com

app.mirabelsmarketingmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.58.98.49 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-98-49.us-east-2.compute.amazonaws.com

api.emailsnow.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.233.104.20 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-104-20.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.77.145 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-145.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.77.166 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-166.deploy.static.akamaitechnologies.com

xhgadonydbgzczmqy4fq-pp78d5-f8d1d85fa-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7ee3 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
figpaqaaaatzakqce3yajaaab5szbryl-pp78d5-628c6eef9-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	sltrib.com www.sltrib.com — Cisco Umbrella Rank: 187075 local.sltrib.com — Cisco Umbrella Rank: 304966	1 MB
12	tinypass.com experience.tinypass.com — Cisco Umbrella Rank: 8812 cdn.tinypass.com — Cisco Umbrella Rank: 6343 buy.tinypass.com — Cisco Umbrella Rank: 6802	526 KB
11	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	98 KB
9	google.com accounts.google.com — Cisco Umbrella Rank: 23 news.google.com — Cisco Umbrella Rank: 6415 adservice.google.com — Cisco Umbrella Rank: 93 region1.analytics.google.com — Cisco Umbrella Rank: 2693	170 KB
8	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 8208269.fls.doubleclick.net — Cisco Umbrella Rank: 309996 8234312.fls.doubleclick.net — Cisco Umbrella Rank: 307780 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	167 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1282 q.stripe.com — Cisco Umbrella Rank: 7730 m.stripe.com — Cisco Umbrella Rank: 1245	148 KB
6	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3501 clickserv.sitescout.com — Cisco Umbrella Rank: 24326	649 B
6	basis.net 6 redirects pixel-a.basis.net — Cisco Umbrella Rank: 25530 clickserv.basis.net — Cisco Umbrella Rank: 82894	401 B
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 2305 xhgadonydbgzczmqy4fq-pp78d5-f8d1d85fa-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 2306 figpaqaaaatzakqce3yajaaab5szbryl-pp78d5-628c6eef9-clienttons-s.akamaihd.net	1 KB
4	arcpublishing.com cloudfront-us-east-1.images.arcpublishing.com — Cisco Umbrella Rank: 27856	34 KB
3	google.fi 1 redirects adservice.google.fi — Cisco Umbrella Rank: 525443 www.google.fi — Cisco Umbrella Rank: 35135	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	264 KB
3	queryly.com www.queryly.com — Cisco Umbrella Rank: 11671	17 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1767 mab.chartbeat.com — Cisco Umbrella Rank: 2658	26 KB
3	coralproject.net sltrib.coral.coralproject.net — Cisco Umbrella Rank: 275313	61 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1361	16 KB
2	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 11657 log.outbrainimg.com — Cisco Umbrella Rank: 3044	832 B
2	optimise.net optimise.net — Cisco Umbrella Rank: 5012	22 KB
2	flipp.com p.flipp.com — Cisco Umbrella Rank: 12488
2	cloudfront.net d1vg5xiq7qffdj.cloudfront.net	17 KB
2	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1455	401 B
2	pub.network a.pub.network — Cisco Umbrella Rank: 4449 d.pub.network — Cisco Umbrella Rank: 4680	26 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1309 c.go-mpulse.net — Cisco Umbrella Rank: 595	52 KB
2	osano.com cmp.osano.com — Cisco Umbrella Rank: 4989	111 KB
2	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2138 widget-pixels.outbrain.com — Cisco Umbrella Rank: 4308	87 KB
2	flippback.com cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 13071 frontend-logger.flippback.com — Cisco Umbrella Rank: 297348	34 KB
1	akstat.io 684dd325.akstat.io — Cisco Umbrella Rank: 70034	201 B
1	emailsnow.info api.emailsnow.info — Cisco Umbrella Rank: 96131	263 B
1	mirabelsmarketingmanager.com app.mirabelsmarketingmanager.com — Cisco Umbrella Rank: 87766	53 KB
1	piano.io c2.piano.io — Cisco Umbrella Rank: 5667	3 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1387	637 B
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	54 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1266	9 KB
1	ads-flipp.com cdn.ads-flipp.com — Cisco Umbrella Rank: 21809	545 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 408	98 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 713	395 B
1	t.co t.co — Cisco Umbrella Rank: 589	377 B
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 7773	3 KB
1	connatix.com cd.connatix.com — Cisco Umbrella Rank: 3607	4 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340	33 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 678	15 KB
1	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1355	3 KB
170	42

	Domain	Requested by
32	www.sltrib.com	www.sltrib.com
11	cdnjs.cloudflare.com	buy.tinypass.com
10	buy.tinypass.com	cdn.tinypass.com cmp.osano.com buy.tinypass.com cdnjs.cloudflare.com
6	local.sltrib.com	www.sltrib.com buy.tinypass.com
5	pixel.sitescout.com	www.sltrib.com 8234312.fls.doubleclick.net
5	pixel-a.basis.net	5 redirects
4	cloudfront-us-east-1.images.arcpublishing.com	www.sltrib.com
3	q.stripe.com	www.sltrib.com
3	js.stripe.com	buy.tinypass.com js.stripe.com
3	8234312.fls.doubleclick.net	1 redirects www.sltrib.com adservice.google.com
3	www.googletagmanager.com	www.sltrib.com www.googletagmanager.com cmp.osano.com
3	www.queryly.com	www.sltrib.com
3	sltrib.coral.coralproject.net	www.sltrib.com cmp.osano.com sltrib.coral.coralproject.net
3	news.google.com	www.sltrib.com news.google.com
3	accounts.google.com	www.sltrib.com accounts.google.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	optimise.net	a.pub.network
2	p.flipp.com	cdn-gateflipp.flippback.com
2	adservice.google.fi	1 redirects adservice.google.com
2	d1vg5xiq7qffdj.cloudfront.net	www.sltrib.com cmp.osano.com
2	adservice.google.com	8234312.fls.doubleclick.net 8208269.fls.doubleclick.net
2	ping.chartbeat.net	www.sltrib.com
2	8208269.fls.doubleclick.net	1 redirects www.sltrib.com
2	cmp.osano.com	www.sltrib.com cmp.osano.com
2	static.chartbeat.com	www.sltrib.com
2	securepubads.g.doubleclick.net	www.sltrib.com securepubads.g.doubleclick.net
1	figpaqaaaatzakqce3yajaaab5szbryl-pp78d5-628c6eef9-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	xhgadonydbgzczmqy4fq-pp78d5-f8d1d85fa-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	684dd325.akstat.io	s.go-mpulse.net
1	m.stripe.com	m.stripe.network
1	api.emailsnow.info	www.sltrib.com
1	app.mirabelsmarketingmanager.com	ajax.googleapis.com
1	log.outbrainimg.com	widgets.outbrain.com
1	widget-pixels.outbrain.com	www.sltrib.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	c2.piano.io	cdn.tinypass.com
1	www.google.fi	www.sltrib.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	alb.reddit.com	www.sltrib.com
1	cdn.tinypass.com	experience.tinypass.com
1	d.pub.network	www.sltrib.com
1	clickserv.sitescout.com	www.sltrib.com
1	clickserv.basis.net	1 redirects
1	connect.facebook.net	www.sltrib.com
1	www.redditstatic.com	www.googletagmanager.com
1	cdn.ads-flipp.com	cdn-gateflipp.flippback.com
1	idsync.rlcdn.com	www.sltrib.com
1	frontend-logger.flippback.com	cdn-gateflipp.flippback.com
1	analytics.twitter.com	www.sltrib.com
1	t.co	www.sltrib.com
1	c.go-mpulse.net	s.go-mpulse.net
1	mab.chartbeat.com	static.chartbeat.com
1	a.pub.network	www.sltrib.com
1	experience.tinypass.com	www.sltrib.com
1	www.npttech.com	www.sltrib.com
1	cd.connatix.com	www.sltrib.com
1	ajax.googleapis.com	www.queryly.com
1	static.ads-twitter.com	www.sltrib.com
1	s.go-mpulse.net	www.sltrib.com
1	widgets.outbrain.com	www.sltrib.com
1	js.adsrvr.org	www.sltrib.com
1	cdn-gateflipp.flippback.com	www.sltrib.com
170	65

This site contains links to these domains. Also see Links.

Domain
www.reportforamerica.org
checkout.fundjournalism.org
twitter.com
www.facebook.com
www.instagram.com
www.youtube.com
apps.apple.com
play.google.com
sltiservices.navigacloud.com
store.sltrib.com
archive.sltrib.com
www.queryly.com

Subject Issuer	Validity	Valid
sltrib.web.arc-cdn.net R3	`2023-12-29` - `2024-03-28`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sltrib.coral.coralproject.net GTS CA 1D4	`2023-11-08` - `2024-02-06`	3 months	crt.sh
local.sltrib.com cPanel, Inc. Certification Authority	`2023-11-10` - `2024-02-08`	3 months	crt.sh
flippback.com Amazon RSA 2048 M01	`2023-09-18` - `2024-10-16`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.images.arcpublishing.com Amazon RSA 2048 M03	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.osano.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-08` - `2024-03-07`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
connatix.com GTS CA 1P5	`2023-11-04` - `2024-02-02`	3 months	crt.sh
npttech.com GTS CA 1P5	`2023-12-28` - `2024-03-27`	3 months	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
flipp.com Amazon RSA 2048 M01	`2023-07-31` - `2024-08-28`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-09` - `2024-01-07`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
d.pub.network GTS CA 1D4	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.google.fi GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
optimise.net GTS CA 1D4	`2023-11-19` - `2024-02-17`	3 months	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2023-03-27` - `2024-03-26`	a year	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-02` - `2024-03-02`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
*.mirabelsmarketingmanager.com Go Daddy Secure Certificate Authority - G2	`2023-10-04` - `2024-10-13`	a year	crt.sh
api.emailsnow.info R3	`2023-11-21` - `2024-02-19`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Frame ID: 02E34D665CEEA04B51BBCD4D4F845CBC
Requests: 129 HTTP requests in this frame

Frame: https://8208269.fls.doubleclick.net/activityi;dc_pre=CKONsojGuIMDFRfIOwIdEqgEbw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574
Frame ID: AE5B31B8A2794987BD551D7E0FC0D4C7
Requests: 1 HTTP requests in this frame

Frame: https://8234312.fls.doubleclick.net/activityi;dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574
Frame ID: 78134BF20AEFBEA650759EC36517C40B
Requests: 1 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.playspace.js
Frame ID: 84CA6BD1033BA94335D19490B918D468
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Frame ID: 80BF80ABA9A4D8B029A0836AF61C14BC
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKONsojGuIMDFRfIOwIdEqgEbw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Frame ID: EF87EE7FEA81E933AE0897CDF95328A3
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: E696EF9C6332F2D73C0819E1A4FBD9C1
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 1D19DAA3DA7397F31D14EB1D84596072
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.fi/ddm/fls/i/dc_pre=CKONsojGuIMDFRfIOwIdEqgEbw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Frame ID: 70E200CD9593573BA1114A0B9666B0DD
Requests: 1 HTTP requests in this frame

Frame: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Frame ID: 808575724647205BDF3711E43E2ABA72
Requests: 2 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: C618BFB0985C5CEF61EC7DA390E251FF
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 5D242BF3A073E05D5B7E8AF317B68CCC
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceActionId=showOffer7P0PLWRHGM4Y60&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-9bZuM&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=vxCIN3E3cT&zone=Web&browserId=lqstu4djdy5pgzhm&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2106&logType=offerShow&width=1600&_qh=2e7a9efbba
Frame ID: EC161B737DABAD59B4423B58583BB787
Requests: 22 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 73CCACC8154081AA94786B78E5E7A6FC
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: DDEFD34C4D35EAC0BF1C953A98A6496E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SafeMoon files for bankruptcy amid fraud accusations

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

170
Requests

84 %
HTTPS

46 %
IPv6

42
Domains

65
Subdomains

58
IPs

3
Countries

3449 kB
Transfer

11396 kB
Size

27
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.reportforamerica.org/
Title: Report for America

Search URL Search Domain Scan URL

URL: https://checkout.fundjournalism.org/memberform?org_id=saltlaketribune&campaign=7013i000000IpbRAAS
Title: here

Search URL Search Domain Scan URL

URL: https://twitter.com/ShannonSollitt
Title: Follow @ShannonSollitt

Search URL Search Domain Scan URL

URL: https://www.facebook.com/saltlaketribune/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/sltrib/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sltrib/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/sltrib/
Title: YouTube

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ai/app/salt-lake-tribune-eedition/id995297003

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.saltlaketribune.android.prod&hl=en_US&gl=US

Search URL Search Domain Scan URL

URL: https://sltiservices.navigacloud.com/cmo_slt-c-cmdb-01/subscriber/web/startoffers.html
Title: Subscribe to print + digital

Search URL Search Domain Scan URL

URL: https://store.sltrib.com/
Title: Store

Search URL Search Domain Scan URL

URL: https://archive.sltrib.com/
Title: Archives

Search URL Search Domain Scan URL

URL: https://www.queryly.com/
Title: search by queryly

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://8208269.fls.doubleclick.net/activityi;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574 HTTP 302
https://8208269.fls.doubleclick.net/activityi;dc_pre=CKONsojGuIMDFRfIOwIdEqgEbw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574

Request Chain 42

https://8234312.fls.doubleclick.net/activityi;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574 HTTP 302
https://8234312.fls.doubleclick.net/activityi;dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574

Request Chain 80

https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
https://pixel.sitescout.com/dmp/asyncPixelSync

Request Chain 81

https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
https://pixel.sitescout.com/dmp/asyncPixelSync

Request Chain 84

https://pixel-a.basis.net/iap/dda8255d32e6482d HTTP 301
https://pixel.sitescout.com/iap/dda8255d32e6482d

Request Chain 85

https://clickserv.basis.net/conv/1ea036853c174e3a HTTP 301
https://clickserv.sitescout.com/conv/1ea036853c174e3a

Request Chain 90

https://adservice.google.fi/ddm/fls/i/dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/ HTTP 302
https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Request Chain 113

https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
https://pixel.sitescout.com/dmp/asyncPixelSync

Request Chain 114

https://pixel-a.basis.net/iap/9f30138796dc7a6a HTTP 301
https://pixel.sitescout.com/iap/9f30138796dc7a6a

Request Chain 168

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pp78d5o66 HTTP 302
https://xhgadonydbgzczmqy4fq-pp78d5-f8d1d85fa-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 169

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pp78d5o66 HTTP 302
https://figpaqaaaatzakqce3yajaaab5szbryl-pp78d5-628c6eef9-clienttons-s.akamaihd.net/eum/results.txt

170 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/ 332 KB
60 KB 671ms
441ms Document
text/html 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

4ecb3d160f163065842699261af350c4c6f76b033e2c3f07e8d07d4f611c4361

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

akamai-true-ttl: -1
arc-country: FI
cache-control: private, max-age=60
content-encoding: gzip
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-type: text/html; charset=utf-8
date: Sun, 31 Dec 2023 01:42:32 GMT
etag: W/"51c60-ia8KBEh3hLbqxCDoov6J5IXY4IU"
expires: Sun, 31 Dec 2023 01:43:32 GMT
last-modified: Sun, 31 Dec 2023 01:42:21 GMT
link: <https://sltrib.coral.coralproject.net>;rel="preconnect",<https://cloudfront-us-east-1.images.arcpublishing.com>;rel="preconnect",<https://js.adsrvr.org>;rel="preconnect",<https://www.queryly.com>;rel="preconnect",<https://local.sltrib.com>;rel="preconnect",<https://static.chartbeat.com>;rel="preconnect",<https://a.pub.network>;rel="preconnect",<https://cdn-gateflipp.flippback.com>;rel="preconnect"
prerender-cache-tag: prerender-sltrib-sltrib-prod-45a4063a
server: openresty
server-timing: cdn-cache; desc=HIT edge; dur=381 origin; dur=0 ak_p; desc="1703986952220_34831763_1178920182_37981_5412_54_125_255";dur=1
strict-transport-security: max-age=86400
vary: Accept-Encoding
x-akamai-transformed: 9 57500 0 pmb=mRUM,2
x-amz-cf-id: 9Uvdy2HzynPDAMpJCarICSm_n_8mFwJDs_ipIiadIdNKpUqHJNNzVw==
x-amz-cf-pop: IAD89-P1
x-arc-pb-request-id: c20a9682-396c-4b08-a4e1-ad74b76e7405 2d1ca805-9631-4561-b6b6-a265c26eef3b
x-arc-request-id: 0.937d1302.1703986952.4644e4f6

GET
H2 200 main.css
www.sltrib.com/pf/resources/css/ 113 B
768 B 66ms
64ms Stylesheet
text/css 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/css/main.css?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

668c0ef605758b2a28ae572680986554e0097e2f10a749db8316b3cb1574806c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:32 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: MIA3-P7
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986952.4644e589
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986952800_34831763_1178920329_165_5585_54_0_255";dur=1
content-length: 88
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"c07ed12e990cf688bbb98cbc27f198a8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 03-Z6L4uQCQLnAhPS7S_m6fH--hq5S6ofUXxX67-X4xB_wJgUN3mPw==
expires: Mon, 30 Dec 2024 01:42:32 GMT

GET
H2 200 carousel.css
www.sltrib.com/pf/resources/css/ 4 KB
1 KB 66ms
65ms Stylesheet
text/css 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/css/carousel.css?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

93fc8b658124ff5537f0f4d764d1ab052431db7356744319851ec3b69d5c5511

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:32 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: MIA3-P7
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986952.4644e58a
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986952800_34831763_1178920330_171_5651_54_0_255";dur=1
content-length: 826
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"a967928dd3b5d82f2d2f613f61699944"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: mBlxsm5DRO9pZV0VDZ7was9zSlpo43JmmzYGTNF7gB1fvfZQXW5BLA==
expires: Mon, 30 Dec 2024 01:42:32 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 207 KB
80 KB 225ms
88ms Script
application/javascript 2a00:1450:400c:c02::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

172ed7ecc58dea02478906ba99bb6c121055ff4bf47b204535fc6b802da98cd0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_iTG8BgaQfsSoH_1xUBWxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-_iTG8BgaQfsSoH_1xUBWxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 31 Dec 2023 01:42:33 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 206 KB
60 KB 205ms
60ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96d8265c72202cf402b09e32fe3edd623301bf96e76de303fde12e0f51fa43d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60594
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 22:43:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 02:03:08 GMT

GET
H2 200 swg-gaa.js Show response
news.google.com/swg/js/v1/ 68 KB
21 KB 310ms
166ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-gaa.js

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4cb72cdcd000647661afe6e10843ba544f5350523c9fe1087827c8703fe0732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21869
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 22:43:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 02:26:36 GMT

GET
H2 200 embed.js Show response
sltrib.coral.coralproject.net/assets/js/ 105 KB
30 KB 106ms
31ms Script
application/javascript 35.244.156.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sltrib.coral.coralproject.net/assets/js/embed.js

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.156.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

29.156.244.35.bc.googleusercontent.com

Software

Resource Hash

2f5ec0118626853c74c86c3a42bce3e20e9cd23523770f327d197b1b98cc1200

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 31 Dec 2023 01:09:09 GMT
via: 1.1 google
age: 2003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30751
x-xss-protection: 1; mode=block
x-trace-id: 33e633b0-a779-11ee-bc79-01907da122a6
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Dec 2023 21:29:11 GMT
etag: W/"781f-18c65156858"
vary: Accept-Encoding
content-language: en-US
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800, s-max-age=604800
accept-ranges: bytes

GET
H2 200 freestar.js Show response
www.sltrib.com/pf/resources/js/ 880 B
919 B 154ms
151ms Script
application/javascript 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/freestar.js?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

3b4afadbde544c4bcff673c56233c2aebf3acbe475a895594a0c5c58f2a444a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:32 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: ORD56-P1
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986952.4644e5ca
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986952959_34831763_1178920394_44_4984_63_0_146";dur=1
content-length: 230
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"bea3d0c47bbb5defb8fe4ee310451f0e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: xdKf0NKPdvlOxF0Sxa0lMbeODE9iWhr27FBc_cYP0TnavFv4TFL0vQ==
expires: Mon, 30 Dec 2024 01:42:32 GMT

GET
H2 200 react.js Show response
www.sltrib.com/pf/dist/engine/ 279 KB
88 KB 156ms
154ms Script
application/javascript 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/dist/engine/react.js?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

385271bf8692ad6c01f9249958344dfe579db841c65a828c56955dda555a81dd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:32 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: IAD55-P5
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986952.4644e5cb
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986952959_34831763_1178920395_46_4958_63_0_146";dur=1
content-length: 89808
last-modified: Fri, 22 Dec 2023 22:50:02 GMT
server: openresty
etag: W/"ad56a31485b155973135a31e2a2ab535"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-cf-id: JadnHElEcYni7b0lcYzHhbVQe8yi08bymImxG91HrNGV2fYFKHY_JQ==
expires: Mon, 30 Dec 2024 01:42:32 GMT

GET
H2 200 default.js Show response
www.sltrib.com/pf/dist/components/combinations/ 3 MB
781 KB 70ms
68ms Script
application/javascript 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/dist/components/combinations/default.js?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

00a1ba435a3de8bdc6653829d42aaa28e3b97542eed600f49d79b2b047c61180

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:32 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: MIA3-P7
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986952.4644e5cc
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986952959_34831763_1178920396_40_3921_63_0_146";dur=1
content-length: 798734
last-modified: Fri, 22 Dec 2023 22:50:02 GMT
server: openresty
etag: W/"98ca7543e1b16ae3a077bbb19918af07"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-cf-id: gk1Swu9CV0L2wzNAUGnqibAXyTIpe-Y_A3Tq4f_mmHlfkfO95IuvNw==
expires: Mon, 30 Dec 2024 01:42:32 GMT

GET
H2 200 default.css
www.sltrib.com/pf/dist/components/output-types/ 7 KB
2 KB 67ms
66ms Stylesheet
text/css 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/dist/components/output-types/default.css?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

79484ed27ed58f643913b2cc3da21a363accce52616b5132e8d499260a7123ac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:32 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: JFK50-P4
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986952.4644e58b
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986952800_34831763_1178920331_171_5651_54_0_255";dur=1
content-length: 1411
last-modified: Fri, 22 Dec 2023 22:50:02 GMT
server: openresty
etag: W/"06bc36235d3ebdd2904cac5842bb061e"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
x-amz-cf-id: 269SCvSRc7EU99Nua6SqdrKPBcUser1-h2xnOVQ6hnzX-fUsZ3-TKw==
expires: Mon, 30 Dec 2024 01:42:32 GMT

GET
H2 200 default.css
www.sltrib.com/pf/dist/components/combinations/ 243 KB
33 KB 67ms
67ms Stylesheet
text/css 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/dist/components/combinations/default.css?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

1bfee3517f69ac00b1784a5d56c517f8306d309573f362d8110c415803e2125a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:32 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: ATL56-C1
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986952.4644e58c
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986952800_34831763_1178920332_172_5689_54_0_255";dur=1
content-length: 33133
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"a02391f1299a4ad7183ad9ddc2190d23"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
x-amz-cf-id: vjcRS5lOCnwfkfaAcGdRhVytnRPmOapSlpGQoJeEyFYmlRGid3ibGw==
expires: Mon, 30 Dec 2024 01:42:32 GMT

GET
H2 200 ccc269ad-061e-4b0c-886d-a6510f1ec7e3.png
www.sltrib.com/resizer/mBWaQZ49CELCXYm5-r5aaQAuiGo=/60x60/s3.amazonaws.com/arc-authors/sltrib/ 66 B
1 KB 92ms
92ms Image
image/webp 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/resizer/mBWaQZ49CELCXYm5-r5aaQAuiGo=/60x60/s3.amazonaws.com/arc-authors/sltrib/ccc269ad-061e-4b0c-886d-a6510f1ec7e3.png

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

024f75110bb4694f95d65675f13805f9455346452eca5055327f427bb7c8af8c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
date: Sun, 31 Dec 2023 01:42:32 GMT
strict-transport-security: max-age=86400
x-check-cacheable: YES
arc-country: FI
x-arc-request-id: 0.937d1302.1703986952.4644e58d
server-timing: cdn-cache; desc=HIT, edge; dur=28, ak_p; desc="1703986952800_34831763_1178920333_2869_5828_56_0_182";dur=1
content-length: 66
last-modified: Wed, 08 Nov 2023 00:56:02 GMT
server: Akamai Image Manager
x-serial: 1737
etag: "5c4b0e1d604ecd994f739419cb9fb9310a87c862"
content-type: image/webp
cache-control: private, no-transform, max-age=29602565
expires: Sat, 07 Dec 2024 16:38:37 GMT

GET
H2 200 t-1.png
local.sltrib.com/icons/twitter_logos/ 98 KB
99 KB 543ms
158ms Image
image/png 69.16.220.201
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://local.sltrib.com/icons/twitter_logos/t-1.png
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.220.201 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host3.utahdigitalservices.com
Software: Apache /
Resource Hash: b7904357fc77f852df562ee472411192d4c4e32ca8bceba08a6e49b213eddc56

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
last-modified: Mon, 06 Nov 2023 18:23:18 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 100602
expires: Tue, 30 Jan 2024 01:42:33 GMT

GET
H2 200 flipptag.js Show response
cdn-gateflipp.flippback.com/tag/js/ 92 KB
34 KB 602ms
457ms Script
application/javascript 108.157.4.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1268586
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-79.dus51.r.cloudfront.net
Software: envoy /
Resource Hash: ec9ccd687dbd08683d9cd38a4e6a11cbb107d416a3ea8cf3d369b2fa88d352ba

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: gzip
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: DUS51-P2
vary: Origin,Origin, Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-store
x-envoy-upstream-service-time: 5
x-amz-cf-id: Pp11jYasle7GsJe1-axr1gsVhEPumF52VPihc6gWwJ34Pj5e018UDQ==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 178ms
55ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 05:33:53 GMT
Content-Encoding: gzip
Via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
Last-Modified: Wed, 20 Dec 2023 01:34:49 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 72520
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: IFUG7vAHdvk3QuR95VA9I2C76rYfu6o_zzKeUrVSq3WDNg9J3RV2Aw==

GET
H2 200 ballantine.js Show response
www.sltrib.com/pf/resources/js/ 465 B
952 B 100ms
98ms Script
application/javascript 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/ballantine.js?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

1349f8a177348d0812701b1d014b76c7dba107cb9793792379e70cfeb35ed80d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:32 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: IAD55-P5
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986952.4644e5cd
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986952959_34831763_1178920397_43_3878_63_0_146";dur=1
content-length: 262
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"75f660e0bf36975883d65bcb4206e252"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 1Cy6RSIMkEamvYliuM7TXK_2CDuEiLOxtbPEz3E-kSkcJqKzJ6Exng==
expires: Mon, 30 Dec 2024 01:42:32 GMT

GET
H2 200 x-twitter.svg
local.sltrib.com/icons/twitter_logos/ 404 B
416 B 829ms
468ms Image
image/svg+xml 69.16.220.201
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://local.sltrib.com/icons/twitter_logos/x-twitter.svg
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.220.201 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host3.utahdigitalservices.com
Software: Apache /
Resource Hash: d8f35a67f2129d433d9a690160ea7f637686033f5055199a7788f1bb500fe0e6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: gzip
last-modified: Mon, 06 Nov 2023 18:04:39 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: max-age=172800
accept-ranges: bytes
content-length: 289
expires: Tue, 02 Jan 2024 01:42:33 GMT

GET
H2 200 YGK4MOY7CNFNRMYWMTTPFDOMCI.png
cloudfront-us-east-1.images.arcpublishing.com/sltrib/resizer/CBSGy2dz1S4ly9AO9Mvvj47MHV4=/arc-anglerfish-arc2-prod-sltrib/public/ 11 KB
12 KB 215ms
73ms Image
image/png 18.173.233.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudfront-us-east-1.images.arcpublishing.com/sltrib/resizer/CBSGy2dz1S4ly9AO9Mvvj47MHV4=/arc-anglerfish-arc2-prod-sltrib/public/YGK4MOY7CNFNRMYWMTTPFDOMCI.png
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-15.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae92b25069a3b5c0ddcdeb529b23d4f4ae9c5c08ae9cc44f4bfda111ea11205a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 10:42:37 GMT
x-amz-version-id: 2fB1X89kx1sdk3CxgGidyEI2_ox3thgr
via: 1.1 699bd7d370e4b5a92b0d886ffabffa5a.cloudfront.net (CloudFront)
age: 53997
x-amz-cf-pop: DUS51-P3
x-amz-server-side-encryption: AES256
edge-cache-tag: photo-rv2-sltrib-prod-57,photo-rv2-sltrib-prod-png-57,photo-rv2-sltrib-prod-resizer/CBSGy2dz1S4ly9AO9Mvvj47MHV4=/arc-anglerfish-arc2-prod-sltrib/public/YGK4MOY7CNFNRMYWMTTPFDOMCI
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 11393
last-modified: Fri, 24 Mar 2023 21:38:10 GMT
server: AmazonS3
etag: "45fd8c33c135c433fa7d0ebbb214c88a"
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: WGhJk4eGaixHDC0C2_u5I-D5CqwoPbG8T9JPETpH-g1rdNkq0KtMJA==

GET
H2 200 PI6RFGVVV5CYLIXIYBETYQIUYY.png
cloudfront-us-east-1.images.arcpublishing.com/sltrib/resizer/TKxjYtVOqXV48cgkxOzVfjSPc_c=/arc-anglerfish-arc2-prod-sltrib/public/ 5 KB
5 KB 148ms
66ms Image
image/png 18.173.233.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudfront-us-east-1.images.arcpublishing.com/sltrib/resizer/TKxjYtVOqXV48cgkxOzVfjSPc_c=/arc-anglerfish-arc2-prod-sltrib/public/PI6RFGVVV5CYLIXIYBETYQIUYY.png
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-15.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f72611e2df8e88204009fd896d05d5e8e83c77009c63943bbffa169559934849

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 09:00:55 GMT
x-amz-version-id: E1K8PhK8wCGo1dChSj8z62fAMGnXdnnT
via: 1.1 699bd7d370e4b5a92b0d886ffabffa5a.cloudfront.net (CloudFront)
age: 60099
x-amz-cf-pop: DUS51-P3
x-amz-server-side-encryption: AES256
edge-cache-tag: photo-rv2-sltrib-prod-87,photo-rv2-sltrib-prod-png-87,photo-rv2-sltrib-prod-resizer/TKxjYtVOqXV48cgkxOzVfjSPc_c=/arc-anglerfish-arc2-prod-sltrib/public/PI6RFGVVV5CYLIXIYBETYQIUYY
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 4904
last-modified: Fri, 24 Mar 2023 21:38:45 GMT
server: AmazonS3
etag: "1e91d02cf5a902f38f2923c006d79281"
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: 5LbE5UEmwI04DNj5ANbQ3jZ2snTKr-T72Ex_saeRR3TUHgAc1P2z3Q==

GET
H2 200 sltrib-logo.svg
www.sltrib.com/pf/resources/svg/ 28 KB
11 KB 207ms
205ms Image
image/svg+xml 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/pf/resources/svg/sltrib-logo.svg?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

50218b350ecd9694900e829cfc6c60e47693ef3cb35a07774414ef83a911f1b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: IAD55-P5
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986953.4644e5d8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986953006_34831763_1178920408_17_4933_63_0_146";dur=1
content-length: 10808
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"25e4e564ed5f244539f01a165c33c5aa"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: yjLusx90CAwFj61VlSzG0KgzYP0LShl-o7PrY8Mn03MhFmnxKXLxmw==
expires: Mon, 30 Dec 2024 01:42:33 GMT

GET
H2 200 Trib_masthead_top_000000.svg
www.sltrib.com/pf/resources/svg/ 14 KB
5 KB 208ms
207ms Image
image/svg+xml 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/pf/resources/svg/Trib_masthead_top_000000.svg?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a6b9ca255d1b81f64849a3e0412ee94a858f10baafb862bfd715541afdb012df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: ATL56-C1
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986953.4644e5d9
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986953006_34831763_1178920409_24_4849_63_0_146";dur=1
content-length: 4810
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"0a6e5f60fd6a9d23f560d424745802f9"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: JOaCrlBYSdQidHhjtZEr586QEbeP8BGiGadcqPGO4gOoeh-qCEdskw==
expires: Mon, 30 Dec 2024 01:42:33 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 239 KB
87 KB 600ms
450ms Script
application/x-javascript 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5e53e9f5be78ec4c9e2a8573ce0d0ade84a1153190c63a6c742feef58652f587

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: gzip
last-modified: Mon, 25 Dec 2023 08:26:36 GMT
etag: "23-oxMLWegfh69Iie3rMxfeAOvraPQ"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah-stg
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: 9c16d8350cf2a8367a87a8c9fdabf807
timing-allow-origin: *, *
content-length: 88275
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 google-analytics.js Show response
www.sltrib.com/pf/resources/js/ 3 KB
2 KB 69ms
65ms Script
application/javascript 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/google-analytics.js?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

f90823be8ca5100f66733c6283adb089097d06623f8c2a3ac393a035c0ee3e55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:32 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: IAD55-P5
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986952.4644e5c2
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986952952_34831763_1178920386_18_5370_63_0_182";dur=1
content-length: 917
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"1f23f455d53b75042ebd49d020c98755"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 7H575Nt2hGQxK4yU2bhj2p5uq1gOroxsmGHhSIIR2D1IHf0OLT2xfA==
expires: Mon, 30 Dec 2024 01:42:32 GMT

GET
H2 200 google-tag-manager.js Show response
www.sltrib.com/pf/resources/js/ 747 B
1 KB 64ms
60ms Script
application/javascript 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/google-tag-manager.js?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

7eb2af8a6315d058a1e7b87fadf2070e8fc0b2449b0a89da20c5b912de500acd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:32 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: JFK50-P4
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986952.4644e5c3
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986952952_34831763_1178920387_18_5271_63_0_182";dur=1
content-length: 406
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"d2c8fb2ca910eadf27baa9157fba21a3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: wfeRt_DGXny6RFXVwrDcZAc5amMMBI2Tru_IUVt99WaCYSt3EoaruQ==
expires: Mon, 30 Dec 2024 01:42:32 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 250ms
122ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c08f22f37bc546a8fe7fa155a73765b4c1f0e661b76c22aa0b4a2175100a204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29425
x-xss-protection: 0
server: cafe
etag: 102 / 19722 / m202312060101 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 01:42:33 GMT

GET
H2 200 chartbeat.js Show response
www.sltrib.com/pf/resources/js/ 4 KB
2 KB 70ms
66ms Script
application/javascript 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/chartbeat.js?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

b6322113217b4fac79ad5b27613c9c66d466e67fad90363e743c87df4843acd7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:32 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: ORD56-P1
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986952.4644e5c6
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986952959_34831763_1178920390_37_3851_63_0_182";dur=1
content-length: 1314
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"22d3c7b3a6a4b2de423042230a8a3822"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: D4dHRngZK89hbeykuWErhdV5OZllJm9nDIU8Z0HdKuGGboNI1RXgHA==
expires: Mon, 30 Dec 2024 01:42:32 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 202ms
58ms Script
application/x-javascript 2600:9000:243d:6e00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:243d:6e00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 19:18:38 GMT
content-encoding: gzip
via: 1.1 c9f5cfb4434d1ba72b6232f7ef6eeb0e.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: DUS51-P4
age: 23035
etag: W/"6583925f-5f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: G-SDcbfxGwN-2yq0UZrnCUBicVXCdm_Vk-F2POHfv3tK72IwygPf6w==
expires: Sun, 31 Dec 2023 19:18:38 GMT

GET
H2 200 ad-slider.js Show response
www.sltrib.com/pf/resources/js/ 730 B
1 KB 209ms
208ms Script
application/javascript 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/ad-slider.js?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

37e4ecedf0ab53a8f928507a9ae337f5871230f4525ce7e8070af4b21c17412d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: MIA3-P7
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986953.4644e5da
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986953006_34831763_1178920410_19_4907_63_0_146";dur=1
content-length: 351
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"c1aae5ed5833503095f1c285308e8ac3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 5NW8uoADI9jGfPotKVpsRU0vu2H2CYMnUdTTuSD5pQjUOffGeYvy9Q==
expires: Mon, 30 Dec 2024 01:42:33 GMT

GET
H2 200 ad-blocker.js Show response
www.sltrib.com/pf/resources/js/ 694 B
1 KB 210ms
209ms Script
application/javascript 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/ad-blocker.js?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

403f82f5023b7899ecc6ea3059c0b29c10d6719e7f8464e0625c8f5d02c9b69c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: IAD55-P5
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986953.4644e5db
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986953006_34831763_1178920411_22_5135_63_0_146";dur=1
content-length: 394
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"8400f83f0cc8263a503add31576d1164"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 94QMIP_Pu5XZ3n55NBqmQYtLU8rX9qxacSPDZBYq_uUANe6pNBiesg==
expires: Mon, 30 Dec 2024 01:42:33 GMT

GET
H2 200 piano.js Show response
www.sltrib.com/pf/resources/js/ 4 KB
2 KB 211ms
210ms Script
application/javascript 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/piano.js?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

34f6f8b0d44c36048b74699e0ce8c3f941dfc3c070cd9b18d6ed7df622b1da91

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: ORD56-P1
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986953.4644e5dc
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986953006_34831763_1178920412_23_5118_63_0_146";dur=1
content-length: 1415
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"f3f1d93d9cc930f598ad112ef9ae236e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: t0xK1BZwhfzSQGSvvlEsLqXu8ZqCX-FNpAW2LeryqMpT_ophgriGQw==
expires: Mon, 30 Dec 2024 01:42:33 GMT

GET
H2 200 osano.js Show response
cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/ 474 KB
109 KB 535ms
407ms Script
application/javascript 2600:9000:211e:2c00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

3573eb0dc7280bf4d4dc8d9060f086375ebde06811386daddd48a5786e8978eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: br
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 111302
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Dec 2023 22:03:40 GMT
server: CloudFront
etag: "fed56706a934421783249cdc9fa4c871"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: IsaKSLd4ESdvZh_kw_oZsbPaszgTXObTYdwmmSMVh3fFWwnmUz5kwQ==

GET
H2 200 facebook.js Show response
www.sltrib.com/pf/resources/js/ 846 B
1 KB 71ms
67ms Script
application/javascript 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/facebook.js?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

6a7dd3acbecddc653446803e807cea2b6a85f3c6c1a6cc349b751f5e965647ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:32 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: MIA3-P7
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986952.4644e5c7
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986952959_34831763_1178920391_37_3846_63_0_182";dur=1
content-length: 441
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"88ccd8266f9a877f78c9ea893d8b8afd"
x-edgeconnect-cache-status: 3
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 4_uL48gIba7Yu6NW8XJ1o806U8_s2lEV06ZeXs8A2ZtT_SzYvPWxQQ==
expires: Mon, 30 Dec 2024 01:42:32 GMT

GET
H2 200 twitter.js Show response
www.sltrib.com/pf/resources/js/ 805 B
1 KB 152ms
149ms Script
application/javascript 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/twitter.js?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

325eb0ed9c4b2173718116d97c78e067f83311ed07570de76d154881bee92947

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:32 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: MIA3-P7
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986952.4644e5c8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986952959_34831763_1178920392_44_4990_63_0_182";dur=1
content-length: 428
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"5a2f1dc2518862e9d5beed543cee9f82"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: dPzwdbcIrKtptYF2ZVAGuYbSiqlhABm44b5HHVuTHQjlBEE0w9dWQQ==
expires: Mon, 30 Dec 2024 01:42:32 GMT

GET
H2 200 queryly.v4.js Show response
www.queryly.com/js/ 48 KB
10 KB 128ms
53ms Script
application/javascript 2606:4700:20::681a:d56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.queryly.com/js/queryly.v4.js
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 49d21928347fc78411fd52873807c4e6928e7e22eb06db9f22ab39b7c9f960ba

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Dec 2023 23:12:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 277
etag: W/"80ee4d8aac3ada1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpAMaDoyQbwBy%2B8%2B5EXQfmdIt4mGTRmK0PezMEjC5gwP%2FnWSWYLXodzA5Vrv4a3DtksVADd3SK37nrA47HK0vnM1EXLoys86rdW4QEiZAeNvre8z6fvOAsVHrYkL9rbQZ9WeBtFd6q0g4m8fng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83ded3985e1bd92e-HEL

GET
H2 200 queryly.js Show response
www.sltrib.com/pf/resources/js/ 137 B
829 B 153ms
150ms Script
application/javascript 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sltrib.com/pf/resources/js/queryly.js?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

aa21d0ddbc7cb318d1367bab72630267ec09559a269a23672cebf582d36386ca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:32 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: IAD55-P5
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986952.4644e5c9
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986952959_34831763_1178920393_43_4994_63_0_182";dur=1
content-length: 137
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"6f71954a503275c7a33c5069434fddb5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: CwI8qM10ZLn_ycmrrGZA2j9KGw_02cIBxTDZCgQeSJrzIGtQaZbbkQ==
expires: Mon, 30 Dec 2024 01:42:32 GMT

GET
H2 200 sltrib-advanced-search.js Show response
www.queryly.com/js/ 22 KB
6 KB 124ms
50ms Script
application/javascript 2606:4700:20::681a:d56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.queryly.com/js/sltrib-advanced-search.js
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2961b7a127e89a8bc8d0d1002b0fe87f90adb5b003e1a95e02941c57da6ebea7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Oct 2023 15:54:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 251
etag: W/"035e445c95da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqaVBxcyb35Ra13RNBXcGnyi%2BhlOYhGugYTQVVY1fkTblzmFuT53uwmh8GXQ4ol8M3Kn7DcOCmIdqgmi0a%2BnxnjiBkZXOEa%2F4cAgM4Pzozj%2Bf3x6lKOm%2FS1ngfSlnb3HCAXvFzHiAS8Lzotetw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83ded3985e18d92e-HEL

GET
H2 200 EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6 Show response
s.go-mpulse.net/boomerang/ 202 KB
51 KB 174ms
56ms Script
application/javascript 2a02:26f0:1700:38a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:1700:38a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Thu, 21 Dec 2023 06:46:19 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 N7YIXBU4BZBGJKZ6RXFTLPRJJ4.jpg
www.sltrib.com/resizer/iSrDOjNc42L1WD0eGSZNt6Nq3bg=/1024x650/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 63 KB
64 KB 188ms
187ms Image
image/avif 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/resizer/iSrDOjNc42L1WD0eGSZNt6Nq3bg=/1024x650/cloudfront-us-east-1.images.arcpublishing.com/sltrib/N7YIXBU4BZBGJKZ6RXFTLPRJJ4.jpg

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

bf51f32a4029603ed8577590b6c5ffa57f785031a099c6c38fa65e3f6e86c0ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
date: Sun, 31 Dec 2023 01:42:33 GMT
strict-transport-security: max-age=86400
last-modified: Wed, 08 Nov 2023 01:33:30 GMT
server: Akamai Image Manager
arc-country: FI
etag: "4aeba48e6233cb12e9744c9fc56d006a69ff45c5"
x-arc-request-id: 0.937d1302.1703986953.4644e5dd
content-type: image/avif
cache-control: private, no-transform, max-age=29462730
server-timing: cdn-cache; desc=HIT, edge; dur=34, origin; dur=0, ak_p; desc="1703986953006_34831763_1178920413_3392_5637_54_0_219";dur=1
content-length: 64643
expires: Fri, 06 Dec 2024 01:48:03 GMT

GET
DATA 200
OK truncated
/ 842 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 462f8a9becd0c3fe2ff5f35f32d9ec980cab1ae3a715b9f7ba03e544134d815c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 209 KB
71 KB 204ms
75ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJJTW7K

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/google-tag-manager.js?d=443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

adba213b8c26402c1b493e340b02d0d9a596395fa867437b078ae6cbcffe4ff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72393
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 31 Dec 2023 01:42:33 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 62ms
61ms Script
application/x-javascript 2600:9000:243d:6e00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/chartbeat.js?d=443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:243d:6e00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 17:35:30 GMT
content-encoding: gzip
via: 1.1 c9f5cfb4434d1ba72b6232f7ef6eeb0e.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:03:21 GMT
server: nginx
x-amz-cf-pop: DUS51-P4
age: 29223
etag: W/"65838ed9-9630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 4CnScqLjH_dXC0EdzNRvsk-pdkI__J4RU1V6ROoRWgtZ_pV8SkdIHw==
expires: Sun, 31 Dec 2023 17:35:30 GMT

GET
H2

200

activityi;dc_pre=CKONsojGuIMDFRfIOwIdEqgEbw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574 Show response
8208269.fls.doubleclick.net/ Frame AE5B
Redirect Chain

https://8208269.fls.doubleclick.net/activityi;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574?
https://8208269.fls.doubleclick.net/activityi;dc_pre=CKONsojGuIMDFRfIOwIdEqgEbw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574?

542 B
460 B

168ms
166ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8208269.fls.doubleclick.net/activityi;dc_pre=CKONsojGuIMDFRfIOwIdEqgEbw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574?

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f6.1e100.net

Software

cafe /

Resource Hash

1a4aa3f0ab750bc85dc9a30f3a2d1c9d5a76f71abc4054ec91b20966a9c87558

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 284
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 01:42:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 01:42:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8208269.fls.doubleclick.net/activityi;dc_pre=CKONsojGuIMDFRfIOwIdEqgEbw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574 Show response
8234312.fls.doubleclick.net/ Frame 7813
Redirect Chain

https://8234312.fls.doubleclick.net/activityi;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574?
https://8234312.fls.doubleclick.net/activityi;dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574?

542 B
459 B

100ms
99ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8234312.fls.doubleclick.net/activityi;dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574?

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f6.1e100.net

Software

cafe /

Resource Hash

51c4a6455345fe16071d38af4d562b83137f24dda9600410f83a4a9cfea61994

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 283
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 01:42:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 01:42:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8234312.fls.doubleclick.net/activityi;dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 166ms
55ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/twitter.js?d=443
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption: AES256
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100147-IAD, cache-fra-eddf8230050-FRA

GET
H2 200 whitecloseicon.png
www.queryly.com/images/ 816 B
1 KB 41ms
40ms Image
image/png 2606:4700:20::681a:d56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.queryly.com/images/whitecloseicon.png
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
cf-cache-status: HIT
last-modified: Mon, 23 Oct 2023 15:55:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1506
etag: "4c9d5a55c95da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WirO1PtyGfFO5GtEfizvQGGGSeEoeo9r5jA9RBahDoItKLytL%2FPejwaTF3mMQ0Cxwi2FGLmA6aP6mpVORUKW8FfgUXv1fr3l%2FR2ZeOUIu%2BGJbowqlyqlF%2BJdiOCHRLloiI7ys82Skbvyk1BnMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83ded398df1ad92e-HEL
content-length: 816

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
33 KB 190ms
61ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: www.queryly.com
URL: https://www.queryly.com/js/sltrib-advanced-search.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 06:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 586894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33333
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Dec 2024 06:40:59 GMT

GET
H2 200 connatix.playspace.js Show response
cd.connatix.com/ Frame 84CA 8 KB
4 KB 146ms
43ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.connatix.com/connatix.playspace.js
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/ad-slider.js?d=443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3be78a38d333c2174cceb895573452f15a1fa42a222e7d4297c24b0c8c4f7140

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 83ded39ace6109a8-ARN
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H2 200 advertising.js Show response
www.npttech.com/ 6 KB
3 KB 127ms
49ms Script
application/javascript 2606:4700:3030::6815:4222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/ad-blocker.js?d=443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
x-amz-version-id: AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 20Q2Q8DJZPQXPBW6
age: 4674
alt-svc: h3=":443"; ma=86400
x-amz-id-2: apRPeBHP6McUEjJxAbPTiaoGKtY4op3vHd1txSoyYVhX/Sw7Rh5ou+4IGTunxdAnVT/5MDwfico=
last-modified: Tue, 18 Oct 2022 13:20:01 GMT
server: cloudflare
etag: W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwBaZDTfaIpf490GTyaFHRby4rIftCA2szQJ6h4nUrnHc2xhwinlHEzUrYGWask8cRdBtW5F44fXZqiisDasUMlUTrwKbcNfJPdB1mFKExiC5Alkh1iv9DD6rswng64X6LMUVg2HHiwCy55XTGw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
cf-ray: 83ded39b19b74c8a-HEL

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
2 KB 125ms
50ms Script
application/javascript 2606:4700::6812:eff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=vxCIN3E3cT

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/piano.js?d=443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e5b556c1deb9b6fabee7aa25090275dcbef138661e1fbbe2a7abc4f9e65ed02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
date: Sun, 31 Dec 2023 01:42:33 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 31 Dec 2023 00:12:16 GMT
server: cloudflare
age: 2003
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 83ded39b8eb74e1c-HEL
alt-svc: h3=":443"; ma=86400
x-request-id: opyw5ulon3
expires: Sun, 31 Dec 2023 02:12:33 GMT

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 pubfig.min.js Show response
a.pub.network/sltrib-com/ 50 KB
19 KB 139ms
64ms Script
application/javascript 2606:4700::6812:14ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/sltrib-com/pubfig.min.js
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/pf/dist/components/combinations/default.js?d=443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f2b51ecfe83a20af8e2999be5af696495d98bbbdf76dfc2536ff42121767c24

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 740708
x-guploader-uploadid: ABPtcPoK-sxnaQj6bdmvNha-6bEmjAnIIGySG7i3Mjab2bFInVuf01_MLfaY10Wg31ec_5S7TGroIh8eVQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 19 Dec 2023 20:20:47 GMT
server: cloudflare
etag: W/"e9f440fdb9d2c42ded6eadadb9520bce"
vary: Accept-Encoding
x-goog-generation: 1703017247260374
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=6d56IQ==, md5=6fRA/bnSxC3tbq2tuVILzg==
access-control-expose-headers: *
cache-control: public, max-age=1800
x-goog-stored-content-length: 51445
cf-ray: 83ded39b8c794e12-HEL
link: <https://d.pub.network/v2/sites/sltrib-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
expires: Sun, 31 Dec 2023 02:12:33 GMT

GET
H2 200 menu.svg
www.sltrib.com/pf/resources/svg/ 222 B
863 B 64ms
62ms Image
image/svg+xml 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/pf/resources/svg/menu.svg?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

9041f63adc7ef5badf30edfdd51d94832df52c6a93c52ba91ea270c107847b82

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: JFK50-P4
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986953.4644e667
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986953379_34831763_1178920551_31_5296_54_0_146";dur=1
content-length: 188
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"2ad563e730ce63c718f6dbed5962a52a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: -saFv60lEaUHjNy1gOqxj4DyUobFZf6UAnar4lNNWZlMlvUkZt8TlA==
expires: Mon, 30 Dec 2024 01:42:33 GMT

GET
H2 200 search-black.svg
www.sltrib.com/pf/resources/img/ 562 B
997 B 65ms
63ms Image
image/svg+xml 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/pf/resources/img/search-black.svg?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

8f850627aa46412b56450f99c309fbfa8786f65a46b59746223cc135e2535b46

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: ORD56-P1
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986953.4644e668
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986953379_34831763_1178920552_37_5250_54_0_146";dur=1
content-length: 341
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"e3b2768d3f06bb7e6e903817ba832bf1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 8ztgzZYzejXk5SCt7xd4SxbdJcf-sSIsuSOfwLCqhYkrpAPj6kPF-w==
expires: Mon, 30 Dec 2024 01:42:33 GMT

GET
H2 200 Trib_masthead_top_000000.svg
www.sltrib.com/pf/resources/svg/ 14 KB
5 KB 66ms
64ms Image
image/svg+xml 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/pf/resources/svg/Trib_masthead_top_000000.svg?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a6b9ca255d1b81f64849a3e0412ee94a858f10baafb862bfd715541afdb012df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: ATL56-C1
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986953.4644e669
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986953379_34831763_1178920553_19_5267_54_0_146";dur=1
content-length: 4810
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"0a6e5f60fd6a9d23f560d424745802f9"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: JOaCrlBYSdQidHhjtZEr586QEbeP8BGiGadcqPGO4gOoeh-qCEdskw==
expires: Mon, 30 Dec 2024 01:42:33 GMT

GET
H2 200 person.svg
www.sltrib.com/pf/resources/svg/ 291 B
896 B 67ms
65ms Image
image/svg+xml 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/pf/resources/svg/person.svg?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

f8a691e6f523905cca35f8488a78ceadbaa81c057adf1b5a4817871ad27bf787

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: IAD55-P5
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986953.4644e66a
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986953379_34831763_1178920554_40_5214_54_0_146";dur=1
content-length: 222
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"0b49da62bedb71c6594b7421f72768e1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: qgvbRViVlKu1PFH5rLdvbnENzWGCDHj9hwotks7C2MjN068fARyHPg==
expires: Mon, 30 Dec 2024 01:42:33 GMT

GET
H2 200 ccc269ad-061e-4b0c-886d-a6510f1ec7e3.png
www.sltrib.com/resizer/mBWaQZ49CELCXYm5-r5aaQAuiGo=/60x60/s3.amazonaws.com/arc-authors/sltrib/ 66 B
1 KB 68ms
66ms Image
image/webp 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/resizer/mBWaQZ49CELCXYm5-r5aaQAuiGo=/60x60/s3.amazonaws.com/arc-authors/sltrib/ccc269ad-061e-4b0c-886d-a6510f1ec7e3.png

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

024f75110bb4694f95d65675f13805f9455346452eca5055327f427bb7c8af8c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
date: Sun, 31 Dec 2023 01:42:33 GMT
strict-transport-security: max-age=86400
x-check-cacheable: YES
arc-country: FI
x-arc-request-id: 0.937d1302.1703986953.4644e66b
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986953379_34831763_1178920555_61_7166_54_0_146";dur=1
content-length: 66
last-modified: Wed, 08 Nov 2023 00:56:02 GMT
server: Akamai Image Manager
x-serial: 1737
etag: "5c4b0e1d604ecd994f739419cb9fb9310a87c862"
content-type: image/webp
cache-control: private, no-transform, max-age=29602564
expires: Sat, 07 Dec 2024 16:38:37 GMT

GET
H2 200 t-1.png
local.sltrib.com/icons/twitter_logos/ 98 KB
99 KB 428ms
427ms Image
image/png 69.16.220.201
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://local.sltrib.com/icons/twitter_logos/t-1.png
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.220.201 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host3.utahdigitalservices.com
Software: Apache /
Resource Hash: b7904357fc77f852df562ee472411192d4c4e32ca8bceba08a6e49b213eddc56

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
last-modified: Mon, 06 Nov 2023 18:23:18 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 100602
expires: Tue, 30 Jan 2024 01:42:33 GMT

GET
H2 200 TC4CK2IKGVBYZFWWAGTQCGH4K4.jpg
www.sltrib.com/resizer/v2/ 3 KB
3 KB 77ms
76ms Image
image/avif 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/resizer/v2/TC4CK2IKGVBYZFWWAGTQCGH4K4.jpg?auth=6d97c0e7fcee565d4cb0f50bd92fce0078152ae01c5172c4dc2fbd2ba67ab9fd&width=111

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

2086a7127402b37189a7f8ed3b0899b840485db2bf4301883baf1c5f560f8270

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
date: Sun, 31 Dec 2023 01:42:33 GMT
strict-transport-security: max-age=86400
last-modified: Fri, 29 Dec 2023 13:19:39 GMT
server: Akamai Image Manager
arc-country: FI
etag: "a7fd73cfada0c3ad6f62c3bc09de2e01"
x-arc-request-id: 0.937d1302.1703986953.4644e66f
content-type: image/avif
cache-control: private, no-transform, max-age=31405052
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986953386_34831763_1178920559_42_12336_54_0_146";dur=1
content-length: 2821
expires: Sat, 28 Dec 2024 13:20:05 GMT

GET
H2 200 K7VMHQNMJNEFDIIZX57QF3WUIU.jpg
www.sltrib.com/resizer/v2/ 2 KB
3 KB 78ms
77ms Image
image/avif 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/resizer/v2/K7VMHQNMJNEFDIIZX57QF3WUIU.jpg?auth=1f52bd9bd6a49ac8aa6d2aa02634230e526992a8cf9c77ed15cbff633fdc2344&width=111

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

75d37dad55044aa4958a3763fb8c5205ce734a466b7f0b73d7ce861b3b40c893

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
date: Sun, 31 Dec 2023 01:42:33 GMT
strict-transport-security: max-age=86400
last-modified: Fri, 29 Dec 2023 13:19:55 GMT
server: Akamai Image Manager
arc-country: FI
etag: "59b67fcb3127ba940e210a4dce670b04"
x-edgeconnect-cache-status: 1
x-arc-request-id: 0.937d1302.1703986953.4644e670
content-type: image/avif
cache-control: private, no-transform, max-age=31404928
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986953386_34831763_1178920560_44_12320_54_0_146";dur=1
content-length: 2468
expires: Sat, 28 Dec 2024 13:18:01 GMT

GET
H2 200 JXBUOGMJ7BDVVBZWF7WZG2AS2Y.jpg
www.sltrib.com/resizer/v2/ 3 KB
3 KB 79ms
78ms Image
image/avif 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/resizer/v2/JXBUOGMJ7BDVVBZWF7WZG2AS2Y.jpg?auth=b86d1df23e534e92b1c928f5731bcffe437cb86101a9c63e919e20e87780e1e1&width=111

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

569d879b43e4f604498456fe28e24d19f80d2d88158d9587e89586fc328d2e86

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
date: Sun, 31 Dec 2023 01:42:33 GMT
strict-transport-security: max-age=86400
last-modified: Fri, 29 Dec 2023 13:20:31 GMT
server: Akamai Image Manager
arc-country: FI
etag: "cb9e3ba3c7a0c5b59e9973bf61fcaeb5"
x-arc-request-id: 0.937d1302.1703986953.4644e671
content-type: image/avif
cache-control: private, no-transform, max-age=31405128
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986953386_34831763_1178920561_44_12306_54_0_146";dur=1
content-length: 2801
expires: Sat, 28 Dec 2024 13:21:21 GMT

GET
H2 200 x-twitter.svg
local.sltrib.com/icons/twitter_logos/ 404 B
323 B 581ms
580ms Image
image/svg+xml 69.16.220.201
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://local.sltrib.com/icons/twitter_logos/x-twitter.svg
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.220.201 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host3.utahdigitalservices.com
Software: Apache /
Resource Hash: d8f35a67f2129d433d9a690160ea7f637686033f5055199a7788f1bb500fe0e6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: gzip
last-modified: Mon, 06 Nov 2023 18:04:39 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: max-age=172800
accept-ranges: bytes
content-length: 289
expires: Tue, 02 Jan 2024 01:42:33 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudfront-us-east-1.images.arcpublishing.com/sltrib/resizer/CBSGy2dz1S4ly9AO9Mvvj47MHV4=/arc-anglerfish-arc2-prod-sltrib/public/YGK4MOY7CNFNRMYWMTTPFDOMCI.png
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-15.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae92b25069a3b5c0ddcdeb529b23d4f4ae9c5c08ae9cc44f4bfda111ea11205a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 10:42:37 GMT
x-amz-version-id: 2fB1X89kx1sdk3CxgGidyEI2_ox3thgr
via: 1.1 699bd7d370e4b5a92b0d886ffabffa5a.cloudfront.net (CloudFront)
age: 53997
x-amz-cf-pop: DUS51-P3
x-amz-server-side-encryption: AES256
edge-cache-tag: photo-rv2-sltrib-prod-44,photo-rv2-sltrib-prod-png-44,photo-rv2-sltrib-prod-resizer/CBSGy2dz1S4ly9AO9Mvvj47MHV4=/arc-anglerfish-arc2-prod-sltrib/public/YGK4MOY7CNFNRMYWMTTPFDOMCI
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 11393
last-modified: Fri, 24 Mar 2023 21:38:10 GMT
server: AmazonS3
etag: "45fd8c33c135c433fa7d0ebbb214c88a"
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: wQpAsIYAIQ8IVm1MrSMqeXGs4G7oMvDrr_geiU7bgN4S9leMBIBqHQ==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudfront-us-east-1.images.arcpublishing.com/sltrib/resizer/TKxjYtVOqXV48cgkxOzVfjSPc_c=/arc-anglerfish-arc2-prod-sltrib/public/PI6RFGVVV5CYLIXIYBETYQIUYY.png
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-15.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f72611e2df8e88204009fd896d05d5e8e83c77009c63943bbffa169559934849

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 09:00:55 GMT
x-amz-version-id: E1K8PhK8wCGo1dChSj8z62fAMGnXdnnT
via: 1.1 699bd7d370e4b5a92b0d886ffabffa5a.cloudfront.net (CloudFront)
age: 60099
x-amz-cf-pop: DUS51-P3
x-amz-server-side-encryption: AES256
edge-cache-tag: photo-rv2-sltrib-prod-44,photo-rv2-sltrib-prod-png-44,photo-rv2-sltrib-prod-resizer/TKxjYtVOqXV48cgkxOzVfjSPc_c=/arc-anglerfish-arc2-prod-sltrib/public/PI6RFGVVV5CYLIXIYBETYQIUYY
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 4904
last-modified: Fri, 24 Mar 2023 21:38:45 GMT
server: AmazonS3
etag: "1e91d02cf5a902f38f2923c006d79281"
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: v8OFbWH8CETkFLFd5vta3gNJ2YpOn5M_c47ubX7iGZL5VejBrwb4Hw==

GET
H2 200 sltrib-logo.svg
www.sltrib.com/pf/resources/svg/ 28 KB
11 KB 69ms
68ms Image
image/svg+xml 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/pf/resources/svg/sltrib-logo.svg?d=443

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

50218b350ecd9694900e829cfc6c60e47693ef3cb35a07774414ef83a911f1b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-amz-cf-pop: IAD55-P5
arc-country: FI
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.937d1302.1703986953.4644e672
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703986953386_34831763_1178920562_30_5663_54_0_146";dur=1
content-length: 10808
last-modified: Fri, 22 Dec 2023 22:50:01 GMT
server: openresty
etag: W/"25e4e564ed5f244539f01a165c33c5aa"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: yjLusx90CAwFj61VlSzG0KgzYP0LShl-o7PrY8Mn03MhFmnxKXLxmw==
expires: Mon, 30 Dec 2024 01:42:33 GMT

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 60ms
60ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6456
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 02:13:41 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
585 B 76ms
76ms Stylesheet
text/css 2a00:1450:400c:c02::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-2KIDZuKqMzSAgd3hWafs8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-2KIDZuKqMzSAgd3hWafs8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 31 Dec 2023 01:42:33 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
525 B 80ms
79ms XHR
application/json 2a00:1450:400c:c02::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=415916968620-ae5n9q063dtcf90ri0nn9fi4g7mp0f6e.apps.googleusercontent.com&as=WcBbG1g2bTrq9mxnZf7QtA

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

feab834cbe0ea30e440b839ac54c95d7bd0bcae77bc470dbc7e4141c66b2296a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-kU0qZY0vzj5KgSvvGug13A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-kU0qZY0vzj5KgSvvGug13A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sltrib.com
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 N7YIXBU4BZBGJKZ6RXFTLPRJJ4.jpg
www.sltrib.com/resizer/iSrDOjNc42L1WD0eGSZNt6Nq3bg=/1024x650/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 63 KB
64 KB 104ms
104ms Image
image/avif 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sltrib.com/resizer/iSrDOjNc42L1WD0eGSZNt6Nq3bg=/1024x650/cloudfront-us-east-1.images.arcpublishing.com/sltrib/N7YIXBU4BZBGJKZ6RXFTLPRJJ4.jpg

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

bf51f32a4029603ed8577590b6c5ffa57f785031a099c6c38fa65e3f6e86c0ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
date: Sun, 31 Dec 2023 01:42:33 GMT
strict-transport-security: max-age=86400
last-modified: Wed, 08 Nov 2023 01:33:30 GMT
server: Akamai Image Manager
arc-country: FI
etag: "4aeba48e6233cb12e9744c9fc56d006a69ff45c5"
x-arc-request-id: 0.937d1302.1703986953.4644e688
content-type: image/avif
cache-control: private, no-transform, max-age=29462730
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1703986953433_34831763_1178920584_169_6887_54_0_219";dur=1
content-length: 64643
expires: Fri, 06 Dec 2024 01:48:03 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 408ms
133ms Image
image/gif 44.194.80.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=sltrib.com&p=%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F&u=B9pyLODyPI0wBJ4-Lw&d=sltrib.com&g=65212&g0=Business&g1=Shannon%20Sollitt&n=1&f=00001&c=0&x=0&m=0&y=3978&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.sltrib.com%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F&b=1284&t=CGUFG4Deh308BSmAN9DDGBc5DrKEKP&V=143&i=Utah%20crypto%20company%20files%20for%20bankruptcy%20amid%20federal%20fraud%20accusations&tz=-120&_hottopic=&sn=1&sv=C-XJPWcyiv8DJpwhtBnHnAXCCu4wI&sr=external&sd=1&im=067b0ff3&_
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.80.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-80-15.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 31 Dec 2023 01:42:33 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 213 B
522 B 241ms
149ms XHR
application/json 2a04:4e42:400::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=sltrib.com&domain=sltrib.com&path=%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4c899d160a287a2b8e58a27a128fec963032676ba6a7a2af2df8899c51e9815d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 166
x-served-by: cache-hel1410024-HEL
x-timer: S1703986953.480779,VS0,VE103
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Fri, 29 Dec 2023 01:42:33 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 15:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38113
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 29 Dec 2024 15:07:20 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www.sltrib... Frame 80BF 541 B
354 B 228ms
100ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Requested by

Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/activityi;dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4985457f2a0b6f839f8cb2bd644fa3f7a76a08c994bc13107263e905ff39bdfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8234312.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 284
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 01:42:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 5 KB
1 KB 202ms
84ms XHR
application/json 2a02:26f0:480:18d::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6&d=www.sltrib.com&t=5679957&v=1.632.0&sl=0&si=i2kjzlpej2i-s6icqx&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=634755
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:18d::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 26de8377601d40e80c29c4a0c274e8c9e697d519b1d53fea0e24ab8f0aadce77

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 01:42:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1087

GET
H2 200 adsct
t.co/i/ 43 B
377 B 343ms
228ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=5e6133cb-9d1e-4898-b4d3-6e7356b546d9&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=98a4e3f2-b240-4bfc-aae3-a5581ebb9102&tw_document_href=https%3A%2F%2Fwww.sltrib.com%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0jhs&type=javascript&version=2.3.29

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 174
date: Sun, 31 Dec 2023 01:42:33 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: f20e996ed551c359
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: aeb4b3fb54700c2934e9063813e823d7499cc3b3b0b024c5561e70a47e9b89c0
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 342ms
227ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=5e6133cb-9d1e-4898-b4d3-6e7356b546d9&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=98a4e3f2-b240-4bfc-aae3-a5581ebb9102&tw_document_href=https%3A%2F%2Fwww.sltrib.com%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0jhs&type=javascript&version=2.3.29

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 173
date: Sun, 31 Dec 2023 01:42:32 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 9c9a09eea863245b
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 333f1820d4ae1083a8fd17bffdaf5de5543bd134a1a5bf1a79be178baa0a9e02
content-length: 43

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CKONsojGuIMDFRfIOwIdEqgEbw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www.sltrib... Frame EF87 541 B
656 B 164ms
99ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKONsojGuIMDFRfIOwIdEqgEbw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Requested by

Host: 8208269.fls.doubleclick.net
URL: https://8208269.fls.doubleclick.net/activityi;dc_pre=CKONsojGuIMDFRfIOwIdEqgEbw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

654852bae73bad10f8626abb3d715dc5c69bd1833e7dd6842e0f9764410a7a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8208269.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 282
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 01:42:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 logging Show response
frontend-logger.flippback.com/api/ 34 B
204 B 437ms
137ms Fetch
application/json 52.205.229.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend-logger.flippback.com/api/logging
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1268586
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.229.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-229-242.compute-1.amazonaws.com
Software: /
Resource Hash: 1bd4bb9f8a82c504f6145b32aba59672185c06c622f2c6efe7a9d8467335d23a

Request headers

Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
x-trace-id: cm8ce2ah1vnc1up1ugcg
date: Sun, 31 Dec 2023 01:42:33 GMT
access-control-expose-headers
content-length: 34
vary: Origin, Accept-Encoding
content-type: application/json

GET
H2 451 712559.gif
idsync.rlcdn.com/ 0
98 B 142ms
65ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/712559.gif?partner_uid=b396309f-a2a7-43bf-9557-db42522147f7
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 campaigns Show response
cdn.ads-flipp.com/flyer-locator-service/ 135 B
545 B 492ms
347ms Fetch
application/json 108.157.4.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ads-flipp.com/flyer-locator-service/campaigns
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1268586
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-32.dus51.r.cloudfront.net
Software: envoy /
Resource Hash: 829731dcdf08025f3d898c8c3a68acb42b0496dcdd8fc61f85ec5dbbf6a69b02

Request headers

Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

x-trace-id: VxHb_bgLEA2ROSVGazZVM_wyWQuxO730E60N5iPISV7MQKFW7hIVmA==
date: Sun, 31 Dec 2023 01:42:33 GMT
via: 1.1 5db4f6b1c04035a37ba6548e89b362be.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: DUS51-P2
vary: Origin,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.sltrib.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 135
x-amz-cf-id: VxHb_bgLEA2ROSVGazZVM_wyWQuxO730E60N5iPISV7MQKFW7hIVmA==

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 26 KB
9 KB 106ms
31ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJJTW7K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 39657f7f198608406cab1de96720a22549e6b6d918db8dfdd0f5ef9ab84ef17c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 12 Dec 2023 19:56:38 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "ead4fccfb1bebd02138cf2dcadd7dcba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 8123

GET
H2

204

asyncPixelSync
pixel.sitescout.com/dmp/ Frame E696
Redirect Chain

https://pixel-a.basis.net/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync

0
0

167ms
55ms

Document
text/plain

98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash

Request headers

Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Sun, 31 Dec 2023 01:42:33 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A

Redirect headers

content-length: 0
location: https://pixel.sitescout.com/dmp/asyncPixelSync

GET
H2

204

asyncPixelSync
pixel.sitescout.com/dmp/ Frame 1D19
Redirect Chain

https://pixel-a.basis.net/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync

0
0

166ms
55ms

Document
text/plain

98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash

Request headers

Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Sun, 31 Dec 2023 01:42:33 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A

Redirect headers

content-length: 0
location: https://pixel.sitescout.com/dmp/asyncPixelSync

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 176ms
59ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 31 Dec 2023 01:42:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: OX+B7veSIcGD0NawGit7aY3f8Hc/+DjxWu7u9uxlYqnyyIAw+5l6K3xXACB/eJD4vzHNhufoR4krcbzLtrrJpQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Asyncload.js Show response
d1vg5xiq7qffdj.cloudfront.net/ 20 KB
6 KB 185ms
55ms Script
application/javascript 2600:9000:224a:c800:0:6f3c:65c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1vg5xiq7qffdj.cloudfront.net/Asyncload.js?fpkey=1220235&encsid=DCF4x4wqtp4,&enccid=rcCnDaOL-lw,&wsid=NTAy&trackingUrl=HIfoicOddMFsPj6pIhUag2wljpopK4yI9456300cf5g,
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c800:0:6f3c:65c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 72753bf20ed288ede24c8c12689fd3ec0aaaae976f5155d7b8d90eca316506b5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 12:47:19 GMT
content-encoding: gzip
via: 1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 564913
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
last-modified: Thu, 11 Feb 2021 17:53:16 GMT
server: Microsoft-IIS/10.0
etag: W/"d8aa53c69e0d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
access-control-allow-headers: Content-Type
x-amz-cf-id: nw0cVbBuyxEAfKZ_TLlbzUq91ehO8hQM-hzLt5VZc3V8hCuyomI_Kg==

GET
H2

204

dda8255d32e6482d
pixel.sitescout.com/iap/
Redirect Chain

https://pixel-a.basis.net/iap/dda8255d32e6482d
https://pixel.sitescout.com/iap/dda8255d32e6482d

0
191 B

165ms
55ms

Image
text/plain

98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/dda8255d32e6482d
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sun, 31 Dec 2023 01:42:33 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/dda8255d32e6482d
content-length: 0

GET
H2

200

1ea036853c174e3a
clickserv.sitescout.com/conv/
Redirect Chain

https://clickserv.basis.net/conv/1ea036853c174e3a
https://clickserv.sitescout.com/conv/1ea036853c174e3a

43 B
267 B

179ms
58ms

Image
image/gif

98.98.134.246
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clickserv.sitescout.com/conv/1ea036853c174e3a
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Server: 98.98.134.246 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 01:42:33 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://clickserv.sitescout.com/conv/1ea036853c174e3a
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 303 KB
97 KB 75ms
75ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DC2TJEE08T&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJJTW7K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

daa1edaed7a52ef5e58076fae4f957161f41b064a204c2005f98bad426363f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98773
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 31 Dec 2023 01:42:33 GMT

GET
H2 200 configs
d.pub.network/v2/sites/sltrib-com/ 118 KB
7 KB 147ms
75ms Other
application/json 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/v2/sites/sltrib-com/configs?env=PROD
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 7c6be826ee8253115ea7fd5563106ec34694fbf4dffd9a612bf23da311b19156

Request headers

Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Origin: https://www.sltrib.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.sltrib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 388 KB
115 KB 63ms
54ms Script
application/javascript 2606:4700::6812:eff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=vxCIN3E3cT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec18ebaedb655fd8c94eb9c8160e218920dbe41c7059171f06c03d0dedd5010a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
x-amz-version-id: 0QIZetJ_7irXXHtLgdmNhkMj0U1YDIAl
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400; includeSubDomains
x-amz-request-id: BXJWPB7BT4ZA69Y6
age: 4363
x-amz-server-side-encryption: AES256
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: eGIYDedbtqmPmMfOCs9I59JkU65My/JgEDjupliQ5nk+YCiimVvFNrslel2O6xcdZFk3ooenpu/zTedmVJ13Og==
last-modified: Tue, 19 Dec 2023 11:23:13 GMT
server: cloudflare
etag: W/"f8312bff3c7ba81de4b41efef3dbdb77"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 83ded39d49f14e1c-HEL
expires: Sun, 31 Dec 2023 05:42:33 GMT

GET
H2 200 / Show response
adservice.google.fi/ddm/fls/i/dc_pre=CKONsojGuIMDFRfIOwIdEqgEbw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www.sltrib.... Frame 70E2 194 B
515 B 261ms
100ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/ddm/fls/i/dc_pre=CKONsojGuIMDFRfIOwIdEqgEbw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKONsojGuIMDFRfIOwIdEqgEbw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 01:42:33 GMT
expires: Sun, 31 Dec 2023 01:42:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/ Show response
8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www... Frame 8085
Redirect Chain

https://adservice.google.fi/ddm/fls/i/dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www...
https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=htt...

845 B
382 B

100ms
100ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f6.1e100.net

Software

cafe /

Resource Hash

b3074e2cf0b12bcf10b46ed42bbe45b43ddfb868a7434b8e7b45ec387924c09a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 01:42:33 GMT
expires: Sun, 31 Dec 2023 01:42:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 01:42:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 beacons
p.flipp.com/ 0
0 376ms
240ms Fetch 18.66.147.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1268586
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-112.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.sltrib.com
access-control-allow-credentials: true
x-amz-cf-id: joY1DooBA_rZpY7FcoMt0cXY4mk4vXeOKTn8N4R-mowEBm9_GzXzvw==

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 194ms
55ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1703986953686&id=t2_53ud93ze&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=68ec5147-f738-40ca-9695-4401f3a9d619&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_3549b422&dpm=&dpcc=&dprc=
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:33 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 98ms
33ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DC2TJEE08T&gtm=45je3bt0v882606358z877127973&_p=1703986952994&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=3647788.1703986954&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703986953&sct=1&seg=0&dl=https%3A%2F%2Fwww.sltrib.com%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F&dt=SafeMoon%20files%20for%20bankruptcy%20amid%20fraud%20accusations&en=page_view&_fv=1&_nsi=1&_ss=1&ep.byline=Shannon%20Sollitt&ep.contentID=M3Z4ELSUHVA7NBQWX4TGMHWVVA&ep.dateLastUpdated=2023-12-19T18%3A25%3A10.580Z&ep.datePublished=2023-12-19T16%3A08%3A57.991Z&ep.headline=Utah%20crypto%20company%20files%20for%20bankruptcy%20amid%20federal%20fraud%20accusations&ep.metaTitle=SafeMoon%20files%20for%20bankruptcy%20amid%20fraud%20accusations&ep.section=Business&ep.slug=SafeMoonBankruptcy.121923&ep.tags=business&epn.wordCount=520&tfd=1646
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DC2TJEE08T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 01:42:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sltrib.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
244 B 194ms
65ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DC2TJEE08T&cid=3647788.1703986954&gtm=45je3bt0v882606358z877127973&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DC2TJEE08T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 01:42:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sltrib.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
408 B 199ms
71ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DC2TJEE08T&cid=3647788.1703986954&gtm=45je3bt0v882606358z877127973&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1566589550

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 01:42:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
cmp.osano.com/ Frame C618 4 KB
1 KB 56ms
56ms Document
text/html 2600:9000:211e:2c00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 85270
alt-svc: h3=":443"; ma=86400
content-encoding: gzip
content-type: text/html
date: Sat, 30 Dec 2023 02:01:24 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-id: nP4jO3sSENVj9lBE7U7zs7FrpUMt3jRcuG2Bb8zI9MzRtO0kH7DApA==
x-amz-cf-pop: FRA56-C2
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
BLOB 200
OK c526bf81-ae35-40e7-9454-7c30528478e0
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/c526bf81-ae35-40e7-9454-7c30528478e0
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

OPTIONS
H2 200 /
optimise.net/ Frame 0
0 137ms
65ms Preflight 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=0&d=sltrib.com&t=desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://www.sltrib.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin: https://www.sltrib.com
access-control-expose-headers: fs-client-rtt
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Sun, 31 Dec 2023 01:42:33 GMT
expires: 0
fs-client-rtt: 30
pragma: no-cache
strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google

GET
H3 200 / Show response
optimise.net/ 22 KB
22 KB 97ms
32ms Fetch
application/json 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=0&d=sltrib.com&t=desktop

Requested by

Host: a.pub.network
URL: https://a.pub.network/sltrib-com/pubfig.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

9861186691b9a7b1f8b89e460d89d895b02935e8c7ed965b95ca1ba5755bf990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
x-api-key: 4e799501-b8b6-4ef1-bad5-225b3dd1aa8d

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google
date: Sun, 31 Dec 2023 01:11:36 GMT
fs-client-rtt: 30
age: 1858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22804
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type: application/json
access-control-allow-origin: https://www.sltrib.com
access-control-expose-headers: fs-client-rtt
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires: 0

GET
H2 200 fp2.min.js Show response
d1vg5xiq7qffdj.cloudfront.net/ 29 KB
11 KB 59ms
59ms Script
application/javascript 2600:9000:224a:c800:0:6f3c:65c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1vg5xiq7qffdj.cloudfront.net/fp2.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c800:0:6f3c:65c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:33:04 GMT
content-encoding: gzip
via: 1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 1015768
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
last-modified: Tue, 04 Feb 2020 16:16:08 GMT
server: Microsoft-IIS/10.0
etag: W/"014506876dbd51:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
access-control-allow-headers: Content-Type
x-amz-cf-id: yk0wSAWK9zzzmGZeQj_WRo_QgnLa_jUm2a4xsHrlf3ScSGowwMHZSQ==

GET
BLOB 200
OK 62dd7b99-3c37-4df6-8d7b-4d1f819395a8
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/62dd7b99-3c37-4df6-8d7b-4d1f819395a8
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 7 KB
3 KB 240ms
165ms XHR
application/json 2606:4700::6811:c376
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=vxCIN3E3cT

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99ea88b2ec9a13e0bec9e257857842db1bc167c2c9e3d79b722a634cd1a9f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-request-id: 21r05jgj87
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.sltrib.com
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 83ded39e7ba24c85-HEL

POST
H2 200 list Show response
buy.tinypass.com/api/v3/conversion/ 121 B
326 B 426ms
354ms XHR
application/json 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/conversion/list?aid=vxCIN3E3cT

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b3a2cee1a131e09db75b5e5a3558ee4c97dc82b937f359af18a17e8e7ed2170

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 01:42:34 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 83ded39e7fbc4c8a-HEL
alt-svc: h3=":443"; ma=86400
x-request-id: Myqci6sVfaJ
expires: 0

GET
BLOB 200
OK 7e8cc503-0759-445d-b577-8e74e77d6ea3
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/7e8cc503-0759-445d-b577-8e74e77d6ea3
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 9614da73-ad23-4efb-a1d4-ca09167ebabd
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/9614da73-ad23-4efb-a1d4-ca09167ebabd
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK f99f1a83-efad-46e0-a680-04ab9b49d110
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/f99f1a83-efad-46e0-a680-04ab9b49d110
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H/1.1 200
OK d3d3LnNsdHJpYi5jb20= Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
461 B 204ms
58ms XHR
application/json 2.19.100.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LnNsdHJpYi5jb20=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.100.22 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-100-22.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 01:42:34 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=9544
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 5339c4e1cba28c0d44ec331d17b45e83
Content-Length: 15
Expires: Sun, 31 Dec 2023 04:21:38 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
371 B 65ms
58ms Image
image/gif 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 30 Jan 2024 01:42:33 GMT
date: Sun, 31 Dec 2023 01:42:33 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
BLOB 200
OK 3ff97be0-d9f4-44f5-9cd9-103ff568dee3
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/3ff97be0-d9f4-44f5-9cd9-103ff568dee3
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 7f19f39e-d494-4244-94f6-7c2dfebf3d3f
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/7f19f39e-d494-4244-94f6-7c2dfebf3d3f
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK b3e08bc0-e52f-4155-987f-b2f5115acdbd
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/b3e08bc0-e52f-4155-987f-b2f5115acdbd
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 303 KB
96 KB 94ms
93ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DC2TJEE08T

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

359147570df38572b826f3bcbbbf49ced76930a5c9d2dfb453de8960d5ab7e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 31 Dec 2023 01:42:34 GMT

GET
H2

204

asyncPixelSync
pixel.sitescout.com/dmp/ Frame 5D24
Redirect Chain

https://pixel-a.basis.net/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync

0
0

56ms
56ms

Document
text/plain

98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash

Request headers

Referer: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Sun, 31 Dec 2023 01:42:33 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A

Redirect headers

content-length: 0
location: https://pixel.sitescout.com/dmp/asyncPixelSync

GET
H2

204

9f30138796dc7a6a
pixel.sitescout.com/iap/ Frame 8085
Redirect Chain

https://pixel-a.basis.net/iap/9f30138796dc7a6a
https://pixel.sitescout.com/iap/9f30138796dc7a6a

0
191 B

57ms
57ms

Image
text/plain

98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/9f30138796dc7a6a
Requested by: Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CMKZsojGuIMDFdTwOwIdnawPDg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7967829198324.574;~oref=https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: H2
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://8234312.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sun, 31 Dec 2023 01:42:33 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/9f30138796dc7a6a
content-length: 0

POST
H2 204 beacons
p.flipp.com/ 0
0 148ms
148ms Fetch 18.66.147.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1268586
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-112.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.sltrib.com
access-control-allow-credentials: true
x-amz-cf-id: ALNEt4ZJVk9NO4HsRpGpK6dgqM8WR3A4jf-fUix6ESYX2Wrw2xBB-A==

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 564ms
135ms XHR
application/json 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1703986954191&sessionId=64a99438-5e32-596b-a6b2-d0d07ee57970&url=www.sltrib.com&cheqSource=1&cheqEvent=3&responseTime=247
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Dec 2023 01:42:34 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 6f06a3ba790b6b3765aca0a30ba705ba
Content-Length: 4
Expires: 0

GET
H2 200 show Show response
buy.tinypass.com/checkout/offer/ Frame EC16 675 KB
65 KB 152ms
152ms Document
text/html 2606:4700::6812:eff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceActionId=showOffer7P0PLWRHGM4Y60&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-9bZuM&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=vxCIN3E3cT&zone=Web&browserId=lqstu4djdy5pgzhm&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2106&logType=offerShow&width=1600&_qh=2e7a9efbba

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc700110203601f1fbc7fcc5dcc3ba06ec408655bc3375e58a33b94a2e1272a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83ded39fdf424e1c-HEL
content-encoding: br
content-type: text/html;charset=UTF-8
date: Sun, 31 Dec 2023 01:42:34 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR OUR IND"
pragma: no-cache
server: cloudflare
server-time: 0.009
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-86-141
x-forwarded-https: on
x-request-id: Myqci6sitpO
x-xss-protection: 0

GET
BLOB 200
OK 8c9593db-69d5-4b31-96ea-f12cf7a2fccb
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/8c9593db-69d5-4b31-96ea-f12cf7a2fccb
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK ef5fbddc-eb33-4c38-a601-0808149e7ed4
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/ef5fbddc-eb33-4c38-a601-0808149e7ed4
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 0cf7ea9b-71e8-4f92-a02b-8212b93cb996
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/0cf7ea9b-71e8-4f92-a02b-8212b93cb996
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK f531857e-3202-4d00-9983-b216f5c8b984
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/f531857e-3202-4d00-9983-b216f5c8b984
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK fe5cd8fe-46c3-4ec7-b0cd-703b2727fc23
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/fe5cd8fe-46c3-4ec7-b0cd-703b2727fc23
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 43f9356f-4309-430e-90e9-b69ec2987103
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/43f9356f-4309-430e-90e9-b69ec2987103
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK bf184a07-fdb1-410b-bea6-ebe43405ab13
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/bf184a07-fdb1-410b-bea6-ebe43405ab13
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 8a888a5d-eec2-41c0-98e3-f3922673dce2
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/8a888a5d-eec2-41c0-98e3-f3922673dce2
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK ef6f04b3-1231-4aff-9dcc-282293225c0f
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/ef6f04b3-1231-4aff-9dcc-282293225c0f
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK abb05758-d96c-4b4b-9aa4-c366e2b5bcee
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/abb05758-d96c-4b4b-9aa4-c366e2b5bcee
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK ec08fd5d-c961-4d59-a35e-f822cb01daa4
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/ec08fd5d-c961-4d59-a35e-f822cb01daa4
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK ada1fe4c-cb33-4024-842e-bccaf6351678
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/ada1fe4c-cb33-4024-842e-bccaf6351678
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 embed.js Show response
sltrib.coral.coralproject.net/assets/js/ 105 KB
30 KB 32ms
32ms Script
application/javascript 35.244.156.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sltrib.coral.coralproject.net/assets/js/embed.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.156.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

29.156.244.35.bc.googleusercontent.com

Software

Resource Hash

2f5ec0118626853c74c86c3a42bce3e20e9cd23523770f327d197b1b98cc1200

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 31 Dec 2023 01:42:32 GMT
via: 1.1 google
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30751
x-xss-protection: 1; mode=block
x-trace-id: ddd2bbb0-a77d-11ee-a517-1997b9bf9eb1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Dec 2023 21:29:11 GMT
etag: W/"781f-18c65156858"
vary: Accept-Encoding
content-language: en-US
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800, s-max-age=604800
accept-ranges: bytes

GET
H2 200 pn-spinner.css
buy.tinypass.com/ng/common/pn-spinner/ Frame EC16 337 B
300 B 53ms
49ms Stylesheet
text/css 2606:4700::6812:eff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/pn-spinner/pn-spinner.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceActionId=showOffer7P0PLWRHGM4Y60&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-9bZuM&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=vxCIN3E3cT&zone=Web&browserId=lqstu4djdy5pgzhm&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2106&logType=offerShow&width=1600&_qh=2e7a9efbba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35ad9a52f8696356f89ec6cfa987ab2fe0e920745bbf77f10fe24c54bd72fa1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceActionId=showOffer7P0PLWRHGM4Y60&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-9bZuM&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=vxCIN3E3cT&zone=Web&browserId=lqstu4djdy5pgzhm&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2106&logType=offerShow&width=1600&_qh=2e7a9efbba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1774
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 14 Dec 2023 16:16:48 GMT
wn: prod-dash-10-0-93-23
server: cloudflare
etag: W/"337-1702570608000"
vary: Accept-Encoding
content-type: text/css
server-time: 0.000
cache-control: public, max-age=7200
cf-ray: 83ded3a0d9194e1c-HEL
expires: Sun, 31 Dec 2023 03:42:34 GMT

GET
H2 200 checkout.bundle.1.1.css
buy.tinypass.com/widget/dist/checkout/css/ Frame EC16 437 KB
152 KB 48ms
45ms Stylesheet
text/css 2606:4700::6812:eff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47ab43cb31d9a3b5e0a91094ed9add9e6e236dac2d8ee22510387efc2dc3716f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceActionId=showOffer7P0PLWRHGM4Y60&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-9bZuM&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=vxCIN3E3cT&zone=Web&browserId=lqstu4djdy5pgzhm&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2106&logType=offerShow&width=1600&_qh=2e7a9efbba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 2111
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 14 Dec 2023 16:16:48 GMT
wn: prod-dash-10-0-113-255
server: cloudflare
etag: W/"447096-1702570608000"
vary: Accept-Encoding
content-type: text/css
server-time: 0.000
cache-control: public, max-age=7200
cf-ray: 83ded3a0d91b4e1c-HEL
expires: Sun, 31 Dec 2023 03:42:34 GMT

GET
H2 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame EC16 67 KB
13 KB 51ms
48ms Script
application/javascript 2606:4700::6812:eff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=16.84.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2b6a09251dfdb96bb8a73aeabee416131dfe2a4410bccfaa2f4d089a6642051

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceActionId=showOffer7P0PLWRHGM4Y60&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-9bZuM&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=vxCIN3E3cT&zone=Web&browserId=lqstu4djdy5pgzhm&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2106&logType=offerShow&width=1600&_qh=2e7a9efbba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 62008
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 17:34:20 GMT
wn: prod-dash-10-0-123-161
server: cloudflare
etag: W/"68959-1703180060000"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
server-time: 0.000
cache-control: public, max-age=86400
cf-ray: 83ded3a0d91c4e1c-HEL
expires: Mon, 01 Jan 2024 01:42:34 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame EC16 95 KB
30 KB 140ms
72ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3289495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30360
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FNr6%2B%2BDYTLSLLhR5Ep0ryYSBaFS7OeTA%2F9EUBV6yZlKOtcXRFR0dLQx5wQZEaJHW2qSQfPlC6koMRYwct2gEUR1AeokdGEVcxrSqog4ol1F1j69gvxYndEr7Qqg9ivbwEHtSmWYC2ldf3iCfRdUsvGp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83ded3a16c1dd977-HEL
expires: Fri, 20 Dec 2024 01:42:34 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame EC16 10 KB
4 KB 137ms
70ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3199915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3550
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjugZoZEyH5hP6pujE4G%2B6KWd0mXF49DuiVU%2BAMrR%2BALAxhy9F9Zeiqcby2u9yZ70WYsbpgZntG7C4gsr6F1HvLyGsLiJCiVh%2B8S3dEoG48XOoywgm5fupDI%2BS2TJ4c9pJb5jo6mCYLz91fXHTjN5thY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83ded3a16c1bd977-HEL
expires: Fri, 20 Dec 2024 01:42:34 GMT

GET
H2 200 angular.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame EC16 104 KB
35 KB 106ms
39ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3360490
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35086
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-1a191"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTEDD2gW0F7HlClkHXl7hvegh1F%2Bh32WrrLzWPjdku0OI%2BffS4u0Yfq2hHiREtZw5n2UUJiRek%2F%2FA6petOGOBLy9RZ5hK4Ko4hlxVJLPpI%2F%2BkKzj2LOp%2Fdba4apalEuK1Lt9T8zsXPR5ThfK397s2gK3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83ded3a13bddd977-HEL
expires: Fri, 20 Dec 2024 01:42:34 GMT

GET
H2 200 angular-cookies.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame EC16 825 B
1 KB 113ms
46ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3273304
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 434
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-339"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mX2dto1osznjPT8RlJK4dmCjKJhfPJs%2FBdiegbY7vkpxARtTazvXybg0aO5IQkxAHCH3ihLKk3cAD9kttUHPZp81i%2BqdT4Po6OLhLD6ggRLNPlLA%2FqZdnliDTU4f7ZyQj8uI4vUBsNTzfn3Ds7gBlNzn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83ded3a13bded977-HEL
expires: Fri, 20 Dec 2024 01:42:34 GMT

GET
H2 200 angular-sanitize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame EC16 4 KB
2 KB 110ms
43ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3367715
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2171
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-11cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xoYGAg2UiQj9yOe2vbe3MbJqSxVQV1khTx9m7IHLoL1HeqT0P5x13eL0H4Vb3iKAblcS%2F1L1EdsuqiqsgCFY6a02Wq%2BJuZbJA4MaVpUwcl4IAAfYc9t9jvFHnowlvXf%2BClqqmqGVHCedITnofzv5Z7IE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83ded3a13bdfd977-HEL
expires: Fri, 20 Dec 2024 01:42:34 GMT

GET
H2 200 angular-touch.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame EC16 3 KB
2 KB 135ms
68ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-touch.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7135861f8a8768636a90c4fb777082380c84194319273624e88004ab2b9d98d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1922558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1321
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-ce0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qk7oAmxmmlSP3gOPVYce0hUlSltEZjyE7c6fAsllff%2F1kDCJJZZatLHDFGA64E1egYZabjNpuglAGsdUsYuejnvHZukDTZLXzrvjVWEimEeQY2v9V93ZeDkRWKRkVP1PTXNNCiXoH7NsRuh8wjW0JmzE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83ded3a13be1d977-HEL
expires: Fri, 20 Dec 2024 01:42:34 GMT

GET
H2 200 tmhDynamicLocale.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame EC16 3 KB
1 KB 137ms
71ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 775235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 953
last-modified: Mon, 04 May 2020 16:04:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d1b-ad6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqhkNDyy1C0XPMpk447FyINjNDQbKKZqeeBMJNl0FKgpfOPatS9w0qWDZ2Ih1Dmd7vBngdN284aXT6ICyGluo9eycfIOVEPEyfMUH%2FEx4tnIBnaFNb%2FSI29GWdyrPUybRi8jihMAp9ENA%2FviIuHOXlY0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83ded3a16c16d977-HEL
expires: Fri, 20 Dec 2024 01:42:34 GMT

GET
H2 200 angular-ui-utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame EC16 23 KB
8 KB 108ms
42ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1567989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7490
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-5b33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsqkQOC4MNvjezlTd5eXgHTVRNt1%2B1bvteGGqT3gSD%2BQWljoIfnuECFsyIx1sD2ui8dzbo5rjvwwwFDZungi0D8ReKvklE%2FI7S5q0nb12n7OhgvMCwPCjsZ8VxsoO%2F2XiA3ooZcZtgzbei5guxs%2B3%2Bky"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83ded3a13bd7d977-HEL
expires: Fri, 20 Dec 2024 01:42:34 GMT

GET
H2 200 angular-ui-ieshiv.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame EC16 2 KB
2 KB 104ms
38ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 841150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 910
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-93c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzKg4v%2F03oaeLNIg3ULPhHat%2FfAB%2BYAM3cuyVRsFE%2BlmQwJyKfTZ3e%2BcGg47Sm4e3WJAoaYp7GtBrnuoOCTBuAJ3ZfP6PO8d%2BObby5VNB4%2FgERkBEdP5qti8Sy1U0gbtNyAf2Jj2DU%2FxFX13lFObpx7u"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83ded3a13bd8d977-HEL
expires: Fri, 20 Dec 2024 01:42:34 GMT

GET
H2 200 angular-ui-router.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame EC16 20 KB
7 KB 110ms
44ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3199915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6934
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-4f8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ra7EHHOaPNDAdfsJT8EFwqmz9uE0JxmxqKE5MY2mrB%2Fqcfv9aye8gPXqKOW3ASvBObivhXOPXQpdtoU%2BwCIsSYqrEUV5oqMGsmRYseWBtc4lL4n515ypwixpyOsQjJONNIAYxTsQqH9ZVF%2F67J17fh28"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83ded3a13bd9d977-HEL
expires: Fri, 20 Dec 2024 01:42:34 GMT

GET
H2 200 anime.min.js Show response
cdnjs.cloudflare.com/ajax/libs/animejs/3.1.0/ Frame EC16 17 KB
7 KB 106ms
41ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animejs/3.1.0/anime.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3367666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6344
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-4377"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iewaw6lK3rxJIIFDa7APojF8zDzZqAgu4Xdt3n2%2ByFrt0Pi9Eb0FQmc%2BabAnpvKrGSv85y1SUr0%2Fjg9fwi4HpAMTynlNtMlzE2Mb5iEWrgIS0OIgbkVDBwVm%2BywlO61obfoT6LCDYDUuZzCu9OjubSI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83ded3a13bdbd977-HEL
expires: Fri, 20 Dec 2024 01:42:34 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ Frame EC16 579 KB
143 KB 226ms
71ms Script
text/javascript 18.154.63.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.63.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-63-19.dus51.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:41:56 GMT
content-encoding: br
via: 1.1 0c2e3c68974911a31f9fdb2f3522c7d0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 40
x-amz-cf-pop: DUS51-P4
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:47:18 GMT
server: Cloudfront
etag: W/"4ec63ff996d5aa25b29f0a90d2021ae0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 5IqfIJrNP_SS8SX6bGyMo3RyGtXwzWlM_tgJ3_ulNXCqLujtjFOw3g==

GET
H2 200 H4sIAAAAAAAA_03IvQ7CIBAA4BcqnAV_6mw6uDi5NxQuSIWj6XHq47sZty8fvFOI2CAkbuAf6J9Vmio1SEZYGLxwq0XNQiGjfn0u15sdrb9Pp709nIfjznaQ08zgKEp2m-q10cZA6gf6Xa7eZZyQlHAHFMHXUirBSorXRITbH_XCX533cdqVAAAA Show response
buy.tinypass.com/_sam/ Frame EC16 663 KB
161 KB 57ms
56ms Script
text/javascript 2606:4700::6812:eff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAA_03IvQ7CIBAA4BcqnAV_6mw6uDi5NxQuSIWj6XHq47sZty8fvFOI2CAkbuAf6J9Vmio1SEZYGLxwq0XNQiGjfn0u15sdrb9Pp709nIfjznaQ08zgKEp2m-q10cZA6gf6Xa7eZZyQlHAHFMHXUirBSorXRITbH_XCX533cdqVAAAA?compressed=true&v=16.84.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a134edef502f513d4b808acc892dcae58411a25be940a193b325c7a871cab378

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceActionId=showOffer7P0PLWRHGM4Y60&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-9bZuM&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=vxCIN3E3cT&zone=Web&browserId=lqstu4djdy5pgzhm&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2106&logType=offerShow&width=1600&_qh=2e7a9efbba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1977
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 17:45:44 GMT
wn: prod-dash-10-0-117-190
server: cloudflare
optimized-by: _sam
vary: Accept-Encoding
content-type: text/javascript
server-time: 0.014
cache-control: public, max-age=602340
cf-ray: 83ded3a0d91d4e1c-HEL
expires: Sun, 07 Jan 2024 01:01:34 GMT

GET
H2 200 sltrib_masthead_new_subtext_white.png
local.sltrib.com/marketing/ Frame EC16 28 KB
28 KB 158ms
157ms Image
image/png 69.16.220.201
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://local.sltrib.com/marketing/sltrib_masthead_new_subtext_white.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceActionId=showOffer7P0PLWRHGM4Y60&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-9bZuM&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=vxCIN3E3cT&zone=Web&browserId=lqstu4djdy5pgzhm&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2106&logType=offerShow&width=1600&_qh=2e7a9efbba
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.220.201 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host3.utahdigitalservices.com
Software: Apache /
Resource Hash: 99864675faf8dea302b09f4905d80f32a6ca510c9b1118d2692e0df0241c637d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
last-modified: Thu, 24 Dec 2020 18:51:09 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 28188
expires: Tue, 30 Jan 2024 01:42:34 GMT

GET
H2 200 trib_logo_white.png
local.sltrib.com/graphics/ Frame EC16 9 KB
10 KB 157ms
157ms Image
image/png 69.16.220.201
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://local.sltrib.com/graphics/trib_logo_white.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceActionId=showOffer7P0PLWRHGM4Y60&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-9bZuM&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=vxCIN3E3cT&zone=Web&browserId=lqstu4djdy5pgzhm&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2106&logType=offerShow&width=1600&_qh=2e7a9efbba
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.220.201 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host3.utahdigitalservices.com
Software: Apache /
Resource Hash: 1a5414e59027131d5ac994ba4fe4386b491145f34e86c9ffe90fb7ea968bcf0d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
last-modified: Thu, 13 Feb 2020 21:57:37 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9584
expires: Tue, 30 Jan 2024 01:42:34 GMT

GET
H3 200 bootstrap Show response
sltrib.coral.coralproject.net/embed/ 783 B
804 B 256ms
191ms XHR
application/json 35.244.156.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sltrib.coral.coralproject.net/embed/bootstrap

Requested by

Host: sltrib.coral.coralproject.net
URL: https://sltrib.coral.coralproject.net/assets/js/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.156.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

29.156.244.35.bc.googleusercontent.com

Software

Resource Hash

81eb2e6f2633cd882a38800f230cddfb414688c84ac6305db3c8f56d5d236bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-trace-id: decbc1b0-a77d-11ee-a517-1997b9bf9eb1
strict-transport-security: max-age=15552000
date: Sun, 31 Dec 2023 01:42:34 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
etag: W/"30f-4LSk6czgz6IRcRU6tjsr7ZWsOhQ"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-language: en-US
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 783
x-xss-protection: 1; mode=block

GET
BLOB 200
OK 69e29f01-b6ef-4d03-9b83-6b86b1455cdc
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/69e29f01-b6ef-4d03-9b83-6b86b1455cdc
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK df66ff53-3692-43fd-94ac-9544e7cb316b
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/df66ff53-3692-43fd-94ac-9544e7cb316b
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 73CC 200 B
1 KB 63ms
63ms Document
text/html 18.154.63.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.63.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-63-19.dus51.r.cloudfront.net

Software

Cloudfront /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buy.tinypass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 457
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 31 Dec 2023 01:35:31 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 0c2e3c68974911a31f9fdb2f3522c7d0.cloudfront.net (CloudFront)
x-amz-cf-id: cZ1aOJqfBWAt6yMMMm1W_6Xlvmt9Ektdadbcq9fd7Hok7CREOQQWiw==
x-amz-cf-pop: DUS51-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H3 200 trackShow Show response
buy.tinypass.com/checkout/offer/ Frame EC16 2 KB
1 KB 152ms
151ms XHR
application/json 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/trackShow

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2c0dcea2e86e7cff6744c40ecf505d1f2abe5af84167b55dbbf2da7b0f9e29a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Ng-Request: 1
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceActionId=showOffer7P0PLWRHGM4Y60&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-9bZuM&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=vxCIN3E3cT&zone=Web&browserId=lqstu4djdy5pgzhm&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2106&logType=offerShow&width=1600&_qh=2e7a9efbba
X-Requested-With: XMLHttpRequest
Piano-request-without-spinner: 1

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
x-request-id: Myqci6sRHAH
pragma: no-cache
wn: prod-dash-10-0-140-28
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buy.tinypass.com
server-time: 0.004
cache-control: no-cache, no-store, must-revalidate
cf-ray: 83ded3a3ccc04c78-HEL
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 getFraudPreventionConfig Show response
buy.tinypass.com/checkout/offer/ Frame EC16 105 B
502 B 146ms
146ms XHR
text/html 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/getFraudPreventionConfig?aid=vxCIN3E3cT

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6673ecb789e14846f160a808976dac23bdb84574485cb942cf46e94c792039f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Ng-Request: 1
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceActionId=showOffer7P0PLWRHGM4Y60&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-9bZuM&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=vxCIN3E3cT&zone=Web&browserId=lqstu4djdy5pgzhm&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2106&logType=offerShow&width=1600&_qh=2e7a9efbba
X-Requested-With: XMLHttpRequest
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: Myqci6sJrkP
pragma: no-cache
wn: prod-dash-10-0-117-127
server: cloudflare
content-type: text/html;charset=UTF-8
server-time: 0.000
cache-control: no-cache, no-store, must-revalidate
cf-ray: 83ded3a3ccc64c78-HEL
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 Loader.gif
buy.tinypass.com/widget/dist/checkout/css/img/ Frame EC16 15 KB
15 KB 46ms
46ms Image
image/gif 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy.tinypass.com/widget/dist/checkout/css/img/Loader.gif

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e0aa5339a3285b2d6414755ca5637fcc785edfafa9d51c29c48667a0cb825e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: HIT
age: 808
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
content-length: 15059
last-modified: Thu, 21 Dec 2023 17:46:02 GMT
wn: prod-dash-10-0-143-101
server: cloudflare
etag: W/"15059-1703180762000"
vary: Accept-Encoding
content-type: image/gif
server-time: 0.000
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 83ded3a3ccda4c78-HEL
expires: Sun, 31 Dec 2023 03:42:34 GMT

GET
H2 200 sdk-runtime-config.js Show response
buy.tinypass.com/api/v3/anon/assets/ 279 B
399 B 43ms
43ms XHR
application/json 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=vxCIN3E3cT

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25e2d078808cb6a79331f33d33031ae4285c2bf1dbd2a3b9d0b9b4cc44c934c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 5713
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: M9d7i6sV7X4
wn: prod-dash-10-0-123-58
last-modified: Sat, 30 Dec 2023 23:46:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.012
cache-control: public, max-age=14400
cf-ray: 83ded3a3d8424c8a-HEL
expires: Sun, 31 Dec 2023 05:42:34 GMT

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 73CC 526 B
1 KB 63ms
63ms Script
text/javascript 18.154.63.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.63.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-63-19.dus51.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:30:18 GMT
via: 1.1 0c2e3c68974911a31f9fdb2f3522c7d0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 786
x-amz-cf-pop: DUS51-P4
x-cache: Hit from cloudfront
content-length: 526
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: PuX-l4PeOyDyTeg8gc1le2D5M-St_y4FtkJpqvskNDw8J6NuYZKoZA==

POST
H2 200 csp-report
q.stripe.com/ Frame 73CC 0
717 B 603ms
187ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 31 Dec 2023 01:42:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703986955352040
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703986955351604
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 73CC 0
716 B 604ms
188ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 31 Dec 2023 01:42:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703986955352570
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703986955351595
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 JsResourse.ashx Show response
app.mirabelsmarketingmanager.com/fpv2/fps/ 52 KB
53 KB 623ms
235ms XHR
text/plain 52.12.68.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.mirabelsmarketingmanager.com/fpv2/fps/JsResourse.ashx?encsid=DCF4x4wqtp4,&enccid=rcCnDaOL-lw,&fpid=d642c1f2-3c86-4f87-8242-f88c6b9cd0dc&trackingUrl=HIfoicOddMFsPj6pIhUag2wljpopK4yI9456300cf5g,
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.12.68.237 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-12-68-237.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f62da789492d775482a8d2ab30b437411759db7cfcc8280e17b984acbd63acd1

Request headers

Accept: */*
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 31 Dec 2023 01:42:34 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
cache-control: private
access-control-allow-headers: Content-Type
content-length: 53605

GET
H/1.1 200
OK fetchdata
api.emailsnow.info/ 68 B
263 B 453ms
145ms Image
image/png 13.58.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.emailsnow.info/fetchdata?ref=&cid=rcCnDaOL-lw%2C&wid=DCF4x4wqtp4%2C&trackurl=HIfoicOddMFsPj6pIhUag2wljpopK4yI9456300cf5g%2C&uuid=419f768b-e2f6-46c7-8515-de3ffbc9e120&msg=asyncload&pageurl=https%3A%2F%2Fwww.sltrib.com%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F
Requested by: Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 13.58.98.49 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-98-49.us-east-2.compute.amazonaws.com
Software: nginx / Express
Resource Hash: cef4f8291e3a04c0285761f4bce1be1ba267090ce3078367eaab21653a48319b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 31 Dec 2023 01:42:35 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: Express
Content-Length: 68
Content-Type: image/png

GET
H2 200 inner.html Show response
m.stripe.network/ Frame DDEF 930 B
1 KB 183ms
55ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 79
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 31 Dec 2023 01:42:35 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 16
x-content-type-options: nosniff
x-request-id: 59e1578b-1550-4046-a36d-d17ed8e651df
x-served-by: cache-ams21021-AMS
x-timer: S1703986955.062911,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame DDEF 0
490 B 263ms
190ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.sltrib.com
URL: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 31 Dec 2023 01:42:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703986955351901
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1703986955351648
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame DDEF 87 KB
15 KB 55ms
55ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Sun, 31 Dec 2023 01:42:35 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 209
x-cache: HIT
content-length: 15509
x-request-id: 6554d2ee-f4e2-4607-9f54-6cf32bf0ed75
x-served-by: cache-ams21021-AMS
server: Fastly
x-timer: S1703986955.214901,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 37

POST
H2 200 6 Show response
m.stripe.com/ Frame DDEF 156 B
670 B 579ms
189ms XHR
application/json 44.233.104.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.233.104.20 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-233-104-20.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c170deded3e2725e47afb813d8023929631a0865d7482c56e60bcc617ba9fc63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 31 Dec 2023 01:42:35 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703986955768396
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1703986955767876
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 134ms
134ms Image
image/gif 44.194.80.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=sltrib.com&p=%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F&u=B9pyLODyPI0wBJ4-Lw&d=sltrib.com&g=65212&g0=Business&g1=Shannon%20Sollitt&n=1&f=00001&c=0.03&x=0&m=0&y=4520&o=1600&w=1200&j=30&R=1&W=0&I=0&E=1&e=1&r=&PA=https%3A%2F%2Fwww.sltrib.com%2Fnews%2Fbusiness%2F2023%2F12%2F19%2Famid-federal-fraud-accusations%2F&b=1284&t=CGUFG4Deh308BSmAN9DDGBc5DrKEKP&V=143&tz=-120&_hottopic=&_acct=anon&sn=2&sv=C-XJPWcyiv8DJpwhtBnHnAXCCu4wI&sr=external&sd=1&im=067b0ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.80.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-80-15.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 31 Dec 2023 01:42:35 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

POST
H2 204 /
684dd325.akstat.io/ 0
201 B 141ms
140ms Ping
image/gif 2a02:26f0:1700:38a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd325.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:1700:38a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 01:42:35 GMT
content-type: image/gif
access-control-allow-origin: https://www.sltrib.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Sun, 31 Dec 2023 01:42:35 GMT

GET
H/1.1

200
OK

results.txt Show response
xhgadonydbgzczmqy4fq-pp78d5-f8d1d85fa-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pp78d5o66
https://xhgadonydbgzczmqy4fq-pp78d5-f8d1d85fa-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

298ms
55ms

XHR
text/plain

184.24.77.166
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://xhgadonydbgzczmqy4fq-pp78d5-f8d1d85fa-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 184.24.77.166 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-166.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 01:42:36 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://xhgadonydbgzczmqy4fq-pp78d5-f8d1d85fa-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Sun, 31 Dec 2023 01:42:35 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
figpaqaaaatzakqce3yajaaab5szbryl-pp78d5-628c6eef9-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pp78d5o66
https://figpaqaaaatzakqce3yajaaab5szbryl-pp78d5-628c6eef9-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

270ms
55ms

XHR
text/plain

2a02:26f0:480:f::213:7ee3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://figpaqaaaatzakqce3yajaaab5szbryl-pp78d5-628c6eef9-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:480:f::213:7ee3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 01:42:36 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://figpaqaaaatzakqce3yajaaab5szbryl-pp78d5-628c6eef9-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Sun, 31 Dec 2023 01:42:35 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
BLOB 200
OK 9132e841-0eb3-42d1-b823-23021cdd13ed
https://www.sltrib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sltrib.com/9132e841-0eb3-42d1-b823-23021cdd13ed
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.sltrib.com/news/business/2023/12/19/amid-federal-fraud-accusations/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

Verdicts & Comments Add Verdict or Comment

249 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.sltrib.com/	1970-01-20 17:19:47	Name: arc-country Value: FI
.sltrib.com/	1970-01-20 17:19:50	Name: AKA_A2 Value: A
.sltrib.com/	1970-01-20 17:29:51	Name: RT Value: "z=1&dm=sltrib.com&si=i2kjzlpej2i&ss=lqstu3mj&sl=0&tt=0"
.sltrib.com/	1970-01-21 02:48:34	Name: _cb Value: B9pyLODyPI0wBJ4-Lw
.sltrib.com/	1970-01-21 02:48:34	Name: _chartbeat2 Value: .1703986953369.1703986953369.1.C-XJPWcyiv8DJpwhtBnHnAXCCu4wI.1
.sltrib.com/	1970-01-20 17:19:48	Name: _cb_svref Value: external
www.sltrib.com/	1970-01-21 02:05:22	Name: flipp-uid Value: b396309f-a2a7-43bf-9557-db42522147f7
.sltrib.com/	1970-01-20 19:29:22	Name: _rdt_uuid Value: 1703986953685.68ec5147-f738-40ca-9695-4401f3a9d619
www.sltrib.com/	1970-01-20 17:19:47	Name: __adblocker Value: false
.sltrib.com/	1970-01-21 02:55:46	Name: _ga_DC2TJEE08T Value: GS1.1.1703986953.1.0.1703986953.60.0.0
.sltrib.com/	1970-01-21 02:55:46	Name: _ga Value: GA1.1.3647788.1703986954
.pub.network/	1970-01-21 02:55:46	Name: _fsuid Value: cb2fa47b-4dac-4851-a439-80cfa26f8ede
.t.co/	1970-01-21 02:55:46	Name: muc_ads Value: 8cdfba90-94d0-47b0-beb0-c4aa60289280
.twitter.com/	1970-01-21 02:55:46	Name: personalization_id Value: "v1_/E034EJENupx3twocU2XCQ=="
www.sltrib.com/	1970-01-20 19:29:22	Name: __pnahc Value: 0
.doubleclick.net/	1970-01-21 02:41:22	Name: IDE Value: AHWqTUn5Hx5DXLp04qUipdGs1u6gd8ZI12koLB6UNdATE2T8Y67BzubdVPS5JLY6ZH0
.p.flipp.com/	1970-01-21 02:55:46	Name: gid Value: "W76/cQAHbon93Zq5EzA//w=="
.piano.io/	1970-01-20 17:19:48	Name: __cf_bm Value: PI5Mr6u5I75r1gEg5DPxD82nmi2dhf1V2zY9PAO2AUQ-1703986954-1-AWdrrlNGCc4FCYYsvFJZ0nPkMv3GjTJvbyT/Is1h5lUk+DKMQYny9Mci8LLr57XYErAY29yHAp8AshJ9IkiHVwc=
.sltrib.com/	1970-01-21 02:55:46	Name: __tbc Value: %7Bkpex%7DUsHn8eZ_AEREHKxSS-Q13_SBtBKnxAYBfogFWKM5ufQFBOPpJbk4kMeiBhuTskHY
www.sltrib.com/	1970-01-20 18:02:58	Name: __pat Value: -25200000
.sltrib.com/	1970-01-20 17:21:13	Name: __pvi Value: eyJpZCI6InYtbHFzdHU0ZG92OWY3dmM2MSIsImRvbWFpbiI6Ii5zbHRyaWIuY29tIiwidGltZSI6MTcwMzk4Njk1NDE5NH0%3D
.sltrib.com/	1970-01-21 02:55:46	Name: xbc Value: %7Bkpex%7DN6Z2LcJv03PWV-3jTw_P2o3IEVUSQpnLI1JOTrh4yAZWLke-9GK5H5nlx15YKTEGzZbFrxeda5Wod8aLEqO6RMiszRZGo4bjBZnqBwhvQOFK6RMwHlXsFEn_lLIM6SxjFOKTn8Cq4dfOX0LTZVNIGZZQZkXUPd9s25uDL3hDga-HZRywWiJ7P5cg8UD4wG9kjxlBM2qPCO_x0t_nz_DAnJTmnM10PZeBn-w3afLzNyIQF0j59mfkhhqFAgMNkLGkguK1u_puldvuD44lnTSmsQ
.tinypass.com/	1970-01-20 17:19:50	Name: ch_sid Value: zJvR4cLDqX2GtKe
.tinypass.com/	1970-01-21 02:55:46	Name: LANG Value: en_US
.tinypass.com/	1970-01-20 17:21:13	Name: LANG_CHANGED Value: en_US
.tinypass.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 6E2D457C00A2C0303A2CADDB934A2476
m.stripe.com/	1970-01-21 02:55:46	Name: m Value: 03d04f58-57f1-44b8-9ce2-dcfdc88362b4f63b6b

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/712559.gif?partner_uid=b396309f-a2a7-43bf-9557-db42522147f7 Message: Failed to load resource: the server responded with a status of 451 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security	max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

684dd325.akstat.io
8208269.fls.doubleclick.net
8234312.fls.doubleclick.net
a.pub.network
accounts.google.com
adservice.google.com
adservice.google.fi
ajax.googleapis.com
alb.reddit.com
analytics.twitter.com
api.emailsnow.info
app.mirabelsmarketingmanager.com
buy.tinypass.com
c.go-mpulse.net
c2.piano.io
cd.connatix.com
cdn-gateflipp.flippback.com
cdn.ads-flipp.com
cdn.tinypass.com
cdnjs.cloudflare.com
clickserv.basis.net
clickserv.sitescout.com
cloudfront-us-east-1.images.arcpublishing.com
cmp.osano.com
connect.facebook.net
d.pub.network
d1vg5xiq7qffdj.cloudfront.net
experience.tinypass.com
figpaqaaaatzakqce3yajaaab5szbryl-pp78d5-628c6eef9-clienttons-s.akamaihd.net
frontend-logger.flippback.com
idsync.rlcdn.com
js.adsrvr.org
js.stripe.com
local.sltrib.com
log.outbrainimg.com
m.stripe.com
m.stripe.network
mab.chartbeat.com
news.google.com
optimise.net
p.flipp.com
ping.chartbeat.net
pixel-a.basis.net
pixel.sitescout.com
q.stripe.com
region1.analytics.google.com
s.go-mpulse.net
securepubads.g.doubleclick.net
sltrib.coral.coralproject.net
static.ads-twitter.com
static.chartbeat.com
stats.g.doubleclick.net
t.co
tcheck.outbrainimg.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.google.fi
www.googletagmanager.com
www.npttech.com
www.queryly.com
www.redditstatic.com
www.sltrib.com
xhgadonydbgzczmqy4fq-pp78d5-f8d1d85fa-clientnsv4-s.akamaihd.net
104.244.42.5
104.244.42.67
108.138.15.119
108.157.4.32
108.157.4.79
13.58.98.49
146.75.116.157
151.101.128.176
151.101.193.140
172.64.146.152
18.154.63.19
18.173.233.15
18.66.147.112
184.24.77.145
184.24.77.166
184.30.17.67
2.19.100.22
2001:4860:4802:32::36
207.198.113.205
216.58.206.38
2600:9000:211e:2c00:3:b7e:8940:93a1
2600:9000:224a:c800:0:6f3c:65c0:21
2600:9000:243d:6e00:18:1fcd:353:c61
2606:4700:20::681a:d56
2606:4700:3030::6815:4222
2606:4700::6811:190e
2606:4700::6811:c376
2606:4700::6812:14ce
2606:4700::6812:b07e
2606:4700::6812:eff8
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9c
2a00:1450:400c:c02::54
2a02:26f0:1700:38a::11a6
2a02:26f0:480:18d::11a6
2a02:26f0:480:f::213:7ed3
2a02:26f0:480:f::213:7ee3
2a03:2880:f083:100:face:b00c:0:3
2a04:4e42:200::396
2a04:4e42:400::714
34.111.152.239
34.160.152.31
35.244.156.29
35.244.174.68
44.194.80.15
44.233.104.20
52.12.68.237
52.205.229.242
54.187.119.242
64.202.112.159
69.16.220.201
98.98.134.243
98.98.134.246
00a1ba435a3de8bdc6653829d42aaa28e3b97542eed600f49d79b2b047c61180
024f75110bb4694f95d65675f13805f9455346452eca5055327f427bb7c8af8c
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0e5b556c1deb9b6fabee7aa25090275dcbef138661e1fbbe2a7abc4f9e65ed02
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
1349f8a177348d0812701b1d014b76c7dba107cb9793792379e70cfeb35ed80d
172ed7ecc58dea02478906ba99bb6c121055ff4bf47b204535fc6b802da98cd0
1a4aa3f0ab750bc85dc9a30f3a2d1c9d5a76f71abc4054ec91b20966a9c87558
1a5414e59027131d5ac994ba4fe4386b491145f34e86c9ffe90fb7ea968bcf0d
1bd4bb9f8a82c504f6145b32aba59672185c06c622f2c6efe7a9d8467335d23a
1bfee3517f69ac00b1784a5d56c517f8306d309573f362d8110c415803e2125a
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1e0aa5339a3285b2d6414755ca5637fcc785edfafa9d51c29c48667a0cb825e9
2086a7127402b37189a7f8ed3b0899b840485db2bf4301883baf1c5f560f8270
25e2d078808cb6a79331f33d33031ae4285c2bf1dbd2a3b9d0b9b4cc44c934c3
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
26de8377601d40e80c29c4a0c274e8c9e697d519b1d53fea0e24ab8f0aadce77
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
2961b7a127e89a8bc8d0d1002b0fe87f90adb5b003e1a95e02941c57da6ebea7
2b3a2cee1a131e09db75b5e5a3558ee4c97dc82b937f359af18a17e8e7ed2170
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
2f5ec0118626853c74c86c3a42bce3e20e9cd23523770f327d197b1b98cc1200
325eb0ed9c4b2173718116d97c78e067f83311ed07570de76d154881bee92947
34f6f8b0d44c36048b74699e0ce8c3f941dfc3c070cd9b18d6ed7df622b1da91
3573eb0dc7280bf4d4dc8d9060f086375ebde06811386daddd48a5786e8978eb
359147570df38572b826f3bcbbbf49ced76930a5c9d2dfb453de8960d5ab7e62
35ad9a52f8696356f89ec6cfa987ab2fe0e920745bbf77f10fe24c54bd72fa1d
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
37e4ecedf0ab53a8f928507a9ae337f5871230f4525ce7e8070af4b21c17412d
385271bf8692ad6c01f9249958344dfe579db841c65a828c56955dda555a81dd
39657f7f198608406cab1de96720a22549e6b6d918db8dfdd0f5ef9ab84ef17c
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3b4afadbde544c4bcff673c56233c2aebf3acbe475a895594a0c5c58f2a444a8
3be78a38d333c2174cceb895573452f15a1fa42a222e7d4297c24b0c8c4f7140
3c08f22f37bc546a8fe7fa155a73765b4c1f0e661b76c22aa0b4a2175100a204
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3f2b51ecfe83a20af8e2999be5af696495d98bbbdf76dfc2536ff42121767c24
403f82f5023b7899ecc6ea3059c0b29c10d6719e7f8464e0625c8f5d02c9b69c
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
462f8a9becd0c3fe2ff5f35f32d9ec980cab1ae3a715b9f7ba03e544134d815c
47ab43cb31d9a3b5e0a91094ed9add9e6e236dac2d8ee22510387efc2dc3716f
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4985457f2a0b6f839f8cb2bd644fa3f7a76a08c994bc13107263e905ff39bdfd
49d21928347fc78411fd52873807c4e6928e7e22eb06db9f22ab39b7c9f960ba
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
4c899d160a287a2b8e58a27a128fec963032676ba6a7a2af2df8899c51e9815d
4ecb3d160f163065842699261af350c4c6f76b033e2c3f07e8d07d4f611c4361
50218b350ecd9694900e829cfc6c60e47693ef3cb35a07774414ef83a911f1b4
51c4a6455345fe16071d38af4d562b83137f24dda9600410f83a4a9cfea61994
569d879b43e4f604498456fe28e24d19f80d2d88158d9587e89586fc328d2e86
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5e53e9f5be78ec4c9e2a8573ce0d0ade84a1153190c63a6c742feef58652f587
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
654852bae73bad10f8626abb3d715dc5c69bd1833e7dd6842e0f9764410a7a78
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
6673ecb789e14846f160a808976dac23bdb84574485cb942cf46e94c792039f2
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
668c0ef605758b2a28ae572680986554e0097e2f10a749db8316b3cb1574806c
6a7dd3acbecddc653446803e807cea2b6a85f3c6c1a6cc349b751f5e965647ad
7135861f8a8768636a90c4fb777082380c84194319273624e88004ab2b9d98d2
72753bf20ed288ede24c8c12689fd3ec0aaaae976f5155d7b8d90eca316506b5
75d37dad55044aa4958a3763fb8c5205ce734a466b7f0b73d7ce861b3b40c893
79484ed27ed58f643913b2cc3da21a363accce52616b5132e8d499260a7123ac
7c6be826ee8253115ea7fd5563106ec34694fbf4dffd9a612bf23da311b19156
7eb2af8a6315d058a1e7b87fadf2070e8fc0b2449b0a89da20c5b912de500acd
81eb2e6f2633cd882a38800f230cddfb414688c84ac6305db3c8f56d5d236bb3
829731dcdf08025f3d898c8c3a68acb42b0496dcdd8fc61f85ec5dbbf6a69b02
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8f850627aa46412b56450f99c309fbfa8786f65a46b59746223cc135e2535b46
9041f63adc7ef5badf30edfdd51d94832df52c6a93c52ba91ea270c107847b82
93fc8b658124ff5537f0f4d764d1ab052431db7356744319851ec3b69d5c5511
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
96d8265c72202cf402b09e32fe3edd623301bf96e76de303fde12e0f51fa43d6
9861186691b9a7b1f8b89e460d89d895b02935e8c7ed965b95ca1ba5755bf990
99864675faf8dea302b09f4905d80f32a6ca510c9b1118d2692e0df0241c637d
99ea88b2ec9a13e0bec9e257857842db1bc167c2c9e3d79b722a634cd1a9f154
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a134edef502f513d4b808acc892dcae58411a25be940a193b325c7a871cab378
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a6b9ca255d1b81f64849a3e0412ee94a858f10baafb862bfd715541afdb012df
aa21d0ddbc7cb318d1367bab72630267ec09559a269a23672cebf582d36386ca
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adba213b8c26402c1b493e340b02d0d9a596395fa867437b078ae6cbcffe4ff5
ae92b25069a3b5c0ddcdeb529b23d4f4ae9c5c08ae9cc44f4bfda111ea11205a
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b2b6a09251dfdb96bb8a73aeabee416131dfe2a4410bccfaa2f4d089a6642051
b3074e2cf0b12bcf10b46ed42bbe45b43ddfb868a7434b8e7b45ec387924c09a
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6322113217b4fac79ad5b27613c9c66d466e67fad90363e743c87df4843acd7
b7904357fc77f852df562ee472411192d4c4e32ca8bceba08a6e49b213eddc56
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bf51f32a4029603ed8577590b6c5ffa57f785031a099c6c38fa65e3f6e86c0ed
c170deded3e2725e47afb813d8023929631a0865d7482c56e60bcc617ba9fc63
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
cc700110203601f1fbc7fcc5dcc3ba06ec408655bc3375e58a33b94a2e1272a8
cef4f8291e3a04c0285761f4bce1be1ba267090ce3078367eaab21653a48319b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d4cb72cdcd000647661afe6e10843ba544f5350523c9fe1087827c8703fe0732
d8f35a67f2129d433d9a690160ea7f637686033f5055199a7788f1bb500fe0e6
daa1edaed7a52ef5e58076fae4f957161f41b064a204c2005f98bad426363f7f
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e2c0dcea2e86e7cff6744c40ecf505d1f2abe5af84167b55dbbf2da7b0f9e29a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec18ebaedb655fd8c94eb9c8160e218920dbe41c7059171f06c03d0dedd5010a
ec9ccd687dbd08683d9cd38a4e6a11cbb107d416a3ea8cf3d369b2fa88d352ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f62da789492d775482a8d2ab30b437411759db7cfcc8280e17b984acbd63acd1
f72611e2df8e88204009fd896d05d5e8e83c77009c63943bbffa169559934849
f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f
f8a691e6f523905cca35f8488a78ceadbaa81c057adf1b5a4817871ad27bf787
f90823be8ca5100f66733c6283adb089097d06623f8c2a3ac393a035c0ee3e55
feab834cbe0ea30e440b839ac54c95d7bd0bcae77bc470dbc7e4141c66b2296a

www.sltrib.com Open in urlscan Pro 2a02:26f0:480:f::213:7ed3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

170 Requests

84 %HTTPS

46 %IPv6

42 Domains

65 Subdomains

58 IPs

3 Countries

3449 kBTransfer

11396 kBSize

27 Cookies

13 Outgoing links

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sltrib.com Open in urlscan Pro
2a02:26f0:480:f::213:7ed3 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

84 %
HTTPS

46 %
IPv6

42
Domains

65
Subdomains

58
IPs

3
Countries

3449 kB
Transfer

11396 kB
Size

27
Cookies

170 HTTP transactions
2 data transactions